News

Privacy and data protection

October 16, 2018 16 Oct'18
Zero-trust security model gaining traction

The zero-trust model of security is finally gaining traction as security professionals tap into new tools and executive buy-in to support this approach in an effort to improve security posture and practices
October 16, 2018 16 Oct'18
UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC

The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states
October 15, 2018 15 Oct'18
Tech companies should not be under legal duty to remove terrorist material, says watchdog

The internet should not be a safe place for terrorists, but making it compulsory for technology companies to trawl for radical content risks interfering with the rights of innocent people, says Max Hill QC, the independent reviewer of terrorism ...
October 15, 2018 15 Oct'18
Good data governance is good business

Organisations are failing to understand the importance of getting their data relationship with customers right and seeing the business opportunities that it enables, an industry analyst warns

October 15, 2018 15 Oct'18
Apple challenges Australia’s proposed decryption law

Tech giant Apple argued that the lack of judicial oversight could reduce customer trust and security, among other reservations over Australia’s draft decryption legislation
October 12, 2018 12 Oct'18
FS-ISAC awards cyber security scholarships in Europe

Five women have been awarded cyber security scholarships at FS-ISAC’s 2018 EMEA Summit
October 12, 2018 12 Oct'18
Some 10% of user-reported emails malicious

On average, 1 in 10 user-reported emails is identified as malicious, and more than half can be tied to credential phishing, a Cofense report reveals
October 12, 2018 12 Oct'18
Watchdog calls for clarity on Schedule 7 terrorism powers

The Independent Reviewer of Terrorism Legislation has called for greater clarity over police Schedule 7 powers to seize mobile phones and computers and question people without grounds for suspicion at ports and airports
October 11, 2018 11 Oct'18
RATs and Mimikatz among top publicly available hacking tools

Remote access Trojans (RATs), web shells and Mimikatz among the top publicly available tools that are used in cyber attacks around the world, a five-nation cyber intelligence report reveals
October 11, 2018 11 Oct'18
The troublesome saga of Gov.uk Verify

As the government plans to hand over its flagship identity assurance programme to the private sector, Computer Weekly looks at the history of the troubled project and how Gov.uk Verify ended up on the chopping board

October 11, 2018 11 Oct'18
Nato to be fully operational in cyber space by 2023

Nato is aiming to achieve full operational readiness in cyber space within five years
October 11, 2018 11 Oct'18
MEPs urge Facebook to roll out election fraud prevention measures

Facebook is coming under pressure from European lawmakers to do more to prevent its user data from being misappropriated during elections
October 10, 2018 10 Oct'18
Bug bounties not a silver bullet, Katie Moussouris warns

Targeted bug bounties have a role to play in cyber security, but they are not a "silver bullet", and run the risk of wiping out talent pipelines if poorly implemented, warns bug bounty pioneer
October 10, 2018 10 Oct'18
NCSC head says attribution of GRU attacks important

The head of the UK’s National Cyber Security Centre has described the attribution of a wave of cyber attacks to Russia’s military intelligence service as “historically important” at a conference in Poland
October 10, 2018 10 Oct'18
Singapore extends reach of digital ID system with cloud

GovTech is using AWS to host a developer platform that enables government agencies and businesses to develop services that build on the upcoming National Digital Identity system
October 09, 2018 09 Oct'18
Cooperation vital in cyber security, says former Estonian minister

States acting alone cannot be efficient in cyber security and need to cooperate with others to build trust, says a former foreign minister of Estonia
October 09, 2018 09 Oct'18
Consumer Google+ dumped in favour of enterprise focus

Google+ will no longer be offered to consumers, following a security audit. Instead, the company plans to flesh out an enterprise social media strategy
October 08, 2018 08 Oct'18
High Court blocks Google iPhone privacy lawsuit

The UK High Court has thrown out a group action lawsuit against Google for tracking iPhone browsing data, but campaign group Google You Owe Us, which brought the litigation, will appeal the decision
October 08, 2018 08 Oct'18
NCSC head calls for technocratic partnership to fix cyber risks

The UK’s National Cyber Security Centre is appealing for collaboration with the technology industry to remedy key vulnerabilities in current IT
October 08, 2018 08 Oct'18
ICO hits Heathrow Airport with £120,000 data breach fine over lost USB stick

Information Commissioner’s Office fines airport after a member of the public came across a USB stick containing sensitive personal information about airport staff
October 08, 2018 08 Oct'18
Google Safety Center goes live in the UK

Google says its commitment to transparency is as strong as ever as its new Safety Center goes live in the UK to help keep businesses and consumers safe online
October 05, 2018 05 Oct'18
GDPR case work swamps Denmark’s data protection agency

The agency investigating alleged breaches of GDPR in Denmark is recruiting additional resources to cope with the increase in work
October 04, 2018 04 Oct'18
Security Serious Unsung Heroes announced

Awards celebrate the people of the cyber security industry on the front lines of organisations battling cyber threats
October 04, 2018 04 Oct'18
Business email compromise made easy for cyber criminals

Poor security practices and access to hacking services are making it easy for cyber criminals to compromise business email, research reveals
October 04, 2018 04 Oct'18
Apps are gateway to business data for cyber attackers

Application security is becoming increasingly important because apps are often the main way cyber attackers are getting into corporate networks, a threat researcher warns
October 03, 2018 03 Oct'18
Rise in data-stealing Betabot malware

Researchers are warning about an increase in Betabot malware after detecting multiple infections in recent weeks, underlining the importance of software patching
October 01, 2018 01 Oct'18
UK firms’ password security score ‘average’

While businesses are making strides in strengthening password security, there is more work to be done, with the UK password score lagging behind the frontrunners, a survey shows
October 01, 2018 01 Oct'18
Tesco Bank gets first cyber-related FCA fine

UK’s financial watchdog issues its first cyber-related fine to Tesco Bank in connection with a multimillion-pound cyber fraud in 2016
October 01, 2018 01 Oct'18
Facebook could face up to $1.6bn fine for data breach

Facebook is under increased pressure to demonstrate that users’ personal data is protected as it faces a potential fine of more than a billion dollars for a data breach affecting millions of users
October 01, 2018 01 Oct'18
Keeping Commvault on its toes in ASEAN

Backup and data protection software supplier is going after mid-sized companies and renewing its focus on partners to make deeper inroads in Southeast Asia
September 28, 2018 28 Sep'18
EU sees eIDAS regulation come into full force

A regulation aimed at cutting red tape to enable a digital single market in Europe will soon be in full force, but it could present some challenges to the UK after Brexit
September 28, 2018 28 Sep'18
Cyber attackers are increasingly exploiting RDP, warns FBI

Businesses should to act to reduce the likelihood of compromise from cyber attackers exploiting the remote desktop protocol, warns the FBI
September 27, 2018 27 Sep'18
Blockchain is no ‘magic wand’ for cyber security

The decentralised nature of blockchain networks may deter some cyber crooks, but ASEAN organisations still need to pay heed to the security of their blockchain infrastructure
September 27, 2018 27 Sep'18
Business is at inflection point for proactive cyber security

The time is ripe for proactive cyber security, but many organisations must first overcome four key obstacles to achieve effective protection, according to a research report
September 27, 2018 27 Sep'18
Explosion in fake data-stealing shopping sites

Cyber attackers are ramping up efforts to steal personal data by setting up look-alike domains that pose a phishing risk to online shoppers, researchers warn
September 27, 2018 27 Sep'18
Uber fined $148m for data breach cover-up

US court hits Uber with heavy fine which security industry commentators hope will encourage firms to take cyber security more seriously and resist the urge to cover up data breaches
September 27, 2018 27 Sep'18
Australian teen Apple hacker avoids jail time

“Fan” who broke into Apple’s mainframe from his home in Melbourne has avoided prison because the information he gathered was recovered
September 26, 2018 26 Sep'18
ICO threatens fines for outstanding fees

The UK’s privacy watchdog has issued warning letters to organisations, including some NHS trusts and government organisations, for failing to pay a new data protection fee
September 26, 2018 26 Sep'18
Financial services firms face potential security bombshell

UK financial services are facing a security crisis over outdated services and applications, a survey shows
September 26, 2018 26 Sep'18
Fujitsu teams up with UTCs on cyber security training

Fujitsu, University Technical Colleges across England and other private sector partners have joined forces to help address the cyber security skills gap
September 25, 2018 25 Sep'18
PCI DSS compliance falls despite security benefit

Despite the benefits of the payment card industry security standard, there is a concerning downward trend in compliance, a report reveals
September 25, 2018 25 Sep'18
MI5 admits to ‘unlawful’ spying on Privacy International

The UK's intelligence agencies acted unlawfully by intercepting communications data on NGO, Privacy International, the UK's most secret court ruled.
September 25, 2018 25 Sep'18
WannaCry and NotPetya inspiring new attacks

Designs and techniques used in 2017’s global cyber attacks have inspired a new breed of malware that exploits software vulnerabilities, according to a McAfee report
September 25, 2018 25 Sep'18
Mac OS Mojave zero-day warning

The latest version of Apple’s Mac operating system contains a vulnerability that could be exploited by attackers to access protected files, a researcher warns
September 24, 2018 24 Sep'18
Business leaders expect suppliers to ensure they are cyber secure

Most UK business leaders expect suppliers to be cyber secure and nearly a third of businesses would terminate contracts because of suppliers’ security failings, a survey has revealed
September 19, 2018 19 Sep'18
Europol cyber crime report highlights emerging threats to enterprise security

Research highlights increase in sophistication of ransomware attacks, while revealing details of new and emerging threats to enterprises
September 17, 2018 17 Sep'18
Singapore government to start bug bounty programme

Singapore’s bug bounty programme will help the authorities identify cyber blind spots and benchmark its defences against skilled hackers
September 17, 2018 17 Sep'18
Cutting through the blockchain hype

Blockchain adoption is still in its infancy, with security challenges standing in the way of more widespread deployment, according to a blockchain expert
September 13, 2018 13 Sep'18
No Deal Brexit may hinder free flow of personal data from EU to UK

The government’s No Deal Brexit planning document on data protection warns free flow of personal data from EU isn’t guaranteed, and organisations must take action to ensure they will still be able receive data from Europe
September 13, 2018 13 Sep'18
GCHQ mass surveillance regime was in breach of human rights law, European court rules

The European Court of Human Rights in Strasbourg has ruled that the UK’s collection of bulk interception of communications data lacked adequate oversight and safeguards and was in breach of human rights law