Security policy and user awareness
-
News
20 Sep 2023
Parliament passes sweeping Online Safety Bill but tech companies still concerned over encryption
Ofcom will consult on standards to enforce new powers, but tech companies remain concerned about the impact of the bill’s ‘spy clause’, which could require them to scan encrypted messages Continue Reading
-
News
20 Sep 2023
Organisations failing to proactively address insider cyber risk
Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk Continue Reading
-
Feature
27 Oct 2020
Zero-trust network policies should reflect varied threats
Role-based access systems create enormous pools of responsibility for administrators. Explore how to eliminate these insecure pools of trust with zero-trust network policies. Continue Reading
-
Feature
27 Oct 2020
Zero-trust methodology's popularity a double-edged sword
The authors of 'Zero Trust Networks' discuss how the zero-trust methodology's popularity produces both vendor hype and renewed attention to critical areas of security weakness. Continue Reading
-
News
27 Oct 2020
Calls for clarity over Amazon insider breach
Security experts call for more clarity from Amazon over an apparent leak of customer data Continue Reading
-
News
27 Oct 2020
Sopra Steria hit by new version of Ryuk ransomware
IT services company Sopra Steria says it has contained the ransomware virus, but systems will take a few weeks to be fully operational Continue Reading
-
News
27 Oct 2020
APAC CISOs warm up to zero trust
Security leaders in Asia-Pacific are adopting zero-trust security, but challenges stand in their way of reaping the full potential of the security model Continue Reading
-
News
26 Oct 2020
Cooperation between Norway’s security agencies planned following cyber attack on parliament
Government seeks to develop enhanced national IT infrastructure with an embedded early warning system and defence shield to protect the IT systems of public and private organisations Continue Reading
-
News
22 Oct 2020
SonicWall patches 11 firewall vulnerabilities
SonicWall users are advised to download updates that fix 11 CVEs in the SonicOS operating system, uncovered by Positive Technologies Continue Reading
-
News
22 Oct 2020
Protecting remote workers an opportunity to do security better
Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report Continue Reading
-
News
21 Oct 2020
NSA’s top CVE list a timely reminder to patch
Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies Continue Reading
-
News
21 Oct 2020
Charities warned over ‘Robin Hood’ cyber criminals
Accepting donations from cyber criminal groups could be deemed as profiting from crime, money laundering or handling stolen goods – so don’t do it Continue Reading
-
News
21 Oct 2020
Customer loyalty accounts in danger from cyber criminals
Billions of credential stuffing attacks are harvesting valuable customer data for the dark web economy Continue Reading
-
Feature
21 Oct 2020
Why securing the DNS layer is crucial to fight cyber crime
Domain name system security is often overlooked by organisations, but focusing on this layer could actually improve the effectiveness of cyber security strategies. We explore the latest DNS trends and best practice Continue Reading
-
News
21 Oct 2020
Retailers get access to new security toolkit
The British Retail Consortium has worked with the NCSC to develop a new cyber security toolkit pitched at retailers Continue Reading
-
Opinion
21 Oct 2020
Security Think Tank: Essential tools to mitigate double extortion attacks
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
20 Oct 2020
Resilient Trickbot down but not yet knocked out
Global, Microsoft-led effort to disrupt the Trickbot botnet has seen some success, but new command and control servers continue to pop up Continue Reading
-
News
20 Oct 2020
Police given access to self-isolation data
NHS Test and Trace self-isolation data will be made available to police after new guidance changes data-sharing rules Continue Reading
-
News
20 Oct 2020
BA breach penalty sets new GDPR precedents
The 90% reduction in the fine levied on BA over a 2018 data breach has legal experts talking about the ramifications for the future of data protection Continue Reading
-
Podcast
20 Oct 2020
Podcast: Cybersecurity Awareness Month, Covid-19 and storage
We look at how organisations can use Cybersecurity Awareness Month as an opportunity to revisit their handling of data and compliance, especially with changes brought by Covid-19 and home working Continue Reading
-
Opinion
16 Oct 2020
Security Think Tank: Safeguarding PII in the current threat landscape
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
15 Oct 2020
Cloud data protection keeps the Crick’s medical research Covid-secure
Cloud data management services from Rubrik gave the Francis Crick Institute a data protection edge and have helped keep its vital work going through the pandemic Continue Reading
-
Opinion
15 Oct 2020
Security Think Tank: Essential tools to mitigate data loss and identity theft
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
15 Oct 2020
Hackney services still offline in ongoing cyber attack
Services remain disrupted two days after council was hit by a serious incident, as residents are warned to be on their guard Continue Reading
-
News
14 Oct 2020
Public sector security failings leave UK at risk, says think tank
Reform report urges adoption of new policies in the next version of the UK’s National Cyber Security Strategy Continue Reading
-
News
14 Oct 2020
US Elections: Malicious internet domains spike as campaigns heat up
Internet domains related to the US presidential election are 56% more likely to be malicious than regular ones Continue Reading
-
News
14 Oct 2020
Fintech ‘unicorn’ Klarna probed over data misuse
Online bank blames misuse of user data on human error as Information Commissioner’s Office weighs in Continue Reading
-
News
14 Oct 2020
Microsoft fixes 87 bugs in October 2020 Patch Tuesday
Smaller October Patch Tuesday update includes fixes for critical bugs in Windows 10 and Windows Server 2019 Continue Reading
-
Opinion
14 Oct 2020
Security Think Tank: Adapting defences to evolving ransomware and cyber crime
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
13 Oct 2020
Suppliers neglecting virtual appliance security, putting users at risk
Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report Continue Reading
-
Opinion
13 Oct 2020
Security Think Tank: What you need to know about addressing the doxing threat
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
12 Oct 2020
Five Eyes spy group again demands access to private messages
Spooks are once again calling for the tech industry to break end-to-end encryption in messaging platforms Continue Reading
-
News
12 Oct 2020
Cyber security skills ad branded ‘crass’ by minister
Security skills campaign advert depicting a ballet dancer comes in for criticism as the arts sector struggles in the pandemic Continue Reading
-
News
12 Oct 2020
Making sense of zero-trust security
Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint Continue Reading
-
Opinion
12 Oct 2020
Security Think Tank: Tighten data and access controls to stop identity theft
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
08 Oct 2020
NCSC relaunches SME security guide with home working focus
The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020 Continue Reading
-
News
08 Oct 2020
Emotet rated September’s ‘most popular’ malware
The current resurgence of Emotet is attracting attention as governments issue new warnings and cyber criminals rush to exploit the chaotic US election Continue Reading
-
News
08 Oct 2020
Crown Prosecution Service suffers 1,600 data breaches in 12 months
CPS sees a spike in data security incidents, many of them serious enough to be reported to the Information Commissioner’s Office Continue Reading
-
News
08 Oct 2020
Threat of GDPR fines increasingly driving security buying decisions
Scaring the people who hold the purse strings may be the best option for CISOs who need a little extra budget Continue Reading
-
News
07 Oct 2020
Southeast Asia remains hotspot for cyber attacks
Geopolitics and Covid-19 have been fodder for cyber criminals to advance their motives in Southeast Asia in 2020 Continue Reading
-
News
06 Oct 2020
EU’s top court questions legality of UK phone and internet data surveillance
European Court of Justice rules that the UK and EU member states must comply with EU privacy laws when harvesting people’s sensitive communications data from telecoms and internet companies Continue Reading
-
Opinion
06 Oct 2020
The privacy and compliance challenges organisations face in 2021
Privacy and compliance teams have a lot on their plate as 2021 approaches. What are the key issues to consider? Continue Reading
-
News
06 Oct 2020
Ransomware attacks go through the roof
The volume of ransomware attacks has jumped 50% in the past three months, according to data produced at Check Point Continue Reading
-
News
05 Oct 2020
MosaicRegressor APT campaign using rare malware variant
Kaspersky researchers have shared details of a APT campaign utilising a rarely seen and hard-to-stop variety of malware Continue Reading
-
News
05 Oct 2020
Fake news tops list of online concerns worldwide
Receiving false information is a greater worry than other online risks such as cyber bullying and fraud, says the Lloyd’s Register Foundation Continue Reading
-
News
05 Oct 2020
HMRC warns locked-down freshers of ‘wave’ of tax scams
New university intake may be being targeted by cyber criminals amid Covid-19 confusion Continue Reading
-
News
02 Oct 2020
Honesty is the best policy: Forging a security culture in the NHS
Clinician and technologist Sam Shah helped set up NHSX in 2019. Now he’s helping advance digital transformation in healthcare from the outside, and a big part of that is addressing security in the sector Continue Reading
-
News
02 Oct 2020
Security pros face sanctions if they help ransomware victims pay
New advisory from the US government warns cyber insurance and incident response specialists that they could be skating on thin ice if they help ransomware victims pay their attackers off Continue Reading
-
News
02 Oct 2020
Find and fix your Adobe Flash dependencies, says NCSC
As Adobe’s Flash Player approaches end-of-life, the National Cyber Security Centre is urging organisations to fix their Flash dependencies Continue Reading
-
News
29 Sep 2020
Threat actors becoming vastly more sophisticated
Malicious actors have been busily honing their craft and cyber security incidents are up across the board as a result, according to a Microsoft report Continue Reading
-
News
29 Sep 2020
NCSC expands schools programme to north-east England and Northern Ireland
Following an initial roll-out in Gloucestershire and Wales, the NCSC’s CyberFirst Schools programme is being extended to north-east England and Northern Ireland Continue Reading
-
News
29 Sep 2020
NatWest offers online banking customers free security services
Bank responds to a surge in cyber crime targeting users of online banking services Continue Reading
-
News
29 Sep 2020
Ryuk attack downs private health provider in major incident
Private healthcare provider UHS has been been hit by a major big game hunting cyber attack that infected its systems with the Ryuk ransomware Continue Reading
-
News
28 Sep 2020
TikTok ban stayed after last-minute court case
TikTok’s lawyers have staved off an imminent ban for the time being, after successfully arguing that it infringed rights guaranteed under the Constitution of the United States Continue Reading
-
News
28 Sep 2020
Police Scotland to set up new cyber crime centre
National Centre of Excellence will employ specially trained officers to tackle a vertiginous rise in cyber crime Continue Reading
-
News
28 Sep 2020
Security now main driving force behind digital transformation
Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda Continue Reading
-
News
28 Sep 2020
Airbnb hosts’ account data exposed in internal leak
Data exposure within Airbnb’s system was the result of a technical issue but was swiftly fixed, says the firm Continue Reading
-
Blog Post
25 Sep 2020
Digital Identity Policy must address Fake (and Fogged) Credentials
Banks and employers cannot afford to trust the credentials (digital or otherwise) issued by Government or mandated by regulators (e.g. Passports, Driving Licenses or Utility Bills) until the issues ... Continue Reading
-
Opinion
25 Sep 2020
Covid-19 has changed how we think about cyber security forever
Six months into the global pandemic, the true impact on the future of cyber security is beginning to look clearer, says Microsoft’s Ann Johnson Continue Reading
-
News
24 Sep 2020
Third-party code bug left Instagram users at risk of account takeover
A critical vulnerability in Instagram’s image processing could have allowed attackers to take over not just their victim’s account, but their entire device Continue Reading
-
News
24 Sep 2020
NHS whistleblower privacy concerns passed on to regulator, but campaigners not holding their breath
NHS Improvement chair Dido Harding acknowledges receiving concerns raised about the anonymity of whistleblowers, but campaigners have little faith that anything will be done Continue Reading
-
News
24 Sep 2020
Government blasted over ‘reckless’ contact-tracing security
The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security Continue Reading
-
News
23 Sep 2020
Public admires security professionals, but doesn’t want their jobs
(ISC)² research finds attitudes towards security roles are increasingly positive, but not many people fancy joining the fight against cyber crime Continue Reading
-
News
23 Sep 2020
Video gamers barraged with cyber attacks
From credential stuffing to SQL injection and DDoS, video game producers and players are seeing massive volumes of cyber attacks Continue Reading
-
News
23 Sep 2020
US agencies warn of election disinformation and cyber attacks
Federal agencies are warning of heightened disinformation as the crucial 2020 presidential election nears Continue Reading
-
News
22 Sep 2020
Activision shoots down data breach claims
Gaming company denies there has been any data breach after up to 500,000 accounts appeared to have been compromised, but evidence mounts that credential stuffing attacks are to blame Continue Reading
-
News
22 Sep 2020
Scam mobile apps spreading via rogue TikTok accounts
Malicious TikTok accounts are promoting a number of adware scam mobile apps Continue Reading
-
News
21 Sep 2020
Trump implicated in plans to prosecute Assange over war leaks
US journalist and Trump supporter, Cassandra Fairbanks, said she was given advanced details of US plans to oust Wikileaks founder Julian Assange from the Ecuadorian Embassy and to arrest him for over documents leaked by former soldier Chelsea Manning Continue Reading
-
Opinion
21 Sep 2020
Why business resilience management should be high on the agenda
Business resilience management is key to business survival in the face of rapidly changing IT, cyber threat and regulatory environments Continue Reading
-
News
18 Sep 2020
German authorities probe ransomware hospital death
Hackers failed to extort a ransom from University Hospital Düsseldorf, but indirectly caused the death of a patient Continue Reading
-
News
18 Sep 2020
Rampant Kitten spent six years hacking Iranian dissidents
Details emerge of an ongoing campaign by Tehran-backed threat actors targeting dissidents and activists Continue Reading
-
News
17 Sep 2020
Saudi Arabia sees cyber security boom as coronavirus bites
Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods Continue Reading
-
News
17 Sep 2020
What are the habits of highly effective CISOs?
Data crunched by Gartner analysts reveals the behaviours that differentiate the top-performing chief information security officers from the pack Continue Reading
-
Opinion
17 Sep 2020
Security Think Tank: Edge security in the world of Covid-19
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
16 Sep 2020
NCSC steps up ransomware support for schools and universities
New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks Continue Reading
-
Opinion
16 Sep 2020
Security Think Tank: Edge datacentre security depends on specific needs
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
15 Sep 2020
Gartner Security Summit: Covid-19 brings agile security to the fore
The evolving threat landscape is the top driver impacting cyber security during the next three to five years, and Covid-19 has accelerated the trend towards more agile security deployments Continue Reading
-
News
15 Sep 2020
Risky development practice leaves company access keys exposed
Database stores, cloud storage and myriad other services are being put at risk by the accidental exposure of company access keys during development Continue Reading
-
Opinion
15 Sep 2020
Security Think Tank: No secret sauce for edge security, just good practice
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
15 Sep 2020
Data of every Welsh Covid-19 patient leaked online
Data on all 18,105 people in Wales who have received positive tests for the coronavirus was uploaded to a public-facing web server in error Continue Reading
-
News
14 Sep 2020
Julian Assange faces solitary confinement if extradited, court hears
WikiLeaks founder Julian Assange will be held under special administrative measures if extradited to the US, said Eric Lewis, a US legal expert, effectively placing him in solitary confinement Continue Reading
-
News
14 Sep 2020
Microsoft drops out of TikTok talks, paves way for Oracle partnership
Microsoft confirms it is dropping out of the running to acquire the US operations of TikTok, leaving the way clear for an imminent partnership deal with Oracle Continue Reading
-
News
10 Sep 2020
Cyber security is next frontier for open source
Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM Continue Reading
-
News
10 Sep 2020
Government launches £500k healthcare security plan
A £500,000 funding pot from the government aims to help support small and mid-sized healthcare firms during the pandemic Continue Reading
-
Blog Post
08 Sep 2020
Tackling the Post Covid Cybercrime Pandemic
The pace of change along criminal supply chains is accelerating. But so too is the response from law enforcement. Lockdown saw the first step with long overdue automation of incident notification ... Continue Reading
-
News
06 Sep 2020
Why predictive threat intelligence is key
Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur Continue Reading
-
News
04 Sep 2020
Lockdown sees increase in girls applying for GCHQ cyber courses
The shift to online learning saw an increase in participants for its CyberFirst cyber security training programme, GCHQ found Continue Reading
-
News
03 Sep 2020
Phishing scam targets Lloyds Bank customers
Bank customers warned of emails and SMS messages that direct them to a fraudulent site and then request account log-in details Continue Reading
-
Opinion
03 Sep 2020
Security Think Tank: Datacentre security is a business imperative
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
03 Sep 2020
How Certis is digitising security operations
Certis has developed more than 50 applications in a year to help employees do their jobs better and has set up an AI centre to tap the potential of robotics and video analytics in security Continue Reading
-
News
02 Sep 2020
Northumbria University suffers major disruption after cyber attack
Some exams cancelled as university appoints external specialists to investigate incident Continue Reading
-
Opinion
02 Sep 2020
Security Think Tank: Seven steps to edge security
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
01 Sep 2020
Norway’s corporates want government to support ‘herd immunity’ to cyber attack
Leading business organisations in Norway call on government to play a more active role in improving and coordinating the country’s cyber defences Continue Reading
-
News
01 Sep 2020
Vint Cerf: Why everyone has a role in internet safety
The Covid-19 pandemic has demonstrated the power of internet connectivity. Vint Cerf talks to Computer Weekly about the challenges the internet now faces Continue Reading
-
Opinion
01 Sep 2020
Security Think Tank: Security at the distributed edge
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
28 Aug 2020
Machine learning wards off threats at TV studio Bunim Murray
TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats Continue Reading
-
News
28 Aug 2020
Benefit fraud: Underground trade in stolen identities revealed
A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds Continue Reading
-
Feature
27 Aug 2020
Double extortion ransomware attacks and how to stop them
As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks Continue Reading
-
News
27 Aug 2020
NHS whistleblowers’ anonymity at mercy of inadequate trust IT policies and processes
They were clapped in the streets for their bravery at the height of the Covid-19 pandemic, but some NHS staff who raise workplace concerns are suffering abuse as a result Continue Reading
-
News
27 Aug 2020
TikTok CEO clocks off
TikTok CEO Kevin Mayer has resigned from the firm after just three months Continue Reading
-
News
26 Aug 2020
Avaddon ransomware operators having a go at double extortion
The operators of the Avaddon ransomware seem to be tooling up to leak the data of their victims in addition to holding it to ransom, Cofense researchers confirm Continue Reading
-
Opinion
26 Aug 2020
What are the latest GDPR security breach enforcement trends?
A cyber breach specialist from Fieldfisher runs the rule over the latest trends in cyber security, data protection and GDPR Continue Reading