IT for telecoms and internet organisations
Telecoms is one of the largest business sectors, and communications providers often have large IT budgets and are early adopters of new technologies. Our news and analysis of this important industry looks at how telecommunications firms, ISPs and other internet companies are using IT, and the regulatory issues that affect the services they provide.
-
News
20 Nov 2024
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks Continue Reading
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
Opinion
19 Nov 2024
Underfunded, under pressure: We must act to support cyber teams
With almost half of cyber pros experiencing more incidents this year, security leaders say their teams are coming under increasing strain. Businesses must be more proactive approach about building a resilient, future-ready workforce Continue Reading
-
Opinion
19 Nov 2024
Overcoming the cyber paradox: Shrinking budgets – growing threats
The challenging macro environment has left security budgets stretched thin even while new tech like AI presents a threat multiplier. In the face of these challenges, it becomes vital for security leads to do more to maintain funding Continue Reading
-
News
18 Nov 2024
AWS widening scope of MFA programme after early success
AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025 Continue Reading
-
News
18 Nov 2024
UK consumers losing more than ever to holiday scams
Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign Continue Reading
-
News
12 Nov 2024
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update Continue Reading
-
News
12 Nov 2024
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023 Continue Reading
-
Opinion
12 Nov 2024
Strengthening cyber: Best IAM practices to combat threats
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
News
12 Nov 2024
Police cloud project raises data protection concerns despite legal reforms
Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud Continue Reading
-
Feature
08 Nov 2024
Beyond VPNs: The future of secure remote connectivity
As more companies adopt cloud services and remote work, the limitations of VPNs are becoming obvious. We explore what’s next for secure remote connectivity Continue Reading
-
Feature
08 Nov 2024
What are the security risks of bring your own AI?
The rise of generative AI has led to a plethora of publicly accessible artificial intelligence tools, but what are the risks when external AI tools are used with corporate data? Continue Reading
-
News
07 Nov 2024
Google Cloud MFA enforcement meets with approval
Latest Google Cloud policy to enforce multifactor authentication across its user base is welcomed by security professionals Continue Reading
-
News
07 Nov 2024
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders Continue Reading
-
Opinion
05 Nov 2024
User-centric security should be core to cloud IAM practice
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
News
01 Nov 2024
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats Continue Reading
-
Opinion
30 Oct 2024
IAM best practices for cloud environments to combat cyber attacks
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
News
29 Oct 2024
EMEA businesses siphoning budgets to hit NIS2 goals
With NIS2 now in effect, European business leaders are having to divert budget from elsewhere to achieve compliance Continue Reading
-
News
28 Oct 2024
UK launches cyber guidance package for tech startups
The NCSC and NPSA, alongside agencies from the Five Eyes alliance, have issued guidance for startups on how to secure themselves against common cyber threats and targeted industrial espionage Continue Reading
-
Feature
24 Oct 2024
Kenyan workers win High Court appeal to take Meta to trial
Despite the company arguing that Kenyan courts have no jurisdiction over an American company, the Nairobi High Court has ruled that Meta must face more than 180 content moderators and data labellers in court over allegedly poor working conditions, negative mental health impacts, and loss of pay Continue Reading
-
News
22 Oct 2024
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large Continue Reading
-
Opinion
11 Oct 2024
Robust cloud IAM should align to zero-trust principles
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware. Continue Reading
-
News
10 Oct 2024
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them Continue Reading
-
News
10 Oct 2024
UK and US pledge closer working on children’s online safety
In their first agreement on the subject of children’s online safety, the UK and US governments have said they will create a new working group to boost cooperation Continue Reading
-
News
09 Oct 2024
Five zero-days to be fixed on October Patch Tuesday
Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform Continue Reading
-
News
08 Oct 2024
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks Continue Reading
-
News
08 Oct 2024
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses Continue Reading
-
Feature
07 Oct 2024
Why responsible AI is a business imperative
Tools are emerging for real-world AI systems that focus more on responsible adoption, deployment and governance, rather than academic and philosophical questions about speculative risks Continue Reading
-
News
04 Oct 2024
UK telcos including BT at risk from DrayTek router vulnerabilities
A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis Continue Reading
-
News
04 Oct 2024
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne Continue Reading
-
News
04 Oct 2024
Cups Linux printing bugs open door to DDoS attacks, says Akamai
The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai Continue Reading
-
News
03 Oct 2024
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report Continue Reading
-
Opinion
03 Oct 2024
Rise of the cyber clones: When seeing isn’t believing
It is frighteningly easy to clone someone else's identity using readily-available artificial intelligence tools Continue Reading
-
News
02 Oct 2024
Amazon Mechanical Turk workers suspended without explanation
A likely glitch in Amazon Payments resulted in hundreds of Mechanical Turk workers being suspended from the platform without proper explanation or pay Continue Reading
-
News
01 Oct 2024
Cyber teams say they can’t keep up with attack volumes
Over 60% of European security pros say their teams are understaffed, and over 50% don’t have enough budget, according to data from ISACA Continue Reading
-
Opinion
30 Sep 2024
The cyber industry needs to accept it can't eliminate risk
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
Opinion
27 Sep 2024
Defaulting to open: Decoding the (very public) CrowdStrike event
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
Opinion
27 Sep 2024
Cyber companies need a best practice approach to major incidents.
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
26 Sep 2024
Racist Network Rail Wi-Fi hack was work of malicious insider
Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers Continue Reading
-
News
24 Sep 2024
Unique malware sample volumes seen surging
BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks Continue Reading
-
Opinion
24 Sep 2024
How to respond when your cyber company becomes the story
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
Opinion
23 Sep 2024
Security Think Tank: Win back lost trust by working smarter
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
Opinion
23 Sep 2024
Gartner: Mitigating security threats in AI agents
Agents represent a step-change in the use of artificial intelligence in the enterprise - as attendees at Salesforce's annual conference saw first hand this month - but do not come without their risks Continue Reading
-
Opinion
20 Sep 2024
CrowdStrike incident shows we need to rethink cyber
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
18 Sep 2024
M1 ditches 70% of legacy systems in cloud transformation drive
Singapore telco M1 is switching off 70% of its legacy systems by the end of 2024 and leveraging Salesforce to offer more personalised services Continue Reading
-
News
18 Sep 2024
Dreamforce 24: Salesforce taps Nvidia to power Agentforce
At Dreamforce in San Francisco, Salesforce and Nvidia detail some of the tech that will power the software giant's newly launched Agentforce service Continue Reading
-
News
18 Sep 2024
Europol provides detail on Ghost encrypted comms platform takedown
Law enforcement bodies from across the world have revealed how they collaborated to bring down encrypted network Ghost and the new ways of working that have been established with Europol at the centre Continue Reading
-
News
18 Sep 2024
Dreamforce 2024: Salesforce calls on customers to flesh out AI vision
A stream of customers helped Salesforce make the case for its Agentforce artificial intelligence offering on the opening day of the annual Dreamforce conference in San Francisco Continue Reading
-
Feature
17 Sep 2024
Misinformation runs deeper than social media
While social media may contribute to the increasing rapid spread and reach of misinformation, the root causes of the problem go much deeper than the role of a particular company or way of using technology to communicate Continue Reading
-
News
13 Sep 2024
Vodafone/Three merger likely to increase mobile prices, warns competition watchdog
A Competition and Markets Authority investigation finds the proposed merger of the two mobile operators would be bad for competition – but offers companies the chance to suggest remedies Continue Reading
-
News
05 Sep 2024
NCSC and allies call out Russia's Unit 29155 over cyber warfare
The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155 Continue Reading
-
News
05 Sep 2024
Canadian arrested by France after cooperating with US on Sky ECC cryptophone investigation
Thomas Herdman, who faces charges in France over his involvement in distributing Sky ECC encrypted phones, was arrested by French police despite agreeing to cooperate with US law enforcement Continue Reading
-
News
02 Sep 2024
UK and Ukraine digital trade deal comes into force
The UK eases access to the deep tech startup community in Ukraine through digital-only agreement Continue Reading
-
News
29 Aug 2024
Telegram CEO Pavel Durov under formal investigation, released on bail
European Commission confirms it has powers to place Telegram under ‘direct supervision’ if it meets the threshold for regulation under the Digital Services Act Continue Reading
-
News
29 Aug 2024
Iranian APT caught acting as access broker for ransomware crews
Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits Continue Reading
-
Opinion
29 Aug 2024
Cyber law reform should be top of Labour's policy list
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
Opinion
28 Aug 2024
A coherent Labour cyber strategy depends on consistency
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
28 Aug 2024
Global cyber spend to rise 15% in 2025, pushed along by AI
Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner Continue Reading
-
Opinion
27 Aug 2024
Extending zero-trust principles to endpoints
By combining zero-trust principles with other security strategies and continuously monitoring and improving their security posture, organisations can effectively mitigate risks and protect their resources, says Gartner's Nikul Patel Continue Reading
-
Opinion
27 Aug 2024
The US courts may have thrown a wrench into cyber regulation
A recent decision by the US Supreme Court to overrule the longstanding Chevron Deference has serious implications for global cyber security regulation Continue Reading
-
Opinion
27 Aug 2024
Public education on security must be a top priority for Labour
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
22 Aug 2024
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line. Continue Reading
-
News
20 Aug 2024
Phishing links becoming bigger threat than email attachments
Phishing techniques are evolving away from malicious email attachments, according to a report Continue Reading
-
Opinion
19 Aug 2024
How might the UK's cyber landscape change under Labour?
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
Opinion
15 Aug 2024
Google's cookie conundrum: What comes next?
Google's revised approach to third-party cookies shouldn't come as a surprise, and may also be welcome Continue Reading
-
Opinion
15 Aug 2024
With the right tools and strategy, public cloud should be safe to use
Despite the complexity and evolving nature of threats, with the right strategy, tools, and constant vigilance, businesses can safely and securely leverage public cloud services Continue Reading
-
News
14 Aug 2024
August Patch Tuesday proves busy with six zero-days to fix
Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update Continue Reading
-
News
13 Aug 2024
NIST debuts three quantum-safe encryption algorithms
NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can Continue Reading
-
Feature
09 Aug 2024
Deep dive into quantum-resistant cryptography for email security
Quantum computers have the potential to crack many of the encryption methods we currently rely on to keep our digital communications safe. Quantum-resistant cryptography may be the answer Continue Reading
-
Feature
09 Aug 2024
How UK firms can get ready for the implementation of NIS2
Many British companies will need to adhere to NIS2’s cyber security risk management and reporting requirements if they want to continue operating in the EU market and avoid huge fines Continue Reading
-
News
08 Aug 2024
Royal ransomware crew puts on a BlackSuit in rebrand
The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA Continue Reading
-
News
08 Aug 2024
Ofcom issues online safety warning to firms in wake of UK riots
Ofcom has issued a warning reminding social media firms of their upcoming online safety obligations, after misinformation about the Southport stabbings sparked racist riots throughout the UK Continue Reading
-
News
07 Aug 2024
Rocketing AI demand sees Lumen light up custom networks division
Connectivity provider shakes up corporate structure in response to artificial intelligence economy changing business operations and companies recognising need for powerful network to manage unprecedented data flows and demand Continue Reading
-
News
06 Aug 2024
2024 seeing more CVEs than ever before, but few are weaponised
The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies Continue Reading
-
News
05 Aug 2024
Chinese cyber attack sparks alert over six-year-old MS vuln
After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824 Continue Reading
-
News
05 Aug 2024
World’s largest companies at near-universal risk of supply chain breach
Data from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by unexpected IT problems and cyber threats Continue Reading
-
Opinion
05 Aug 2024
Cyber lessons, and priorities for the UK's new government
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
Opinion
01 Aug 2024
Is it time to refresh the UK's cyber strategy?
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
01 Aug 2024
Banks, telcos call for more data sharing to fight fraud
A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud Continue Reading
-
Opinion
31 Jul 2024
When critical cyber response becomes second nature
When alerts and headlines blare out warnings of critical vulnerabilities in widely-used software, the cyber security community needs to adopt a more decisive and clear-cut approach, says Huntress' Chris Henderson Continue Reading
-
Feature
30 Jul 2024
CISO mentoring – who to turn to when the worst happens
Those who get the role of a CISO may have overcome some professional hurdles, but are they ready to face what comes as part of the job? And who do they ask for advice? We look at the mentoring dilemma Continue Reading
-
Feature
29 Jul 2024
CrowdStrike update chaos explained: What you need to know
A botched software update at cyber security firm CrowdStrike has caused IT chaos around the world. Learn more about the global CrowdStrike update outage as it develops Continue Reading
-
News
29 Jul 2024
Scam CrowdStrike domains growing in volume
Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out Continue Reading
-
News
29 Jul 2024
CrowdStrike says most Falcon sensors now up and running
The vast majority of CrowdStrike Falcon sensors affected by a coding error have now been recovered, with a final resolution expected this week Continue Reading
-
News
29 Jul 2024
WTO digital trade agreement aims to modernise global commerce
A digital trade deal negotiated over five years at the World Trade Organization has been signed by 91 countries, laying the groundwork for a new global digital trade regime Continue Reading
-
Opinion
26 Jul 2024
Mastering data privacy in the age of AI
AI continues to revolutionise how organisations operate, using vast amounts of personal data to make smart, informed decisions. However, this incredible potential comes with concerns about data privacy. DQM GRC's Mark James explores the issues. Continue Reading
-
Opinion
26 Jul 2024
Cyber crisis? How good PR can save your brand
Cyber attacks and data breaches can happen to anybody and often bring reputational damage and a loss of customer trust. How organisations publicly respond to such incidents can make or break them, and the importance of a good PR strategy cannot be underestimated Continue Reading
-
Opinion
26 Jul 2024
Cloud security challenges not just technological
The Computer Weekly Security Think Tank considers how CISOs and security practitioners should ensure that the business can make use of public cloud services safely and securely and avoid accidental or deliberate data leakage. Continue Reading
-
News
24 Jul 2024
CrowdStrike blames outage on content configuration update
CrowdStrike publishes the preliminary findings of what will be a lengthy investigation into the root causes of the failed 19 July update that caused Windows computers to crash all over the world Continue Reading
-
News
24 Jul 2024
Mimecast to buy insider threat specialist Code42
Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms Continue Reading
-
News
23 Jul 2024
Chrome cookies reprieved amid Google Privacy Sandbox changes
Google abruptly changes tack on third-party cookies in its Chrome web browser, cancelling plans to deprecate them in favour of an unspecified ‘new experience’ for users Continue Reading
-
News
22 Jul 2024
NCSC: Beware of criminal CrowdStrike opportunists
Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow Continue Reading
-
News
22 Jul 2024
CrowdStrike chaos shows risks of concentrated ‘big IT’
The concentration of so much mission-critical technology in the hands of a few large suppliers makes incidents like the Microsoft-CrowdStrike outage all the more dangerous Continue Reading
-
News
18 Jul 2024
Growth in nude image sharing heightens cyber abuse risk
The normalisation of sharing self-created intimate content with others is putting great numbers of people at risk of online abuse, says Kaspersky Continue Reading
-
News
17 Jul 2024
UK Cyber Bill teases mandatory ransomware reporting
In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting Continue Reading
-
News
16 Jul 2024
Incubator Plexal heads to Singapore for CyberBoost
Cyber startup hub Plexal expands its presence to Singapore through a new initiative, and sets its sights on helping new UK businesses break into the booming Asia-Pacific market Continue Reading
-
News
12 Jul 2024
AT&T loses ‘nearly all’ phone records in Snowflake breach
Hackers have stolen records of virtually every call made by AT&T's customers during a six-month period in 2022, after compromising the US telco's Snowflake data environment Continue Reading
-
News
12 Jul 2024
Public awareness of ID security grows, but big obstacles remain
Consumers are improving their awareness of the issues around digital identity security, but there are still some big issues preventing many from doing better, according to an Okta report Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
09 Jul 2024
Hyper-V zero-day stands out on a busy Patch Tuesday
Microsoft has fixed almost 140 vulnerabilities in its latest monthly update, with a Hyper-V zero-day singled out for urgent attention Continue Reading
-
News
09 Jul 2024
Chinese spies target vulnerable home office kit to run cyber attacks
China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert Continue Reading
-
News
09 Jul 2024
Room to grow in UK for Tata Consultancy Services after half a century
Indian-headquartered IT giant has built a large UK footprint as part of its global network, a commitment which is helping it increase its business in the UK’s public sector Continue Reading