Data breach incident management and recovery

Paddy Power hit by data breach in 2010

Gambling firm Paddy Power owns up to 2010 data breach after recovering a compromised dataset in Canada Continue Reading

By

• Alex Scroxton, Security Editor

Barclays passes government’s ‘internet-born threat’ test

Barclays Bank has been awarded the government’s cyber security certificate for digital banking services after independent tests of services such as Pingit Continue Reading

Security Think Tank: The dos and don’ts of a good incident response plan

What does a good information security incident response plan look like? Continue Reading

By

• Tim Holman, 2-sec

ISPs take legal action against GCHQ over mass network infrastructure surveillance

Six global internet service providers (ISPs) have filed a legal complaint calling for a halt to GCHQ’s use of network infrastructure for surveillance Continue Reading

By

• Alex Scroxton, Security Editor

Domino’s breach underlines value of personal data, say experts

The latest cyber breach to hit a high-profile brand underlines the high value of personal data, say security experts Continue Reading

By

• Warwick Ashford, Senior analyst

eBay under fire over handling of data breach

eBay is coming under increasing criticism over its handling of the data breach that exposed millions of user records Continue Reading

By

• Warwick Ashford, Senior analyst

eBay reveals major security breach and urges users to change passwords

eBay has revealed it was hit by a major cyber attack earlier this year, and is urging users to change their site passwords. Continue Reading

Shell thinks technology first in preparation for internet of everything

Shell is reshaping its business to think technology first as it uses the internet of everything to change its business processes Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

US judge orders Microsoft to hand over email data held in Dublin

A US Judge has ordered Microsoft to give the District Court access to the contents of one of its customer’s emails stored on a server located in Dublin Continue Reading

By

• Archana Venkatraman, Datacentre Editor

Cyber threat detection paramount, says SANS fellow

Cyber threat prevention is ideal, but detection is a must, says Eric Cole, SANS Institute fellow Continue Reading

By

• Warwick Ashford, Senior analyst

Datacentre lessons learnt from Heartbleed bug

The Heartbleed bug, an OpenSSL flaw affecting millions of websites, has some lessons for datacentre providers and operators Continue Reading

By

• Archana Venkatraman, Datacentre Editor

Law Society advises legal industry's IT teams over cloud

The Law Society has published best-practice advice for legal firms' IT teams that are considering using cloud computing, following increased use of the cloud to store data Continue Reading

The Cyber Security Challenge UK 2014

The Cyber Security Challenge UK is a series of events designed to test the ability of thousands of amateur applicants who have skills in the cyber security space. Continue Reading

By

• Clare McDonald, Business Editor

Hacktivism: good or evil?

IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading

By

• Dai Davis, Percy Crow Davis & Co

Governance, Risk Management and Compliance (GRC)

Ensuring that all the stakeholders' information needs are met requires a holistic approach to managing information – the creation of a GRC platform, say analysts Clive Longbottom and Rob Bamforth. Continue Reading

Legal briefing: The Draft EU General Data Protection Regulation

This report from law firm Morrison & Foerster, sets out some of the most important changes for private sector organisations in the draft EU Data Protection Regulation. Continue Reading

Bank of England publishes Waking Shark II cyber security exercise results

Bank of England publishes the results of its Waking Shark II security exercise, which tested financial institutions' contingency plans for cyber attack Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

CERT-UK to drive international cyber security collaboration

The UK’s new national computer emergency response team (CERT-UK) is set to drive international cyber security collaboration once it becomes operational Continue Reading

By

• Warwick Ashford, Senior analyst

Internet at risk of 'cybergeddon' says WEF

Internet is at risk of fragmenting amid concerns over spying and cyber crime, says World Economic Forum Continue Reading

By

• Bill Goodwin, Computer Weekly

NSA uses secret radio tech to spy on offline computers

The US National Security Agency (NSA) has the capacity to monitor, enter and alter data on computers even if the machines are not connected to the internet, it has emerged Continue Reading

By

• Warwick Ashford, Senior analyst

More than 1,100 DWP workers disciplined over benefits snooping

More than 1,100 employees at the Department for Work and Pensions have received official warnings since 2008 for prying into benefits records Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Security considerations for UK enterprises

This Research Snapshot from Vanson Bourne looks at IT security spending trends, awareness of cyber-threats, and the factors perceived as the biggest security risks for organisations. Continue Reading

UK citizen sues Microsoft over Prism private data leak to NSA

A court action brought in the UK will test Microsoft's legal right to disclose private data on UK citizens to US intelligence services Continue Reading

By

• Fiona O’Cleirigh

Cybercrime and warfare: All that matters

Peter Warren and Michael Streeter assess the history, scale and importance of cyber crime in this chapter from their book, Cybercrime and warfare: All That Matters. Continue Reading

Investec CISO warns that legacy tapes will fail on new hardware

Many organisations may find that years of irreplaceable tape backups are inaccessible because modern machines cannot handle legacy format Continue Reading

By

• Cliff Saran, Managing Editor

Mass surveillance a bad idea, says Information Commissioner Christopher Graham

Information Commissioner Christopher Graham says issues of national security must not overshadow concerns of legitimate public interest Continue Reading

By

• Warwick Ashford, Senior analyst

Global profiles of the fraudster

Computers, rather than conmen, are set to be the future face of fraud, as criminals turn to robotics in an effort to avoid detection, this report from KPMG reveals. Continue Reading

Analysis: RSA says security needs to change, but what does that mean?

RSA executive chairman Art Coviello has issued a call to action to the security industry to improve technology and collaboration Continue Reading

High street retailers fight back with multi-channel IT

In this week’s Computer Weekly, we examine how high street retailers are fighting back against online rivals by using IT to support multi-channel customers – and Tesco’s marketing chief explains how it works at the UK’s biggest supermarket chain. Also, we ask how recent revelations about government internet surveillance affect the protection of corporate information. Read the issue now. Continue Reading

MoD announces specialist programme to fend off cyber attacks

The Ministry of Defence (MoD) has announced a strategy to defend UK national security from the threat of cyber attacks Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Ex-hackers best qualified to improve cyber security say 70% of IT firms

Over half of businesses are not taking IT security seriously enough and almost three quarters of IT professionals think ex-hackers could be the right people to help businesses improve cyber-security. Continue Reading

Small businesses must encrypt customer data, says ICO

The Information Commissioner’s Office (ICO) urges small businesses to encrypt customer data after a sole trader was fined for failing to do so Continue Reading

NSA and GCHQ unlock online privacy encryption

UK and US intelligence agencies have unlocked the technology used to encrypt online services, including email, online banking and medical records. Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Windows 2012 Server Network Security

This book chapter offers an introduction to Windows 8 and Windows Server 2012 network security and IPv6. It includes a 30% discount code for Computer Weekly readers. Continue Reading

Windows Server 2012 Security from End to Edge and Beyond

This extract from the book Windows Server 2012 Security from End to Edge and Beyond shows you how to plan your platform security requirements and gives you the critical questions to ask. Continue Reading

Printing: a false sense of security?

Louella Fernandes and Bob Tarzey show how secure printing technology can provide authentication, authorisation and accounting capabilities, helping businesses improve document security and meet compliance regulations. Continue Reading

Disinfecting PCs false security, says security expert

Many companies proud of their ability to identify and clean malware infected machines are missing a trick, says veteran security expert Continue Reading

By

• Warwick Ashford, Senior analyst

Rapid7 United 2013 Security Summit

View the pics from Rapid7’s recent security summit in Boston. Continue Reading

By

• Kayleigh Bateman, Computer Weekly

Box.com forges new cloud security model

Service providers and consumers need to move to a security model better suited to the cloud computing, says Box.com Continue Reading

By

• Warwick Ashford, Senior analyst

Case study: Keeping it private at Beth Israel Deaconess after the Boston Marathon Attacks

Doctor and healthcare CIO shares his lessons learned from the Boston Marathon attacks and how to protect patient data Continue Reading

By

• Kayleigh Bateman, Computer Weekly

Targeted attacks and how to defend against them

Analysts Bob Tarzey and Louella Fernandes assess the scale and real impact of targeted attacks the measures being taken to defend against them. Continue Reading

An introduction to cyber liability insurance cover

Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists Continue Reading

By

• Sarb Sembhi

IT security case studies

Four critical IT security case-studies selected from the winners of Computer Weekly's European User Awards for security Continue Reading

Needle in a Datastack: The rise of big security data

This research from McAfee investigates how well organisations are positioned to address the challenges of managing security in a world of ever increasing amounts and types of data. Continue Reading

2013 Cost of Data Breach Study: UK

The cost of data breaches has risen for UK organisations over the past year, the Ponemon Institute reveals. Continue Reading

Security Think Tank Download: Bring your own device

Downloadable guide. How to make your company secure when you introduce BYOD. Continue Reading

IT Security Case Studies

Warwick Ashford presents 4 essential IT security case-studies selected from the winners of Computer Weekly's European User Awards. Continue Reading

2013 Cost of Data Breach Study: UK

The cost of data breaches has risen for UK organisations over the past year, but companies that appoint chief information security officers with enterprise-wide responsibilities can reduce their costs, this report from the Ponemon Institute reveals Continue Reading

ICO fines Glasgow City Council for loss of unencrypted laptops

Glasgow City Council has been fined £150,000 for losing two laptops which held personal details of more than 20,000 people Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Human error causes most data breaches, Ponemon study finds

Human errors and system problems caused two-thirds of data breaches in 2012, according to a study from Symantec and the Ponemon Institute Continue Reading

By

• Warwick Ashford, Senior analyst

Information Governance

This research from AIIM looks at the risk profile around electronic records, the keep-all versus delete-all options, e-discovery, and the implications of social, mobile and cloud on risk management policies. Continue Reading

Cyber criminals hack Washington court system

Hackers gain access to the personal data of 160,000 US citizens after compromising Washington State court service servers Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Computer Weekly European User Awards for Security: Winners

The winners are in for the Computer Weekly European User Awards for Security. See who made the top spots. Continue Reading

By

• Kayleigh Bateman, Computer Weekly

What’s to be done about data breach discovery?

The time from first contact by cyber attackers to the victim learning of it is still measured in months and years, not hours and days Continue Reading

By

• Warwick Ashford, Senior analyst

CW buyer's guide: context-aware security

This 11-page Computer Weekly buyer's guide looks at how organisations should approach context-aware security technologies and what business benefits they can deliver. Continue Reading

Information Security Breaches Survey 2013

Security breaches cost large businesses an average of £850,000, the 2013 Information Security Breaches Survey reveals. Continue Reading

CW Special Report on CSC

This 16-page report from Computer Weekly analyses the challenges facing CSC, its financial performance, the services it offers, its place in the IT market and its future strategy. Continue Reading

Another online firm hit by data breach

Online deals service LivingSocial is the latest company to report a breach of its computer systems that may mean attackers accessed customer details Continue Reading

Spam SMS messages drop following ICO penalty

The number of spam SMS messages has significantly reduced since government regulator ICO issued £440,000 fines last year Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Effective print security for SMBs

Analysts Louella Fernandes and Clive Longbottom discuss how integrated print management provides SMBs with a simple and scalable approach for print security. Continue Reading

UK government sets up cyber security fusion cell

A cyber security “fusion cell” for cross-sector threat data sharing aims to put government, industry and information security analysts side-by-side Continue Reading

By

• Warwick Ashford, Senior analyst

How to configure Mac OS X Server

This step by step guide shows you how to configure Max OS X Server. Continue Reading

Information security trends

This report from CompTIA, based on original research, assesses the current trends in information security. Continue Reading

Territorial Army on the hunt for information assurance professionals

TA to recruit IT security professionals into the Royal Signals to strengthen cyber operations Continue Reading

By

• Kayleigh Bateman, Computer Weekly

What is RSA's build, buy, partner strategy?

Computer Weekly takes a closer look at RSA's build, buy, partner strategy Continue Reading

By

• Warwick Ashford, Senior analyst

The security risk sweeping Europe

Never have we been so open about the information we share online, without so little concern for our privacy. Social media can be a threat to a company, not just to what information an employee chooses to disclose, but because social media sites are prime targets for cybercrime. In this issue of CW Europe read how the increase in social media usage has created new privacy concerns for businesses. Continue Reading

The Demise in Effectiveness of Signature and Heuristic Based Antivirus

Anti-virus technology is failing to protect organisations from malicious attacks. Security professionals should look at alternative strategies, the NNC group argues in this report. Continue Reading

Twitter strengthens login security after hacker attack

Days after a hacking attack, it has emerged that Twitter plans to strengthen its login security with two-factor authentication Continue Reading

By

• Warwick Ashford, Senior analyst

Twitter resets a quarter of a million accounts after hacker attack

Twitter has reset the passwords of 250,000 accounts after detecting and shutting down a hacker attack last week. Continue Reading

By

• Warwick Ashford, Senior analyst

IT Security Purchasing Intentions 2013 - Europe

TechTarget surveyed 250+ IT pros about security media purchasing in Europe. Continue Reading

By

• Warwick Ashford, Senior analyst

ICO hits Sony with £250,000 data breach penalty

The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act Continue Reading

How to preserve forensic evidence in the golden hour after a breach

There is a golden hour at the outset where a clear head and good planning can make or break any subsequent forensic investigation Continue Reading

By

• Martin Roots, NIIP

IT Security Purchasing Intentions 2013

This in-depth research from Computer Weekly and TechTarget reveals the IT security spending priorities of businesses in the UK and Europe. Continue Reading

Nasa to encrypt data after latest breach

Nasa is to encrypt all its mobile computers after the loss of a laptop containing personal information about more than 10,000 staff Continue Reading

By

• Warwick Ashford, Senior analyst

Many UK firms underestimate cost of data breaches, study finds

Many UK organisations are still failing to understand the implications and costs of data breaches, a study has revealed Continue Reading

By

• Warwick Ashford, Senior analyst

Secure your data – protect your business

This guide for C-level executives explains the risks faced by businesses and the practical solutions they can take to secure their data. Continue Reading

The Global State of Information Security Survey 2013: Key Findings

This global study examines the state of cyber-security and the impact of cyber crime and offers advice to businesses on reducing the risks. Continue Reading

Apple iOS 6.0.1 update fixes four security holes

iOS platform gets an update to 6.0.1 to fix security and stability problems. WebKit holes and kernel faults list among Apple’s list of patched bugs. Continue Reading

By

• SearchSecurity.in Staff

ICO hits Stoke-on-Trent City Council with £120,000 fine

Stoke City Council has breached the Data Protection Act, for the second time in two years, after details of a child protection legal case were emailed to the wrong person. Continue Reading

By

• Jennifer Scott, TechTarget

CIO interview: Gerry Pennell, CIO, London 2012 Olympic Games

As the job of a lifetime nears its end, London 2012 CIO Gerry Pennell talks exclusively to Computer Weekly about his Olympic experience Continue Reading

Cyber attacks launched at London 2012 Olympic Games every day

The IT supporting the London 2012 Olympics was hit by cyber attacks every day during the Games, says London 2012 CIO Gerry Pennell Continue Reading

By

• Bryan Glick, Editor in chief

Google offers Street View of datacentres

Google offers Street View of its datacentres and a virtual tour of how users' data is stored, with an emphasis on security practices Continue Reading

McKinnon's mum gives tearful thanks after government halts US extradition

The mother of Gary McKinnon thanks those who helped their 10-year campaign against a US extradition order for hacking federal computers Continue Reading

By

• Mark Ballard

Theresa May: Hacker Gary McKinnon to stay in UK

Hacker Gary McKinnon will stay in UK, home secretary Theresa May has told MPs Continue Reading

By

• Cliff Saran, Managing Editor

Organisations need alternative data protection as security models fail

Organisations' security models are failing - so could it be time to adopt an intelligence-led approach to data protection and fighting cyber crime? Continue Reading

By

• Warwick Ashford, Senior analyst

RSA Europe: Thousands of unprotected virtual servers exposed to the web

Organisations are failing to protect data in virtual environments, says Jason Hart, vice-president cloud solutions, SafeNet Continue Reading

By

• Warwick Ashford, Senior analyst

Security firm warns against Samsung Galaxy Tab for enterprise use

Security specialist Context Information Security says vulnerabilities in the Samsung Galaxy Tab make it unsuitable for use in the enterprise Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

HMRC deploys Becrypt off-the-shelf encryption

HMRC will use Becrypt Disk protect, which has recently been certified under the government’s Commercial Product Assurance (CPA) Scheme. Continue Reading

By

• Cliff Saran, Managing Editor

Data Protection Masterclass: New EU Data Protection Regulation

Law firm, Morrison & Foerster, examines the impact of new EU Data Protection legislation on buinsesses. Continue Reading

BYOD: IT must tackle printer security

With more staff bringing their own devices to work, IT needs to rethink its printing and scanning policies Continue Reading

By

• Cliff Saran, Managing Editor

CW Buyer's Guide: Data Security

This in-depth buyer's guide offers advice to CISOs on keeping up with security best practice as new EU data protection rules come into force Continue Reading

Maltego tutorial - Part 1: Information gathering

Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target. Continue Reading

By

• Karthik Poojary, Amazon

Microsoft to fix 23 vulnerabilities in May 2012 Patch Tuesday

Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework. Continue Reading

By

• SearchSecurity.com Staff

SOCA takes its website offline in DDoS response

Just days after SOCA shut down carder sites, the agency was the victim of a DDoS attack, leading SOCA to takes its website offline. Continue Reading

By

• Jane Wright, TechTarget

SOCA shuts down network of CVV sellers' carder sites

The Serious Organised Crime Agency shut down 36 CVV sellers who were selling stolen credit card and banking credentials to buyers around the world. Continue Reading

By

• Ron Condon

Information security intelligence demands network traffic visibility

Use the network and host data at your disposal to create business-focused information security intelligence policies and strategies. Continue Reading

By

• Aaron Turner, Contributor

SIEM deployment case study shows patience is required

Williams Lea’s SIEM is already helping reduce manual log reviews. But there’s still a lot of work to be done before the SIEM can be fully deployed. Continue Reading

By

• Ron Condon

Apple iOS 5.1 patches 81 vulnerabilities

Alongside its ‘new iPad’ release, Apple Inc. releases iOS 5.1, the latest version of its mobile computing platform with fixes for 81 security holes. Continue Reading

By

• SearchSecurity.in Staff

Web application vulnerability statistics show security losing ground

New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks. Continue Reading

By

• Ron Condon

IT in Europe, Security Edition: Password security standards and trends

Passwords have long been a security problem. This IT in Europe: Security Edition looks at password trends and alternative forms of authentication. Continue Reading

By

• SearchSecurity.co.UK Staff