Data breach incident management and recovery
-
News
20 Aug 2024
Helsinki braced for elevated cyber attacks
The City of Helsinki is increasing its collaboration with cyber security and crime investigators following a major attack on its systems Continue Reading
-
News
11 Dec 2023
Nordic governments join forces to protect data transfers
Nordic countries deepen their cooperation over cyber security amid heightened threat from neighbouring Russia Continue Reading
-
News
20 Feb 2020
Google plans to send Brits’ data to US after Brexit
Move puts British user data beyond the reach of the EU’s GDPR, makes it more accessible to UK and US law enforcement agencies, and has prompted anger Continue Reading
-
News
20 Feb 2020
Facilities firm ISS World crippled by ransomware attack
An apparent ransomware attack has compromised some IT and email systems at Danish facilities firm ISS World Continue Reading
-
News
19 Feb 2020
Cost of cloud misconfigurations set at $5tn
Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months Continue Reading
-
News
19 Feb 2020
Blasé directors put business data at risk
The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress Continue Reading
-
News
18 Feb 2020
Girlguiding hosts interactive cyber security workshop
100 Guides from South West England took part in an NCSC event to learn more about security fundamentals Continue Reading
-
News
18 Feb 2020
Untrusted security teams being left out of business decisions
Only a third of organisations are involving their cyber security function at the planning stage of business initiatives Continue Reading
-
Feature
18 Feb 2020
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
News
17 Feb 2020
Mastercard opens European security resilience unit
Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience Continue Reading
-
News
13 Feb 2020
Cyber criminals spread coronavirus conspiracy theories
The latest email campaigns identified by Proofpoint are spreading conspiracy theories about the coronavirus outbreak Continue Reading
-
News
12 Feb 2020
Emotet evolving to exploit coronavirus fear
With coronavirus cases now reported across the world, Emotet campaigns are exploiting legitimate fears to compromise their targets Continue Reading
-
News
11 Feb 2020
Chinese military personnel accused of Equifax hack
A US federal grand jury has indicted four Chinese army personnel over the 2017 Equifax breach Continue Reading
-
Opinion
10 Feb 2020
Security Think Tank: Zero trust is complex, but has rich rewards
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
07 Feb 2020
Security Think Tank: No trust in zero trust need not be a problem
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
06 Feb 2020
Stressed, overworked CISOs losing £23k a year in unpaid overtime
Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health Continue Reading
-
News
05 Feb 2020
Web app ubiquity gives cyber criminals new opportunities
The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals Continue Reading
-
News
03 Feb 2020
NHS adds supplier security audits to procurement platform
A new feature in the NHS’s Edge4Health procurement platform will help NHS suppliers improve their cyber security posture and NHS organisations make better buying decisions Continue Reading
-
Opinion
03 Feb 2020
Security Think Tank: Zero trust – just another name for the basics?
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
31 Jan 2020
Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks
Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum Continue Reading
-
News
31 Jan 2020
UK police arrest three over Maltese cyber bank robbery
The NCA has made three arrests in Belfast and London following an investigation into money laundering linked to a cyber heist on a bank in Malta Continue Reading
-
News
30 Jan 2020
NCSC launches study on cyber security diversity
The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector Continue Reading
-
News
29 Jan 2020
UK cyber security sector worth more than £8bn
The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS Continue Reading
-
News
29 Jan 2020
NHS suffers fewer ransomware attacks, but threat persists
Ransomware attacks against the NHS have tapered off dramatically, according to statistics obtained under FoI legislation, but this does not mean the threat has diminished Continue Reading
-
News
28 Jan 2020
Met Police could deploy facial recognition against protesters
Live facial recognition will be rolled out operationally by the Met Police, but police monitoring group Netpol believes it will hamper people’s ability to exercise their rights to protest Continue Reading
-
News
28 Jan 2020
Organisations losing control of cloud data
Data is more widely dispersed in enterprise clouds than most organisations think, and as a result they are at risk of losing control of it, according to a report Continue Reading
-
E-Zine
28 Jan 2020
IT must play its part in tackling the climate crisis
In this week’s Computer Weekly, we look at this year’s World Economic Forum and find out how the IT sector is aiming to help tackle climate change. Our buyer’s guide assesses onsite, offsite and cloud-based disaster recovery. And IT contractors are up in arms about the government’s loan charge policy – we examine the issues. Read the issue now. Continue Reading
-
News
28 Jan 2020
Data privacy benefits outweigh spend, says Cisco
Cisco’s 2020 data privacy study shows organisations can generate substantial returns on their data privacy and protection spending Continue Reading
-
Opinion
27 Jan 2020
Security Think Tank: Bug bounties are changing the image of hackers
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
24 Jan 2020
Cyber gangsters publish staff passwords following ‘Sodinokibi’ attack on car parts group Gedia
Sodinokibi hacking group steps up pressure on German automotive manufacturer by publishing information, including the CEO’s computer password and sensitive details of its IT systems, on the internet Continue Reading
-
News
23 Jan 2020
Travelex hackers shut down German car parts company Gedia in massive ‘cyber attack’
Car parts manufacturer says cyber attack will have far-reaching consequences for its business, and it has put emergency plans in place to continue deliveries Continue Reading
-
News
23 Jan 2020
CISOs fear becoming the next Travelex
Poll of security professionals by the organisers of the Infosecurity Europe trade fair highlights huge gaps in incident response capabilities Continue Reading
-
News
23 Jan 2020
End-user security ignorance laid bare in new report
Proofpoint’s 2020 State of the Phish report highlights an urgent need for better user training and reporting Continue Reading
-
News
22 Jan 2020
Citrix releases IoC scanner for ADC and Gateway vulnerabilities
As patches for its compromised NetScaler ADC and Gateway products begin to roll out, Citrix enlists FireEye Mandiant to develop an indicator of compromise scanner for end-users Continue Reading
-
News
22 Jan 2020
Internal error left Microsoft customer service data exposed
Customer service and support records of nearly 250 million Microsoft customers left exposed after database misconfiguration Continue Reading
-
News
21 Jan 2020
5G builders test vulnerabilities in Finnish hackathon
University hackathon puts 5G security to the test as new wireless technology’s roll-out nears Continue Reading
-
News
21 Jan 2020
High-street banks face disruption three weeks after Travelex hack
Foreign exchange services still disrupted, three weeks after Travelex received a $6m ransom demand from cyber gangsters Continue Reading
-
20 Jan 2020
Don’t become the next Travelex: Get ready for ransomware
With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident. Continue Reading
-
E-Zine
20 Jan 2020
How to avoid becoming the next Travelex
In this week’s Computer Weekly, we look at the lessons learned from the ransomware attack on Travelex and how other firms can avoid the same fate. As Microsoft ends support for Windows 7, we examine the issues for the many remaining users of the operating system. And healthcare CIOs explain the tech challenges facing the NHS. Read the issue now. Continue Reading
-
News
20 Jan 2020
Exposed AWS buckets again implicated in multiple data leaks
A series of data leaks in the past week have once again implicated poorly secured Amazon S3 buckets, which are supposed to be private by default Continue Reading
-
News
20 Jan 2020
GDPR nets more than €100m in fines, with more to come
Fines totalling €114m have already been collected under GDPR, and this figure will spike in 2020 if the UK regulator succeeds in imposing record fines on BA and Marriott Continue Reading
-
Opinion
20 Jan 2020
Security Think Tank: Teens in basements don’t represent a positive security culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
17 Jan 2020
Cops take down data wholesale operation
The Police Service of Northern Ireland and the Dutch cyber crime unit have made two arrests in an operation targeting a website that provided criminals with access to billions of personal credentials Continue Reading
-
News
16 Jan 2020
Thailand gets ready for data protection law
Thailand’s personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals Continue Reading
-
News
15 Jan 2020
Lorca announces new cohort of 20 security scaleups
20 scaleups will focus their attention on automation, zero trust and supply chain security Continue Reading
-
News
15 Jan 2020
Travelex warns customers to be alert to phone scams
Under-fire forex provider warns that criminals may try to take advantage of its predicament to scam customers Continue Reading
-
News
15 Jan 2020
Threat landscape grew in complexity in 2019, no respite in sight
Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020 Continue Reading
-
News
14 Jan 2020
Two-thirds of UK healthcare organisations breached last year
The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices Continue Reading
-
News
14 Jan 2020
Researchers find cryptojacker hiding in Wav audio file
Victim network was compromised by obfuscated malware hiding a Monero cryptominer, lurking inside a Wav audio file Continue Reading
-
News
14 Jan 2020
Cyber criminals spend three months lurking in target networks
Cyber criminals are spending longer hiding in target networks before launching their attacks, as more organised groups turn to business disruption to achieve their objectives Continue Reading
-
Podcast
14 Jan 2020
Podcast: The Computer Weekly Downtime Upload – Episode 42
In this week’s episode of the Computer Weekly Downtime Upload podcast, Caroline Donnelly, Clare McDonald and Brian McKenna greet the new decade with reflections on the Travelex ransomware attack and Dominic Cummings’ call for data science to rejuvenate Whitehall. And they take stock of the retail sector’s grim 2019, while remembering to mention the big story of the moment: Harry and Meghan Continue Reading
-
News
13 Jan 2020
Travelex to begin restoring foreign exchange services two weeks after ‘Sodinokibi’ attack
Travelex says it is making “good progress” in its recovery and is to begin restoring electronic foreign exchange services, but is silent about whether it has agreed to pay hackers a $6m ransom to decrypt computer files Continue Reading
-
News
10 Jan 2020
National Lottery hacker jailed for nine months
Small-time cyber criminal jailed for his role in a cyber attack on lottery operator Camelot that netted him just £5 Continue Reading
-
Opinion
10 Jan 2020
Learning from the Travelex cyber attack: Failing to prepare is preparing to fail
The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department Continue Reading
-
News
09 Jan 2020
Travelex hackers threaten to sell credit card data on dark web
Sodinokibi cyber gangsters have threatened to sell Travelex customers’ private data on a Russian underground cyber crime forum if it fails to pay a $6m ransom Continue Reading
-
News
09 Jan 2020
Retail group Dixons Carphone fined £500,000 over data breach
Dixons Carphone receives maximum possible pre-GDPR fine from the ICO following a 2018 data breach Continue Reading
-
News
09 Jan 2020
Don’t become the next Travelex: Get ready for ransomware
With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident Continue Reading
-
News
09 Jan 2020
PowerTrick backdoor used to target high-value businesses
Threat actors are exploiting a PowerShell-based backdoor called PowerTrick to go after high-value targets, warns SentinelLabs Continue Reading
-
Feature
09 Jan 2020
Whisper it… but could a cyber attack be good for your career?
All too often it’s the CISO who carries the can for an enterprise security failure, but this might not be a bad thing. There’s lots of evidence to suggest that falling victim to a cyber attack may actually enhance your CV Continue Reading
-
News
09 Jan 2020
New GDPR service aims to ease compliance challenges
Security consultants claim their software platform will address a pressing need for an effective and efficient means of complying with data protection rules Continue Reading
-
Opinion
09 Jan 2020
Security Think Tank: Changing attitudes to cyber is a team sport
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
08 Jan 2020
TikTok video-sharing app left user data exposed
Check Point uncovered serious vulnerabilities in the TikTok video-sharing app that left users exposed Continue Reading
-
Opinion
08 Jan 2020
Security Think Tank: Hero or villain? Creating a no-blame culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Opinion
07 Jan 2020
Security Think Tank: Get your users to take pride in security
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
06 Jan 2020
Cyber gangsters demand payment from Travelex after ‘Sodinokibi’ attack
Cyber criminals are demanding payment to decrypt Travelex’s computer files after a devastating malware attack. New questions have been raised about the security of Travelex’s computer network after it emerged the company waited eight months to patch vulnerable VPN servers Continue Reading
-
News
06 Jan 2020
UK cyber security boss Ciaran Martin to step down
NCSC chief Ciaran Martin will leave his post in the summer of 2020 Continue Reading
-
Opinion
06 Jan 2020
Security Think Tank: Let’s call time on inciting fear among users
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
03 Jan 2020
Suspected ransomware attack causes worldwide disruption for Travelex
Travelex switches off computer systems and resorts to cash-only currency sales after malware attack. Insiders claim the currency exchange chain has been hit by ransomware which has left critical files containing customer data encrypted Continue Reading
-
Opinion
03 Jan 2020
Security Think Tank: Put information at the heart of security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
03 Jan 2020
How Darktrace is riding the AI boom
Cyber security firm known for its artificial intelligence smarts doubled its headcount across Asia-Pacific last year in key markets including Australia and South Korea Continue Reading
-
News
02 Jan 2020
California’s CCPA an opportunity for security industry to do better
California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners Continue Reading
-
News
31 Dec 2019
Top 10 ASEAN IT stories of 2019
Here are Computer Weekly’s top 10 ASEAN IT stories of 2019 Continue Reading
-
Feature
30 Dec 2019
Can the UK government’s efforts solve the cyber skills gap?
There has been an active effort by the UK government to tackle the lack of skills in the cyber security space – but is it enough? Continue Reading
-
News
24 Dec 2019
Top 10 cyber crime stories of 2019
Here are Computer Weekly’s top 10 cyber crime stories of 2019 Continue Reading
-
News
23 Dec 2019
Top 10 cyber security stories of 2019
Here are Computer Weekly’s top 10 cyber security stories of 2019 Continue Reading
-
News
20 Dec 2019
Finnish government supports local authorities in cyber security initiative
The Finnish government has committed resources to a cyber security project aimed at local authorities Continue Reading
-
News
18 Dec 2019
Top 10 Australia IT stories of 2019
Here are Computer Weekly’s top 10 Australia IT stories of 2019 Continue Reading
-
News
17 Dec 2019
Group-IB CEO talks up global threat landscape
Public attribution of cyber attacks could backfire while a global cyber norms framework won’t emerge until a catastrophic incident occurs, says the head of Singapore-based Group-IB Continue Reading
-
Opinion
16 Dec 2019
Security Think Tank: Data-centric security requires a holistic approach
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
13 Dec 2019
Alarm bells ring, the IoT is listening
With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts Continue Reading
-
Opinion
13 Dec 2019
Security Think Tank: Data-centric security requires context and understanding
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
Opinion
13 Dec 2019
Top tips for avoiding and dealing with data breaches
Been hacked, lost a laptop or sent an email to the wrong address? Do you need to notify anyone and what should you do? Find out in this simple guide Continue Reading
-
Opinion
11 Dec 2019
Security Think Tank: Risk-based response critical to protect data
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
10 Dec 2019
Rapid evolution of quantum computing a concern for CISOs
With the race to achieve so-called quantum supremacy hotting up, security pros are concerned that it will outpace the development of appropriate safeguards, according to a report Continue Reading
-
News
09 Dec 2019
Public sector still losing user devices in high numbers
The Ministry of Justice has lost 354 smartphones, PCs, laptops and tablets in the past 12 months, according to a Freedom of Information request, and other government departments are in the same boat Continue Reading
-
News
06 Dec 2019
How commodities firm ED&F Man solved its threat detection challenges
After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations Continue Reading
-
News
06 Dec 2019
Cyber security takes its place alongside UK’s armed services
Head of armed services says cyber security will take its place alongside the army, navy and air force as a key pillar of the UK’s defence strategy Continue Reading
-
Opinion
06 Dec 2019
Security Think Tank: Is data more or less secure in the cloud?
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
06 Dec 2019
Great Cannon DDoS operation fires on Hong Kong protesters
AT&T’s security unit has evidence that China is pressing its Great Cannon DDoS tool into service once again, specifically to target pro-democracy protests in Hong Kong Continue Reading
-
News
05 Dec 2019
Two Russians indicted over Dridex and Zeus malware
The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans Continue Reading
-
News
04 Dec 2019
Black Hat Europe: Red teams and blue teams must evolve in the 2020s
The red team versus blue team dichotomy is somewhat arbitrary and risks pigeonholing skilled security professionals into certain roles, says Facebook’s Amanda Rousseau Continue Reading
-
Opinion
03 Dec 2019
Cyber security: How to avoid a disastrous PICNIC
Fieldfisher’s David Lorimer examines how individual employees often facilitate cyber attacks, and what can be done to reduce the risk Continue Reading
-
News
29 Nov 2019
TfL locks down Oyster accounts to ward off credential stuffing
Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019 Continue Reading
-
News
29 Nov 2019
Hack Friday: This Christmas, fight back against cyber criminals
It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene? Continue Reading
-
Feature
28 Nov 2019
Get ready for CCPA: Implications for UK businesses
The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the US? Continue Reading
-
News
28 Nov 2019
The Security Interviews: Do cyber weapons need a Geneva Convention?
On a cold afternoon in Finland, F-Secure’s Mikko Hypponen discusses cyber weapons and nation state threats, and explains why arms limitations treaties might one day expand to include malware and other threats Continue Reading
-
News
27 Nov 2019
Security skills gap will take a decade to fill
The British education systems cannot move fast enough to address the security skills crisis, and in the absence of government action increased reliance on automation may be the least worst solution Continue Reading
-
News
26 Nov 2019
Enterprises muddled over cloud security responsibilities
A McAfee study suggests that 2020 will be a big year for cloud adoption, but confusion still persists over who is responsible for securing it Continue Reading
-
Video
26 Nov 2019
CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com
In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies. Continue Reading
-
News
25 Nov 2019
AI may open dangerous new frontiers in geopolitics
Truly artificial intelligence has the potential to provoke an international geopolitical crisis, warns F-Secure’s Mikko Hypponen Continue Reading
-
News
25 Nov 2019
Conservatives propose national cyber crime force
Manifesto also says Tories would “empower the police to safely use new technologies like biometrics and artificial intelligence, along with the use of DNA, within a strict legal framework” Continue Reading
-
News
22 Nov 2019
Mystery surrounds leak of four billion user records
Threat researchers uncover four billion user records on a wide-open Elasticsearch server but who left them there is a mystery Continue Reading