Regulatory compliance and standard requirements

Cyber Runway programme supports new security businesses

The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses Continue Reading

Hospitals see cyber security investment as a low priority

Almost half of hospitals have experienced an IT shutdown as a result of a cyber attack in the past six months, but just over one in 10 hospital executives see cyber security investment as a high priority Continue Reading

The Netherlands still lacks digital resilience, says report

Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient Continue Reading

Third of finance firms accelerate use of artificial intelligence to detect money laundering

Financial services firms are stepping up their use of artificial intelligence and machine learning technology to fight increasing money laundering activity Continue Reading

Real-time data analytics in action

In this week’s Computer Weekly, we examine the emerging applications of real-time analytics and highlight the challenges for businesses to maximise the benefits. EU experts are calling for reform of US surveillance laws – we look at the issues. And we talk to the co-CEO of HR software giant Workday. Read the issue now. Continue Reading

Researchers uncover database with 126 million unsecured records

Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns Continue Reading

Leading venture capital firms are failing to protect human rights

Venture capital firms and high-profile tech accelerators are not conducting human rights due diligence on their investments, which means they cannot be sure the companies they invest in are not causing, or contributing to, human rights abuses Continue Reading

Disaster recovery for SMEs: Five key areas to consider

We look at key disaster recovery considerations for SMEs, including why backup is not enough, how to create a disaster recovery plan, best-practice DR testing and DR as a service Continue Reading

Five tips to ensure your crisis comms plan is ready for a cyber attack

Business leaders take note: standard crisis communications plans are inadequate if you have fallen victim to a cyber attack. HPL’s Ted Birkhahn shares five tips to make sure you are ready to face the public Continue Reading

Government publishes second version of digital identity trust framework

The second iteration of the framework, still in alpha version, sets out how organisations can become certified digital identity service providers Continue Reading

Investigatory Powers Tribunal finds UK spy agencies unlawfully collected personal data

Campaign groups Privacy International and Liberty are gearing up to bring further legal action after a court found that UK spy agencies unlawfully collected phone and internet records Continue Reading

Almost half unaware of GP data-sharing plans

Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign Continue Reading

Security Think Tank: Consider cyber policies and procedures as you welcome employees back

With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading

ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower

The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank Continue Reading

TikTok sets up cyber security hub in Dublin

Dublin-based cyber centre will oversee the security of TikTok’s users across Europe Continue Reading

How IBM is solving the data privacy problem

IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy Continue Reading

OAIC: Uber failed to protect personal data of Australians

Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog Continue Reading

How the UK Cyber Security Council plans to professionalise security

As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is Continue Reading

Respect in Security challenges abuse and harassment in cyber

With around a third of cyber pros saying they have personally experienced harassment at work or online, a new initiative is urging organisations to pledge their support to help free the community from the scourge of abuse. We met its founders Continue Reading

Five ways to ensure remote working security and compliance

A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading

France’s Macron among alleged Pegasus targets

Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware Continue Reading

NHS Digital tightens rules for GPDPR data scrape

The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital Continue Reading

Security Think Tank: A return to the office is not a return to normal

With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading

Privacy Shield: One year on and companies are still grappling for answers

Activist lawyer Max Schrems and Eduardo Ustaran, partner at Hogan Lovells, look for common ground in a problem with no easy answers Continue Reading

Macquarie Data Centres to build Sydney North facility

Macquarie Data Centres’ latest 32MW facility will come with a cyber security centre that monitors and manages cyber security events Continue Reading

Lawyers take EncroChat hacking operation to French supreme court

Lawyers head to French supreme court after appeals court finds EnroChat inception legal under French law Continue Reading

Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study

EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield Continue Reading

Singapore to invest S$50m in ‘digital trust’ capabilities

The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management Continue Reading

Regional cyber clusters score £700k of funding

DCMS has awarded £700,000 of funding to a network of 20 regional cyber clusters Continue Reading

Secureworks sets up in EU datacentre for XDR services

New datacentre location helps Secureworks’ customers meet EU data residency requirements Continue Reading

UK Cyber Security Council calls for new push on training

Too many companies have cut back on security training and development during the pandemic, says UK Cyber Security Council Continue Reading

Met Police seize £180m worth of Bitcoin

The largest ever seizure of cryptocurrency in the UK comes just weeks after a previous multi-million pound confiscation, as law enforcement clamps down on money laundering Continue Reading

Kaseya VSA services coming online after week-long outage

Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online Continue Reading

Professionals need protection from the Computer Misuse Act

The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act Continue Reading

Choose the right ITSM tool for digital era success

IT service management (ITSM) tools are essential for many organisations to help optimise the design, delivery, support, use and governance of IT, but not all ITSM solutions are created equal, therefore selecting the right one is crucial Continue Reading

Why identity is the central problem for the future of the internet

As debate rages over who has the right to control user identities online, is the concept of decentralised identity about to have its day? Continue Reading

Security Think Tank: Reopening is an opportunity to reassess wider security posture

With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading

US government given permission to appeal UK’s decision to not extradite Julian Assange

US offers assurances that Assange could serve time in his home country of Australia if convicted Continue Reading

ICO to probe Hancock over private email use

Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business Continue Reading

How the UK Cyber Security Council plans to professionalise security

As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is Continue Reading

Cyber insurance costs up by a third

The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance Continue Reading

BA reaches settlement in data breach group action

A group action against BA following its 2018 data breach has been successfully settled Continue Reading

Berlin court finds EncroChat intercept evidence cannot be used in criminal trials

In a major setback for police hacking operations, Berlin’s regional court has decided that intercepted data from the EncroChat phone network should not be used in criminal prosecutions Continue Reading

The secret to building a future-proof cyber security team

In a post-pandemic digital world, where cyber criminals see a feast of opportunities, what are the secrets to building a world-class cyber security function? Continue Reading

Cyber attackers up the ante on embattled IT teams

Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements Continue Reading

US Cybersecurity and Infrastructure Security Agency launches ransomware assessment tool

Newly launched service will help US organisations understand how prepared they are to deal with a ransomware attack Continue Reading

Nominations open for 2021 Security Serious Unsung Heroes Awards

Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators Continue Reading

Half of mobile phones sold in the UK at risk of security issues

Lengthy mobile phone contracts leave buyers at risk of their devices losing support for security updates Continue Reading

LinkedIn denies exposure of 700 million user records is a data breach

Data relating to 700 million users of the LinkedIn networking platform has appeared for sale, but the firm says it is the victim of data scraping, not a security breach Continue Reading

UK data exchanges with EU can continue after adequacy decision - but for how long?

For now European businesses can continue to send data to the UK without additional safeguards and paperwork. How long will it last? Continue Reading

UK Cyber Security Council launches inaugural initiatives

Security association seeks to determine terms of reference for committees to oversee standards and ethics, and qualifications and careers in the cyber sector Continue Reading

EU recognises UK data protection adequacy but warns against divergence

The European Commission has granted the UK data adequacy, allowing data sharing between the EU and the UK, but warns it may yet be revoked Continue Reading

Insurers unprepared for challenges of underwriting ransomware

RUSI think tank calls for an industry-wide reset amid intense challenges for providers of cyber security insurance Continue Reading

UK’s FCA bans crypto exchange Binance as crackdown spreads

Ban on Binance Markets comes amid a wider global crackdown on the largely unregulated global market for cryptocurrencies and related assets. Continue Reading

HMRC-branded phishing scams surge despite protections

The number of HMRC-branded phishing scams surged 87% in the past 12 months, according to latest revealed figures Continue Reading

How CIOs can help their organisations accelerate digital transformation

Companies need to win the trust of their customers to gather the data they need to transform their businesses Continue Reading

NCSC CEO: UK-Ireland collaboration crucial to stop cyber threats

Speaking at a conference in Dublin, NCSC Lindy Cameron is highlighting the importance of continued collaboration between the UK and Ireland to protect shared interests and counter security threats Continue Reading

CMA to probe Amazon and Google over fake reviews

The CMA has opened an investigation into Amazon and Google over possible breaches of consumer protection law Continue Reading

Google hands third-party cookies a stay of execution

Google’s proposed Privacy Sandbox initiative – which will see third-party cookies phased out in the Chrome web browser – has been pushed back to 2023 Continue Reading

Revealed: Crypto platform’s role in Cl0p ransomware raid

Crypto infrastructure provider Binance provided assistance to law enforcement after finding its exchange was being used by cyber criminals to launder their ransomware profits Continue Reading

Make ransomware payments illegal, say 79% of cyber pros

Report produced for MSSP Talion claims overwhelming support for the criminalisation of ransomware payments Continue Reading

City of York picks Barracuda Networks for data protection

York Council needed to refresh its backup service to bring new security protections after it went ‘all-in’ on Microsoft Office 365 Continue Reading

European Union to set up new cyber response unit

Proposed Joint Cyber Unit will tackle a rising number of serious incidents impacting public services, businesses and citizens of the EU Continue Reading

Openness can protect Dutch companies against ransomware

Dutch businesses that suffer ransomware attacks need to be more open about it, if this growing problem is to be brought under control Continue Reading

SonicWall sees 226.3 million ransomware attack attempts this year

SonicWall detected 226.3 million attempted ransomware attacks between January and May 2021, more than double the number seen in the same period last year Continue Reading

Innova and RISE drive node development in Sweden

Swedish cyber security project, National Node, opens its doors to the country’s security firms Continue Reading

European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption

Proposals by European Commission to search for illegal material could mean the end of private messaging and emails Continue Reading

ICO issues guidance on facial recognition in public spaces

Information commissioner’s concern over the problematic use of facial recognition in public spaces has prompted her to publish official guidance on its deployment, while civil society calls for an outright ban Continue Reading

Lorca Ignite programme targets breakout cyber talent

Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme Continue Reading

Biden tackles Putin on ransomware at Geneva summit

Discussions between Joe Biden and Vladimir Putin on cyber crime appear to have been somewhat positive, but the path ahead remains unclear Continue Reading

Organisations cannot rely on cyber insurance to cover losses

Ransomware attacks have become a big driver of cyber insurance claims, but insurance must not be relied upon as a failsafe, says a report Continue Reading

NHS Test and Trace picks Risk Ledger to secure supply chain

Risk Ledger’s technology promises ‘unparalleled’ visibility into NHS Test and Trace’s supply chain Continue Reading

Privacy pro salaries rise throughout pandemic, but at a cost

Data from the IAPP’s latest salary survey reveals some insight into how the pandemic impacted the privacy profession Continue Reading

The Security Interviews: How to build a government model to ‘hack for good’

Kyle Hanslovan started Huntress to give back after a career in the intelligence sector. After US authorities took action to help people hit by the Microsoft Exchange attacks, we discussed how governments can ‘hack for good’ Continue Reading

G7 commits to action on ransomware, digital privacy

The G7 urges Russia to do more to hold criminal ransomware gangs operating from within its borders to account as it commits to more action on the issue Continue Reading

Europe’s proposed AI regulation falls short on protecting rights

The European Commission’s proposal for artificial intelligence regulation focuses on creating a risk-based, market-led approach replete with self-assessments, transparency procedures and technical standards, but critics warn it falls short of being able to protect people’s fundamental rights and mitigating the technology’s worst abuses Continue Reading

FBI planned a sting against An0m cryptophone users over drinks with Australian investigators

Australian Federal Police and the FBI came up with the idea over drinks: build a cryptophone network with a built-in backdoor and sell it to crime gangs around the world Continue Reading

CMA secures commitments from Google on future of cookies

The Competition and Markets Authority is opening a consultation on commitments offered to it by Google to ensure its Privacy Sandbox proposals do not harm digital advertising markets Continue Reading

UK promises tougher line on cyber crime

Speaking ahead of the G7 Summit, foreign secretary Dominic Raab says the UK is ready to take on cyber criminals and other malicious actors wherever they may be Continue Reading

Australia names ‘strategic’ datacentre operators

Australia’s Digital Transformation Agency certifies Macquarie Telecom, Canberra Data Centres and Australian Data Centres as strategic operators for hosting government data Continue Reading

How the pandemic changed backup

The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading

Australian organisations face heightened cyber attacks

Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020 Continue Reading

FBI arrests distributors accused of selling An0m encrypted phones to crime groups

Working with overseas law enforcement, the FBI has arrested eight people and named a further 13 accused of distributing An0m phones to organised crime groups Continue Reading

RSA spins out fraud and risk unit as Outseer

RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer Continue Reading

NHS Digital delays data collection plans until September

NHS Digital has postponed its proposed collection of GP data for two months, to allow more time for the public to understand the process and opt out if wanted Continue Reading

National data guardian calls for dialogue on NHS Digital GP plans

The UK’s national data guardian says it is important the public has clarity on how their confidential medical information will be used and kept secure under NHS data-sharing plans Continue Reading

Police raids around world after investigators crack An0m cryptophone app in major hacking operation

Police in 16 countries carried out raids on after Australian Police and the FBI cracked an encrypted An0M communications network used by crime groups Continue Reading

EU privacy chief investigates use of US cloud services

Use of Amazon and Microsoft’s cloud services by public sector bodies in the European Union is being scrutinised by the bloc’s privacy watchdog Continue Reading

NHS Digital’s GP data-scraping plan must be publicised and delayed

The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman Continue Reading

Updated standard contractual clauses will provide ‘legal certainty’ for transfer of data

Organisations have 18 months to update data transfer agreements, known as standard contractual clauses, or SCCs, to continue sharing data outside the European Union Continue Reading

Norway’s auditor general lifts lid on energy industry’s cyber security risks

Auditor General’s Office questions the security posture of Norway’s energy industry Continue Reading

Tories fined over email data protection breaches

The Conservative Party broke the law by failing to properly keep records of who had unsubscribed from its mailing list Continue Reading

Buying a VPN? Here’s what you need to know

VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading

Long-term thinking is vital to secure UK’s critical infrastructure

To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie Continue Reading

Exagrid pays $2.6m to Conti ransomware attackers

Backup appliance specialist hit by Conti ransomware in May with cyber criminals downloading employee and customer data, confidential contracts and source code Continue Reading

Ex-IT manager stole over £800,000 from NHS trust

A former senior IT manager at an Essex NHS trust has pleaded guilty to defrauding his employer out of more than £800,000 Continue Reading

Privacy experts concerned over NHS data collection plans

Security and data privacy experts warn NHS Digital that its data collection plans could increase risk and cause a public backlash Continue Reading

Loss of 150,000 police records made worse by management failures

The loss of 150,000 records from a number of national policing systems was caused by a human coding error, but made worse by process and management failures Continue Reading

NGOs file complaints against Clearview AI in five countries

Privacy and human rights organisations have asked data protection regulators in the UK, France, Austria, Italy and Greece to investigate controversial facial recognition company Clearview AI Continue Reading

Millions of pounds lost to crypto fraud on social media

More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud Continue Reading