Security policy and user awareness
-
News
21 Mar 2024
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow Continue Reading
-
News
20 Mar 2024
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks Continue Reading
-
News
11 Mar 2020
Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday
March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical Continue Reading
-
Opinion
11 Mar 2020
Security Think Tank: ID-driven security helps safeguard the workforce
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
10 Mar 2020
Schoolgirl security experts prepare to do battle
The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent Continue Reading
-
News
10 Mar 2020
Hacking community targeted by cyber criminals in new trojan campaign
Cybereason’s Nocturnus threat research team has uncovered a cyber criminal campaign that weaponises popular hacking tools Continue Reading
-
News
09 Mar 2020
Bill Gates backs Crest fintech security scheme for Africa and Asia
UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia Continue Reading
-
News
09 Mar 2020
DCMS to oversee coronavirus disinformation unit
A cross-departmental counter-disinformation unit will seek to protect and secure UK citizens from disinformation, scams and cyber security threats related to the Covid-19 outbreak Continue Reading
-
News
06 Mar 2020
MI5 slammed by watchdog for failing to delete intercepted phone and internet data
The Investigatory Powers Commissioner (IPCO) has criticised MI5 for failing to report serious errors in the way it handles intercepted phone and internet data Continue Reading
-
News
05 Mar 2020
Cathay Pacific hit with £500,000 data protection fine from ICO over 2018 breach
Airline receives maximum financial penalty under Data Protection Act for data breach that led to nine million customers having their personal data accessed by hackers Continue Reading
-
News
04 Mar 2020
Australian government pulls plug on cloud certification programme
The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers Continue Reading
-
News
03 Mar 2020
NCSC issues smart camera security guidance to protect consumers from unauthorised snoops
Government’s latest push to safeguard users of in-home connected devices sees National Cyber Security Centre issue guidance to help consumers tighten up security of smart cameras and baby monitors Continue Reading
-
Blog Post
03 Mar 2020
Tech readiness for coronavirus
As more cases of the coronavirus are found in the UK, businesses are going to have to face the very real prospect that encouraging people to go into the office, raises the risk of the virus ... Continue Reading
-
News
03 Mar 2020
Singapore among world’s top sources of online threats
Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state Continue Reading
-
News
02 Mar 2020
The Security Interviews: Inside the world of bug bounties
You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow Continue Reading
-
News
01 Mar 2020
Data breaches in Australia showing no signs of abating
Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019 Continue Reading
-
News
28 Feb 2020
NCSC makes ransomware attack guidance more accessible
Following a swathe of high-profile ransomware attacks, the UK’s National Cyber Security Centre has made changes to its guidance, emphasising the importance of offline backups Continue Reading
-
News
27 Feb 2020
Redcar & Cleveland Council confirms ransomware attack
Local authority’s systems are still offline nearly three weeks after being attacked Continue Reading
-
News
26 Feb 2020
Cloud Snooper firewall bypass may be work of nation state
Cloud Snooper deploys a combination of specialised techniques to sneak past enterprise firewalls, warns Sophos Continue Reading
-
News
26 Feb 2020
FCA data breach could happen to anybody, but easy to avoid
Minor data breach at the Financial Conduct Authority was the result of simple human error, and highlights the need for organisations to consider a wide range of potential threats Continue Reading
-
News
25 Feb 2020
Google warns users not to mess with Huawei devices
Google tells users of Huawei devices to try to avoid bypassing controls preventing them from loading its apps Continue Reading
-
News
25 Feb 2020
Cloud data leaks compounded by lack of automation tools
Data leaks caused by misconfigured clouds are being compounded because security teams lack appropriate automation and integration tools, according to a report Continue Reading
-
News
25 Feb 2020
Cyber criminals targeting UK motorists, warns DVLA
Cyber criminals are offering various services and tax refunds that purport to be from the DVLA Continue Reading
-
News
24 Feb 2020
McAfee buys Light Point to enhance web browser protection
Acquisition of Light Point Security will extend the capabilities of multiple McAfee products Continue Reading
-
News
24 Feb 2020
Thai university to roll out data protection certification
Thailand’s National Institute of Development Administration is offering a certification programme to get organisations ready for the country’s data protection regime Continue Reading
-
News
24 Feb 2020
Open security group unveils common OpenDXL language
Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework Continue Reading
-
News
21 Feb 2020
Labour condemns Google data plans
Shadow digital minister Chi Onwurah challenges the government to stop Google’s plans to move UK user data out of the EU Continue Reading
-
News
21 Feb 2020
Malicious apps still getting past Google controls
Check Point researchers have found multiple malware-infected apps in the Google Play store, including a clicker called Haken, which has been downloaded more than 50,000 times Continue Reading
-
News
21 Feb 2020
F-Secure’s AI reads mean tweets to fight abuse and trolls
Researchers working on F-Secure’s Project Blackfin have developed a model for clustering tweets to help pinpoint abuse and harassment Continue Reading
-
News
20 Feb 2020
Google plans to send Brits’ data to US after Brexit
Move puts British user data beyond the reach of the EU’s GDPR, makes it more accessible to UK and US law enforcement agencies, and has prompted anger Continue Reading
-
News
19 Feb 2020
Cost of cloud misconfigurations set at $5tn
Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months Continue Reading
-
News
19 Feb 2020
Blasé directors put business data at risk
The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress Continue Reading
-
News
19 Feb 2020
Questions raised over Office 365 shared content policy
Buried 300 words into Microsoft’s standard service level agreement is a clause that affects intellectual property and privacy Continue Reading
-
News
18 Feb 2020
US ‘breached due process’ in spying operation against Julian Assange’s lawyers
Surveillance footage of Julian Assange’s meetings with lawyers and doctors in the Ecuadorian Embassy in London was an “abuse of process” Continue Reading
-
News
18 Feb 2020
Girlguiding hosts interactive cyber security workshop
100 Guides from South West England took part in an NCSC event to learn more about security fundamentals Continue Reading
-
News
18 Feb 2020
Untrusted security teams being left out of business decisions
Only a third of organisations are involving their cyber security function at the planning stage of business initiatives Continue Reading
-
Feature
18 Feb 2020
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
News
18 Feb 2020
Most CISOs ready to move jobs if something better comes along
The shortage of skilled security pros is creating an active recruitment market, with over 80% of CISOs saying they would consider a new role if approached Continue Reading
-
Opinion
18 Feb 2020
Security Think Tank: Zero trust strategies must start small, then grow
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
17 Feb 2020
Australians more savvy about cyber security
More Australians look out for signs of security features such as SSL encryption even as they remain sceptical of the data protection capabilities of small businesses Continue Reading
-
News
17 Feb 2020
Mastercard opens European security resilience unit
Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience Continue Reading
-
News
17 Feb 2020
Ex-soldiers to become ethical hackers
A new programme will give armed forces veterans in Scotland a grounding in cyber security skills, including penetration testing and ethical hacking Continue Reading
-
Opinion
17 Feb 2020
Security Think Tank: Ask yourself if zero trust is right for you
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
14 Feb 2020
Security Think Tank: How zero trust lets you take back control
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust architecture? Continue Reading
-
News
13 Feb 2020
Cyber criminals spread coronavirus conspiracy theories
The latest email campaigns identified by Proofpoint are spreading conspiracy theories about the coronavirus outbreak Continue Reading
-
Opinion
13 Feb 2020
Security Think Tank: Practical steps to achieve zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
12 Feb 2020
Emotet evolving to exploit coronavirus fear
With coronavirus cases now reported across the world, Emotet campaigns are exploiting legitimate fears to compromise their targets Continue Reading
-
News
12 Feb 2020
Internet Explorer zero day among 99 Patch Tuesday problems
After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities Continue Reading
-
News
11 Feb 2020
Mac-based security threats outpacing Windows
Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes Continue Reading
-
News
11 Feb 2020
Chinese military personnel accused of Equifax hack
A US federal grand jury has indicted four Chinese army personnel over the 2017 Equifax breach Continue Reading
-
News
10 Feb 2020
What should be in Australia’s next cyber security strategy
The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues? Continue Reading
-
Opinion
10 Feb 2020
Security Think Tank: Zero trust is complex, but has rich rewards
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
07 Feb 2020
RobbinHood ransomware tricks Windows into deleting defences
By subverting kernel memory settings in Windows 7, Windows 8 and Windows 10, the RobbinHood ransomware can now delete cyber security defences from target systems Continue Reading
-
News
07 Feb 2020
Joaquin Phoenix’s Joker is ‘most dangerous’ movie
Ahead of the 2020 Oscars, Kaspersky researchers say they found more than 300 files masquerading as the Joker movie Continue Reading
-
Opinion
07 Feb 2020
Security Think Tank: No trust in zero trust need not be a problem
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
06 Feb 2020
Maastricht University pays €200,000 to Russian hackers
A Dutch university has taken the difficult decision to pay hundreds of thousands of Euros to Russian hackers that compromised its systems through a ransomware attack Continue Reading
-
News
06 Feb 2020
Stressed, overworked CISOs losing £23k a year in unpaid overtime
Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health Continue Reading
-
News
05 Feb 2020
Scammers using fake PayPal emails stole over £1m in the UK in last quarter
Fraudsters tricked Brits into sending over £1m worth of goods to them that they hadn't paid for Continue Reading
-
News
05 Feb 2020
Web app ubiquity gives cyber criminals new opportunities
The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals Continue Reading
-
News
05 Feb 2020
IoT network flaw left Philips Hue bulbs open to attack
Vulnerabilities in the ZigBee internet of things networking protocol have left market-leading smart devices, including Philips Hue lightbulbs, open to exploitation Continue Reading
-
Opinion
05 Feb 2020
Security Think Tank: Zero trust is not the answer to all your problems
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
04 Feb 2020
The fight against cyber crime: Why cooperation matters
With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today Continue Reading
-
Opinion
04 Feb 2020
Security Think Tank: Facing the challenge of zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
03 Feb 2020
Security Think Tank: Zero trust – just another name for the basics?
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
31 Jan 2020
Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks
Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum Continue Reading
-
News
30 Jan 2020
NCSC launches study on cyber security diversity
The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector Continue Reading
-
News
30 Jan 2020
First coronavirus cyber threats seen in the wild
Kaspersky has reported the first incidences of cyber security threats playing on fears of the emerging coronavirus Continue Reading
-
News
29 Jan 2020
UK cyber security sector worth more than £8bn
The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS Continue Reading
-
News
29 Jan 2020
NHS suffers fewer ransomware attacks, but threat persists
Ransomware attacks against the NHS have tapered off dramatically, according to statistics obtained under FoI legislation, but this does not mean the threat has diminished Continue Reading
-
News
28 Jan 2020
Fintechs fear deepfake fraud
New research reveals the majority of CISOs working in the financial services sector are increasingly concerned about the potential use of deepfakes Continue Reading
-
News
28 Jan 2020
Organisations losing control of cloud data
Data is more widely dispersed in enterprise clouds than most organisations think, and as a result they are at risk of losing control of it, according to a report Continue Reading
-
News
28 Jan 2020
Data privacy benefits outweigh spend, says Cisco
Cisco’s 2020 data privacy study shows organisations can generate substantial returns on their data privacy and protection spending Continue Reading
-
News
27 Jan 2020
UK in catch-22 decision over Huawei security
The UK’s final decision on whether to permit mobile operators to use Huawei equipment is expected imminently, and its decision will have ramifications far beyond the technology sphere Continue Reading
-
News
27 Jan 2020
Government tightens law around IoT cyber security
New legislation developed by DCMS and the NCSC may help guarantee the security and privacy of users of consumer IoT devices Continue Reading
-
Opinion
27 Jan 2020
Security Think Tank: Bug bounties are changing the image of hackers
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
27 Jan 2020
SANS Institute calls on Manchester security pros
Manchester will play host to a week-long cyber security training event during February Continue Reading
-
News
24 Jan 2020
NHS alerted to severe vulnerabilities in GE health equipment
A series of vulnerabilities in patient monitoring equipment manufactured by General Electric could have left patient data exposed in hospitals around the world, including the UK Continue Reading
-
News
23 Jan 2020
CISOs fear becoming the next Travelex
Poll of security professionals by the organisers of the Infosecurity Europe trade fair highlights huge gaps in incident response capabilities Continue Reading
-
News
23 Jan 2020
End-user security ignorance laid bare in new report
Proofpoint’s 2020 State of the Phish report highlights an urgent need for better user training and reporting Continue Reading
-
Feature
23 Jan 2020
Startup uses machine learning to support GDPR’s right to be forgotten
Non-intrusive algorithms enable users to track which companies hold their data, so they can take it back Continue Reading
-
News
22 Jan 2020
Citrix releases IoC scanner for ADC and Gateway vulnerabilities
As patches for its compromised NetScaler ADC and Gateway products begin to roll out, Citrix enlists FireEye Mandiant to develop an indicator of compromise scanner for end-users Continue Reading
-
News
22 Jan 2020
Internal error left Microsoft customer service data exposed
Customer service and support records of nearly 250 million Microsoft customers left exposed after database misconfiguration Continue Reading
-
News
21 Jan 2020
5G builders test vulnerabilities in Finnish hackathon
University hackathon puts 5G security to the test as new wireless technology’s roll-out nears Continue Reading
-
News
20 Jan 2020
Exposed AWS buckets again implicated in multiple data leaks
A series of data leaks in the past week have once again implicated poorly secured Amazon S3 buckets, which are supposed to be private by default Continue Reading
-
News
20 Jan 2020
GDPR nets more than €100m in fines, with more to come
Fines totalling €114m have already been collected under GDPR, and this figure will spike in 2020 if the UK regulator succeeds in imposing record fines on BA and Marriott Continue Reading
-
Opinion
20 Jan 2020
Security Think Tank: Teens in basements don’t represent a positive security culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
17 Jan 2020
NCSC makes final call for entries to CyberFirst Girls contest
Entry to the National Cyber Security Centre’s CyberFirst Girls 2020 competition is about to close Continue Reading
-
News
17 Jan 2020
Emotet reinvigorated after Christmas break
The high-volume Emotet campaign is back in action after the Christmas holidays, and is just as dangerous as ever Continue Reading
-
News
17 Jan 2020
CAA debuts aviation cyber security assurance scheme
Civil Aviation Authority and Crest announce the first companies to be accredited under the CAA’s new cyber security oversight scheme, Assure Continue Reading
-
News
16 Jan 2020
A quarter of users will fall for basic phishing attacks
Phishing emails that appear to be security alerts are the most effective method of compromise, says KnowBe4 Continue Reading
-
Opinion
16 Jan 2020
Security Think-Tank: Tackle insider threats to achieve data-centric security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
16 Jan 2020
Thailand gets ready for data protection law
Thailand’s personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals Continue Reading
-
News
15 Jan 2020
LGBTQ+ social app Grindr accused of breaching GDPR
Norwegian Consumer Council files complaints about LGBTQ+ social networking app, alleging it is in breach of the General Data Protection Regulation Continue Reading
-
News
15 Jan 2020
NSA Windows 10 security disclosure raises questions
In an unprecedented move, the NSA has got out in front of a critical cryptographic flaw in Windows 10, but in doing so has raised multiple questions Continue Reading
-
News
15 Jan 2020
Threat landscape grew in complexity in 2019, no respite in sight
Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020 Continue Reading
-
News
14 Jan 2020
Two-thirds of UK healthcare organisations breached last year
The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices Continue Reading
-
News
14 Jan 2020
Cyber criminals spend three months lurking in target networks
Cyber criminals are spending longer hiding in target networks before launching their attacks, as more organised groups turn to business disruption to achieve their objectives Continue Reading
-
News
14 Jan 2020
Turn the end of Windows 7 support into a security advantage
CISOs can take advantage of the end of support for Microsoft Windows 7 by making the case for more investment in cyber security Continue Reading
-
News
14 Jan 2020
Citrix NetScaler vulnerabilities won’t be patched until end of January
Some vulnerabilities identified in Citrix products will not be fully patched until the end of January 2020 Continue Reading
-
News
13 Jan 2020
Sextortion campaign hits Nest home security cameras
Owners of Google’s Nest home security cameras are being targeted in a sextortion scam by criminals playing on fears over IoT security Continue Reading
-
News
13 Jan 2020
Travelex to begin restoring foreign exchange services two weeks after ‘Sodinokibi’ attack
Travelex says it is making “good progress” in its recovery and is to begin restoring electronic foreign exchange services, but is silent about whether it has agreed to pay hackers a $6m ransom to decrypt computer files Continue Reading
-
News
10 Jan 2020
National Lottery hacker jailed for nine months
Small-time cyber criminal jailed for his role in a cyber attack on lottery operator Camelot that netted him just £5 Continue Reading