News

Identity and access management products

• June 24, 2024 24 Jun'24

  Sellafield pleads guilty to criminal charges over cyber security

  Nuclear Decommissioning Authority-backed organisation Sellafield Ltd pleads guilty to criminal charges brought over significant cyber security failings that could have compromised sensitive nuclear information

• June 19, 2024 19 Jun'24

  Microsoft admits no guarantee of sovereignty for UK policing data

  Documents show Microsoft’s lawyers admitted to Scottish policing bodies that the company cannot guarantee sensitive law enforcement data will remain in the UK, despite long-standing public claims to the contrary

• June 11, 2024 11 Jun'24

  Pure Storage hit by Snowflake credential hackers

  Pure Storage emerges as the latest victim of a fast-spreading breach of Snowflake customers targeting users with lax credential security measures in place

• June 11, 2024 11 Jun'24

  More than 160 Snowflake customers hit in targeted data theft spree

  Mandiant reports that more than 160 Snowflake customers have been hit in a broad data theft and extortion campaign targeting organisations that have failed to pay proper attention to securing valuable credentials

• June 03, 2024 03 Jun'24

  97 FTSE 100 firms exposed to supply chain breaches

  Between March 2023 and March 2024, 97 out of 100 companies on the UK’s FTSE 100 list were put at risk of compromise following supply chain breaches at third-party suppliers

• June 03, 2024 03 Jun'24

  Major breaches allegedly caused by unsecured Snowflake accounts

  Significant data breaches at Ticketmaster and Santander appear to have been orchestrated through careful targeting of the victims’ Snowflake cloud data management accounts

• May 29, 2024 29 May'24

  Storebrand divests from IBM over supply of biometrics to Israel

  Norwegian asset manager Storebrand’s decision to divest from IBM comes amid growing scrutiny of the role technology companies play in Israel’s human rights abuses

• May 09, 2024 09 May'24

  Ofcom publishes draft online child safety rules for tech firms

  In the draft codes, Ofcom calls on technology firms to use ‘robust’ age-checking and content moderation systems to keep harmful material away from children online

• May 06, 2024 06 May'24

  Microsoft beefs up cyber initiative after hard-hitting US report

  Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems

• May 03, 2024 03 May'24

  Why IAM is central to cyber security

  BeyondTrust’s chief security strategist talks up the importance of identity and access management, and the role of cyber insurance in driving security improvements

• May 02, 2024 02 May'24

  Dropbox Sign user information accessed in data breach

  Account data belonging to Dropbox Sign users was accessed by an unknown threat actor after they hacked into the organisation’s backend infrastructure

• May 02, 2024 02 May'24

  How Okta is fending off identity-based attacks

  Okta has been bolstering the security of its own infrastructure and building new tools to scan customer environments for vulnerable identities, among other efforts to fend off identity-based attacks

• May 01, 2024 01 May'24

  EMEA CISOs must address human factors behind cyber incidents

  The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching

• April 30, 2024 30 Apr'24

  Keeper to help Williams F1 keep up with cyber challenges

  Keeper Security signs up to support F1 team Williams Racing with credential management ahead of the 2024 Miami Grand Prix

• April 30, 2024 30 Apr'24

  Global majority united on multilateral regulation of AI weapons

  Foreign ministers and civil society representatives say that multilateralism is key to controlling the proliferation and use of AI-powered autonomous weapons, but that a small number of powerful countries are holding back progress

• April 29, 2024 29 Apr'24

  UK’s long-awaited device security law kicks in

  The Product Security and Telecommunications Infrastructure Act has become law across the UK, enforcing basic cyber security standards across connected products sold to the public

• April 26, 2024 26 Apr'24

  Post Office ‘lied’ to subpostmasters when forced to meet them, says former federation representative

  Post Office executives were forced to meet subpostmasters to discuss an unexplained error in their branch, then misled the branch managers over remote access

• April 25, 2024 25 Apr'24

  Zero trust is a strategy, not a technology

  Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag

• April 24, 2024 24 Apr'24

  Mandatory MFA pays off for GitHub and OSS community

  Mandating multifactor authentication for select developers has been a huge success for GitHub, the platform reports, and now it wants to go further

• April 18, 2024 18 Apr'24

  Gov.uk One Login accounts on the rise

  Since August 2023, more than 1.8 million people verified their identity using the Gov.uk One Login app, while face-to-face verifications have also increased

• April 16, 2024 16 Apr'24

  CW Innovation Awards: Balancing security and user experience

  The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access

• April 16, 2024 16 Apr'24

  Recognising APAC’s trailblazers in digital transformation

  DBS Bank and NUS were among the top industry innovators that were lauded for various transformational initiatives at the Computer Weekly Innovation Awards APAC 2024

• April 15, 2024 15 Apr'24

  EU’s AI Act fails to protect the rule of law and civic space

  Analysis reveals that the AI Act is ‘riddled with far-reaching exceptions’ and its measures to protect fundamental rights are insufficient

• April 11, 2024 11 Apr'24

  Facial recognition to play key role in UK shoplifting crackdown

  UK government will fund roll-out of police facial recognition across the country as part of its crackdown on shoplifting and violence against retail staff, but civil society groups say the government is attempting to police its way out of the ...

• April 11, 2024 11 Apr'24

  Government dismisses Lords’ concerns over facial recognition

  UK government is claiming police forces’ use of live facial recognition is comprehensively covered by existing laws, in response to a Lords investigation that found police lacked a clear legal basis to deploy it

• April 09, 2024 09 Apr'24

  Public worried by police and companies sharing biometric data

  More than half of the British public do not feel comfortable with police forces sharing biometric data with the private sector, including facial recognition images, to tackle crimes such as shoplifting

• April 09, 2024 09 Apr'24

  Greek government fined over AI surveillance in refugee camps

  Greece’s Data Protection Authority has issued a €175,000 fine against the country’s migration ministry over its deployment of artificial intelligence-powered security systems in refugee camps after the watchdog’s investigation found ‘serious ...

• April 05, 2024 05 Apr'24

  How Oracle Red Bull Racing guards against cyber threats

  The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware

• April 04, 2024 04 Apr'24

  Obituary: Professor Ross Anderson, pioneer in security engineering and campaigner

  Ross Anderson, a titan in the field of security engineering and campaigner for privacy and security, has passed away

• March 28, 2024 28 Mar'24

  UK plc going backwards on cyber maturity, Cisco report claims

  Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape

• March 27, 2024 27 Mar'24

  Cyber spies, not cyber criminals, behind most zero-day exploitation

  Analysis from Google has found that zero-day vulnerabilities are much more heavily exploited for espionage purposes than for financially motivated cyber crime

• March 26, 2024 26 Mar'24

  NCSC reaffirms guidance for those at risk of Chinese state hacking

  As the UK and US governments announce sanctions and indictments of a Chinese state threat actor, the NCSC has reiterated its security advice for individuals at risk of being targeted for espionage purposes

• March 19, 2024 19 Mar'24

  EMEA security spend will have another boom year in 2024

  Cyber security services and technology will once again be the focus of major investment across EMEA during 2024, according to the latest Technology Spending Intentions study from TechTarget and ESG

• March 19, 2024 19 Mar'24

  Australia’s cyber security spending to grow 11.5% this year

  Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner

• March 11, 2024 11 Mar'24

  Dutch organisations vulnerable to deepfake fraud

  With the information many employees share on social media, Dutch companies are especially vulnerable to a new form of fraud

• March 07, 2024 07 Mar'24

  NI Policing Board pressed to open inquiry into PSNI spying on journalists’ phones

  Amnesty International and the Committee on the Administration of Justice have asked Northern Ireland’s policing watchdog to open an inquiry into the Police Service of Northern Ireland’s use of surveillance powers against journalists

• March 05, 2024 05 Mar'24

  Meta outage disrupts social media globally

  Meta services, including Facebook, Instagram and Threads, have been downed in a brief service outage

• March 05, 2024 05 Mar'24

  American Express customers exposed through third-party breach

  US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach

• February 29, 2024 29 Feb'24

  Okta doubles down on cyber in wake of high-profile breaches

  Okta launches Secure Identity Commitment to shore up its technology in the wake of a damaging breach and elevate best practice around identity

• February 29, 2024 29 Feb'24

  DSIT publishes results of public digital identity trust consultation

  Report from Department for Science, Innovation and Technology shows UK public wants government to be accountable and transparent, and views trust and inclusivity as key

• February 27, 2024 27 Feb'24

  Majority of UK employees ‘willingly gamble’ with security

  Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report

• February 27, 2024 27 Feb'24

  Cozy Bear and other APTs changing tack as cloud adoption increases

  A change in APT tactics has been observed resulting from greater adoption of cloud-based services, according to the NCSC

• February 14, 2024 14 Feb'24

  Met Police to scrap and replace ‘racist’ Gangs Violence Matrix

  A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but ...

• February 09, 2024 09 Feb'24

  Amazon defends facial-recognition tech sale to FBI despite moratorium

  The FBI has confirmed it is using Amazon’s Rekognition image and video analysis software, but Amazon says it is ‘false’ to suggest this violates the company’s self-imposed moratorium on selling facial-recognition technology to US police

• February 07, 2024 07 Feb'24

  AI ID specialist Onfido in talks to be bought by Entrust

  UK-based cyber unicorn Onfido agrees to enter talks to be acquired by Entrust

• February 01, 2024 01 Feb'24

  US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers

  The US government has succeeded in halting a botnet comprised of hundreds of end-of-life routers that posed a threat to critical national infrastructure (CNI) organisations in multiple countries

• January 29, 2024 29 Jan'24

  Lords question legality of police facial recognition

  Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability

• January 26, 2024 26 Jan'24

  UK government consults on age verification tech in alcohol sales

  The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales

• January 19, 2024 19 Jan'24

  ICO prompts confusion over police cloud legality

  The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government

• January 16, 2024 16 Jan'24

  Republic of Ireland publishes progress update on digital strategy

  Update reveals 2.3 million people in Ireland now have MyGovID accounts, and the Irish government plans to launch a new digital portal for businesses, as well as establishing an AI advisory council imminently