News

IT governance

• June 22, 2022 22 Jun'22

  Uber drivers strike over pay issues and algorithmic transparency

  Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data

• June 22, 2022 22 Jun'22

  Yodel delivery service disrupted by cyber incident

  Delivery company Yodel confirmed it had experienced a cyber incident, which researchers believe could be a ransomware attack, and is working to get systems fully running again

• June 21, 2022 21 Jun'22

  Government won’t regulate on professional cyber standards

  The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession

• June 21, 2022 21 Jun'22

  Post Office IT investigator to be released from confidentiality obligations for inquiry

  Forensic accounting firm that ‘knows where the bodies are buried’ will be released from confidentiality obligations by the Post Office to give evidence to public inquiry

• June 21, 2022 21 Jun'22

  CNI leaders’ attitude to ransomware lackadaisical at best

  A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats

• June 20, 2022 20 Jun'22

  Lords move to protect cyber researchers from prosecution

  A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their ...

• June 20, 2022 20 Jun'22

  Complex Russian cyber threat requires we go back to basics

  The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains

• June 17, 2022 17 Jun'22

  Government responds to Data Reform Bill consultation

  Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit

• June 17, 2022 17 Jun'22

  MoD sets out strategy to develop military AI with private sector

  The UK Ministry of Defence has outlined its intention to work closely with the private sector to develop and deploy a range of artificial intelligence-powered technologies, committing to ‘lawful and ethical AI use’

• June 15, 2022 15 Jun'22

  Patch Tuesday dogged by concerns over Microsoft vulnerability response

  The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure

• June 14, 2022 14 Jun'22

  CIO interview: Morten Holm Christiansen, Haldor Topsoe

  There’s no point digitising if there is no benefit to the customer, says the Danish chemicals giant’s head of IT

• June 14, 2022 14 Jun'22

  MS Azure Synapse vulnerability fixed after six-month slog

  Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga

• June 13, 2022 13 Jun'22

  New warning over tech suppliers in thrall to hostile governments

  Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer

• June 13, 2022 13 Jun'22

  Health data strategy to exorcise ghosts of GPDPR

  Government publishes a revised data in health strategy, with an emphasis firmly on preserving the integrity and privacy of patients’ confidential information

• June 10, 2022 10 Jun'22

  ICO fails to disclose majority of reprimands issued under GDPR

  London law firm Mishcon de Reya forces disclosure of reprimands issued to organisations by the Information Commissioner’s Office for contraventions of UK data protection law

• June 10, 2022 10 Jun'22

  Commercialising open source

  Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business

• June 09, 2022 09 Jun'22

  SolarWinds CEO offers to commit staffers to government cyber agencies

  A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response

• June 09, 2022 09 Jun'22

  Trade body calls for public-private sector collab on digital ID

  TechUK has published a report outlining 10 key recommendations it believes are urgently needed to enable the rapid creation of an effectively regulated digital identity marketplace

• June 08, 2022 08 Jun'22

  China using top consumer routers to hack Western comms networks

  An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks

• June 08, 2022 08 Jun'22

  ProxyLogon, ProxyShell may have driven increase in dwell times

  The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data

• June 07, 2022 07 Jun'22

  Software house Mega achieves holistic SaaS security with Synopsys

  Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards

• May 26, 2022 26 May'22

  Consultation launched on datacentre, cloud security

  The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms

• May 26, 2022 26 May'22

  Two-thirds of UK organisations defrauded since start of pandemic

  Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report

• May 26, 2022 26 May'22

  Most CFOs being left out of ransomware conversations

  Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report

• May 24, 2022 24 May'22

  ICO orders facial recognition firm Clearview AI to delete all data about UK residents

  UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world

• May 24, 2022 24 May'22

  Ransomware volumes grew faster than ever in 2021

  Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody

• May 23, 2022 23 May'22

  Did the Conti ransomware crew orchestrate its own demise?

  Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise

• May 20, 2022 20 May'22

  Applying international law to cyber will be a tall order

  Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations

• May 20, 2022 20 May'22

  Third of organisations to outsource more IT amid talent shortage

  Cutting costs is not the main reason for outsourcing IT in the UK, according to a major study

• May 20, 2022 20 May'22

  Microsoft drops emergency patch after Patch Tuesday screw up

  Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates

• May 19, 2022 19 May'22

  Defensive cyber attacks may be justified, says attorney general

  Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable

• May 19, 2022 19 May'22

  Deliveroo accused of ‘soft union busting’ with GMB deal

  Smaller grassroots unions have criticised Deliveroo and GMB for making a “hollow” deal that will ultimately undermine workers’ self-organising efforts

• May 19, 2022 19 May'22

  Red teaming will be standard in Dutch governmental organisations by 2025

  The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest

• May 16, 2022 16 May'22

  Gartner Data & Analytics Summit: Unleash innovation on emergence from pandemic

  Analysts at the Gartner Data & Analytics Summit in London urged D&A leaders to unleash innovation as their organisations emerge from the shadow of the pandemic

• May 13, 2022 13 May'22

  Pro-competition data sharing will not include users’ personal info, says minister

  UK government proposals to improve competition in digital markets by making tech giants share data with smaller firms will not include consumers’ personal information, says digital minister

• May 12, 2022 12 May'22

  GPDPR data scrape a ‘mistake’, says leading scientist

  Giving evidence to the Science and Technology Committee, academic, physician and science writer Ben Goldacre has expressed serious misgivings about the on-hold GPDPR NHS data scrape

• May 11, 2022 11 May'22

  CyberUK 22: Five Eyes focuses on MSP security

  The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves

• May 11, 2022 11 May'22

  Data Reform Bill announced in Queen’s Speech

  Government claims proposals to reform the UK’s data protection regime will create a framework ‘focused on privacy outcomes rather than box-ticking’

• May 11, 2022 11 May'22

  Analysts confirm return of REvil ransomware gang

  Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks

• May 11, 2022 11 May'22

  Microsoft fixes three zero-days on May Patch Tuesday

  It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days

• May 10, 2022 10 May'22

  CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

  On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy

• May 10, 2022 10 May'22

  Post Office scandal inquiry chair brings forward urgent compensation hearings

  The chair of the Post Office Horizon scandal inquiry has brought forward hearings about compensation as victims warn that at this rate “people will die” before they get anything

• May 10, 2022 10 May'22

  CyberUK 22: NCSC refreshes cloud security guidance

  The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise

• May 06, 2022 06 May'22

  UK digital markets regulator to be given statutory powers

  Digital Markets Unit will be put on statutory footing by UK government to ensure technology giants do not abuse market power, but announcement comes with no clear indication of when legislation will be introduced

• May 03, 2022 03 May'22

  Post Office scandal CEO could be stripped of CBE

  Honours Forfeiture Committee to review Paula Vennells’ CBE in the light of Post Office scandal

• April 28, 2022 28 Apr'22

  Ransomware recovery costs dwarf actual ransoms

  The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data

• April 28, 2022 28 Apr'22

  UK regulators seek input on algorithmic processing and auditing

  Digital Regulation Cooperation Forum is inviting views on how the four UK watchdogs involved should approach regulating algorithms, following its publication of discussion papers and a 2022 workplan

• April 28, 2022 28 Apr'22

  Russia plumbs new depths in cyber war on Ukraine

  Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign

• April 27, 2022 27 Apr'22

  Russia-supporting cyber crime gang claims Coca-Cola as victim

  Stormous cyber crime collective claims to have stolen 161GB of data from Coca-Cola, and says it plans to sell it off

• April 27, 2022 27 Apr'22

  Ransomware victims paying out when they don’t need to

  Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to