Regulatory compliance and standard requirements
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
11 Jun 2021
CMA secures commitments from Google on future of cookies
The Competition and Markets Authority is opening a consultation on commitments offered to it by Google to ensure its Privacy Sandbox proposals do not harm digital advertising markets Continue Reading
-
News
11 Jun 2021
UK promises tougher line on cyber crime
Speaking ahead of the G7 Summit, foreign secretary Dominic Raab says the UK is ready to take on cyber criminals and other malicious actors wherever they may be Continue Reading
-
News
11 Jun 2021
Australia names ‘strategic’ datacentre operators
Australia’s Digital Transformation Agency certifies Macquarie Telecom, Canberra Data Centres and Australian Data Centres as strategic operators for hosting government data Continue Reading
-
Feature
10 Jun 2021
How the pandemic changed backup
The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading
-
News
10 Jun 2021
Australian organisations face heightened cyber attacks
Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020 Continue Reading
-
News
09 Jun 2021
FBI arrests distributors accused of selling An0m encrypted phones to crime groups
Working with overseas law enforcement, the FBI has arrested eight people and named a further 13 accused of distributing An0m phones to organised crime groups Continue Reading
-
News
09 Jun 2021
RSA spins out fraud and risk unit as Outseer
RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer Continue Reading
-
News
08 Jun 2021
NHS Digital delays data collection plans until September
NHS Digital has postponed its proposed collection of GP data for two months, to allow more time for the public to understand the process and opt out if wanted Continue Reading
-
News
08 Jun 2021
National data guardian calls for dialogue on NHS Digital GP plans
The UK’s national data guardian says it is important the public has clarity on how their confidential medical information will be used and kept secure under NHS data-sharing plans Continue Reading
-
News
07 Jun 2021
Police raids around world after investigators crack An0m cryptophone app in major hacking operation
Police in 16 countries carried out raids on after Australian Police and the FBI cracked an encrypted An0M communications network used by crime groups Continue Reading
-
News
07 Jun 2021
EU privacy chief investigates use of US cloud services
Use of Amazon and Microsoft’s cloud services by public sector bodies in the European Union is being scrutinised by the bloc’s privacy watchdog Continue Reading
-
Opinion
07 Jun 2021
NHS Digital’s GP data-scraping plan must be publicised and delayed
The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman Continue Reading
-
News
07 Jun 2021
Updated standard contractual clauses will provide ‘legal certainty’ for transfer of data
Organisations have 18 months to update data transfer agreements, known as standard contractual clauses, or SCCs, to continue sharing data outside the European Union Continue Reading
-
News
03 Jun 2021
Norway’s auditor general lifts lid on energy industry’s cyber security risks
Auditor General’s Office questions the security posture of Norway’s energy industry Continue Reading
-
News
03 Jun 2021
Tories fined over email data protection breaches
The Conservative Party broke the law by failing to properly keep records of who had unsubscribed from its mailing list Continue Reading
-
Feature
02 Jun 2021
Buying a VPN? Here’s what you need to know
VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading
-
Opinion
01 Jun 2021
Long-term thinking is vital to secure UK’s critical infrastructure
To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie Continue Reading
-
News
01 Jun 2021
Exagrid pays $2.6m to Conti ransomware attackers
Backup appliance specialist hit by Conti ransomware in May with cyber criminals downloading employee and customer data, confidential contracts and source code Continue Reading
-
News
01 Jun 2021
Ex-IT manager stole over £800,000 from NHS trust
A former senior IT manager at an Essex NHS trust has pleaded guilty to defrauding his employer out of more than £800,000 Continue Reading
-
News
28 May 2021
Privacy experts concerned over NHS data collection plans
Security and data privacy experts warn NHS Digital that its data collection plans could increase risk and cause a public backlash Continue Reading
-
News
27 May 2021
Loss of 150,000 police records made worse by management failures
The loss of 150,000 records from a number of national policing systems was caused by a human coding error, but made worse by process and management failures Continue Reading
-
News
27 May 2021
NGOs file complaints against Clearview AI in five countries
Privacy and human rights organisations have asked data protection regulators in the UK, France, Austria, Italy and Greece to investigate controversial facial recognition company Clearview AI Continue Reading
-
News
26 May 2021
Millions of pounds lost to crypto fraud on social media
More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud Continue Reading
-
News
25 May 2021
GCHQ bulk interception programme breached privacy rights, Strasbourg court rules
European Court of Human Rights finds that the UK’s bulk surveillance programme breached citizens’ privacy rights Continue Reading
-
Opinion
25 May 2021
Policies key to revolutionising Identity Governance and Administration
The proliferation of digital identities, applications, data, security threats and compliance requirements means that Identity Governance and Administration (IGA) has never been more important, but not all organisations are approaching it in an effective and efficient way Continue Reading
-
News
25 May 2021
Threat of group GDPR legal action haunts CISOs
The vast majority of security leaders questioned for a new report say they are concerned about the possibility of group legal settlements against them following a serious data breach Continue Reading
-
News
25 May 2021
Industry reflects on three years of GDPR
Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection Continue Reading
-
News
24 May 2021
Air India is latest victim of Sita hack
Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack Continue Reading
-
News
24 May 2021
Dutch researchers build security software to mimic human immune system
Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection Continue Reading
-
Feature
24 May 2021
How Bureau Veritas migrated 85% of its applications to the AWS cloud
In six years, France-based services giant BV has migrated 115 applications to the AWS cloud, mostly using in-house expertise. We talk to the company’s IT director Continue Reading
-
News
24 May 2021
MEPs urge European Commission to revise UK adequacy decisions
Members of the European Parliament are calling for the European Commission to ensure EU citizens have greater privacy rights Continue Reading
-
News
20 May 2021
Pandemic tech use heightens consumer privacy fears
Report on consumer attitudes to privacy finds evidence of a “heightened sense of fear” as digital footprints expand inexorably Continue Reading
-
News
20 May 2021
UK government publishes framework on automated decision-making
The framework focuses on making the use of algorithms and automated decision-making systems within the public sector more ethical, transparent and accountable Continue Reading
-
News
19 May 2021
Reports of stolen Irish health service data being leaked online
Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang Continue Reading
-
News
18 May 2021
Microsoft EU Data Boundary dubbed ‘smoke and mirrors’
Data protection experts claim Microsoft’s decision to create an EU Data Boundary is a tacit admission that it routinely transfers and processes the personal data of European citizens outside the bloc Continue Reading
-
News
18 May 2021
Irish High Court dismisses legal bid by Facebook over EU-US data transfers
Latest twist in long-running legal battle sees Facebook lose legal bid to prevent the Irish Data Protection Commissioner suspending its transfer of data about European citizens to the US Continue Reading
-
News
14 May 2021
Dutch police used deep learning model to predict threats to life
Dutch police developed a deep learning model in their EncroChat investigation to predict which messages contain serious threats to life Continue Reading
-
Opinion
14 May 2021
The shape of fraud and cyber crime: 10 things we learned from 2020
While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises Continue Reading
-
News
13 May 2021
Biden beefs up public-private security cooperation
Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing Continue Reading
-
News
13 May 2021
Verizon DBIR underscores year of unprecedented cyber challenge
Verizon 2021 Data Breach Investigations Report draws predictable conclusions as the impact of the Covid-19 pandemic continues to be felt Continue Reading
-
News
12 May 2021
UK government publishes Online Safety Bill draft
Bill builds on previous commitments by the government, which has added new measures to uphold democracy and freedom of speech while making tech giants more accountable Continue Reading
-
News
11 May 2021
Collaboration key to success of UK’s Cyber Security Council
The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event Continue Reading
-
News
11 May 2021
Government to reform Computer Misuse Act
Home secretary Priti Patel will explore reforming the Computer Misuse Act as calls mount for the 31-year-old law to be updated to reflect the changed online world Continue Reading
-
News
11 May 2021
Swedish court finds ambiguities in hacked EncroChat cryptophone evidence
Defence lawyer claims evidence obtained by hacking the EncroChat encrypted phone network has ‘no legal’ value following Swedish appeal court ruling Continue Reading
-
News
11 May 2021
Colonial Pipeline ransomware attack has grave consequences
The ramifications of a major ransomware attack against a US fuel pipeline operator could spread far and wide Continue Reading
-
Feature
07 May 2021
How do I get my users to pay attention to security training?
As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees? Continue Reading
-
News
07 May 2021
NCSC publishes smart city security guidelines
Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects Continue Reading
-
News
07 May 2021
Cyber accreditation to improve legal standing of security pros
Institute of Cyber Digital Investigations Professionals will help incident responders and cyber investigators get the professional recognition they deserve Continue Reading
-
News
06 May 2021
Government urged to add scam protections to Online Safety Bill
Group of organisations calls for the government to use the Online Safety Bill to protect people from cyber scams Continue Reading
-
News
06 May 2021
Scammers accidentally reveal fake Amazon review data
More than 13 million records relating to an organised fake review scam have been found on an unsecured ElasticSearch database, implicating hundreds of thousands of people in unethical behaviour Continue Reading
-
News
06 May 2021
HSBC blocks £249m in UK fraud with voice biometrics
HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases Continue Reading
-
News
05 May 2021
Why ITAM can aid IT-fuelled business recovery
As a sense of normality returns, we look at why IT asset management is the stealth tool for clearing a path towards greater digitisation Continue Reading
-
Feature
05 May 2021
How GCHQ proposes to implement and use ethical AI
The rise of cyber crime and the escalating threat vectors facing the UK have led GCHQ to invest in automated threat detection and response systems to meet this challenge, as well as liaising with the private sector for the first time Continue Reading
-
Feature
05 May 2021
Deploying productivity monitoring software ethically
While software that tracks the activities of staff can be helpful to companies with a remote workforce, managers must consider employees’ concerns and privacy Continue Reading
-
News
04 May 2021
Half of organisations breached via a third party in 12 months
New report highlights the risks of outsourcing key business processes without paying due care and attention to your service provider’s security Continue Reading
-
News
30 Apr 2021
EncroChat: Top lawyer warned CPS of risk that phone hacking warrants could be unlawful
Lord David Anderson QC warned prosecutors that there were formidable arguments against the lawfulness of a police operation to infiltrate the encrypted phone network, EncroChat Continue Reading
-
News
30 Apr 2021
MPs accuse government of unduly interfering in information commissioner appointment
Cross-party group of MPs says government is influencing the appointment of a new information commissioner by explicitly seeking a candidate who will support its policy agenda, rather than regulate independently Continue Reading
-
Opinion
30 Apr 2021
The case for vaccine passports: the real world versus the digital world
What are the security issues challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
29 Apr 2021
G7 countries to cooperate on digital regulation
Digital and technology ministers outline their agenda for how technology can be used to facilitate the post-Covid recovery, signalling closer collaboration in key areas of the digital economy Continue Reading
-
News
28 Apr 2021
Covid-19 security challenges leave bank customers at risk
Challenges arising from the pandemic have left gaping holes in banking security, putting consumers at risk of fraud Continue Reading
-
News
28 Apr 2021
Recruiters can’t afford to hold out for cyber ‘unicorns’
The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic Continue Reading
-
News
28 Apr 2021
Office 365 compromise likely led to Merseyrail ransomware attack
Compromise of Merseyrail employee data seems to have begun after a key email account was hacked Continue Reading
-
News
28 Apr 2021
NHS App to serve as vaccine passport for foreign holidays
Existing NHS App will have vaccine passport functionality added to it, transport secretary confirms Continue Reading
-
Feature
28 Apr 2021
Backup failure: Four key areas where backups go wrong
We look at the key ways that backups can fail – via software issues, hardware problems, trouble in the infrastructure and good old human error – and suggest ways to mitigate them Continue Reading
-
News
27 Apr 2021
UK supermarkets to trial age estimation tech for alcohol purchases
Biometric age estimation technology developed by Yoti to be tested in UK supermarkets for alcohol purchases as part of government-led digital identities initiative Continue Reading
-
News
27 Apr 2021
The Security Interviews: Making sense of outbound email security
Screening inbound emails is an accepted part of an organisation’s security posture, but the topic of securing outbound traffic is less often discussed. Zivver’s Rick Goud is on a mission to change this Continue Reading
-
News
22 Apr 2021
GCHQ: Cyber investment a guarantor of UK’s global status
GCHQ director Jeremy Fleming sets out a vision for the UK’s cyber security future Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
News
21 Apr 2021
EU lays out plans to regulate AI development
Proposal aims to encourage the development of ethical artificial intelligence systems that do not infringe the human rights of EU citizens Continue Reading
-
News
20 Apr 2021
Health app myGP adds Covid-19 vaccine passport function
The new feature is described as the UK’s first NHS-assured Covid-19 certification feature Continue Reading
-
News
20 Apr 2021
UK’s proposed IoT cyber security law gathers momentum
New statistics appear to vindicate UK government proposals to force suppliers to be upfront about IoT security Continue Reading
-
News
18 Apr 2021
Government puts Facebook under pressure to stop end-to-end encryption over child abuse risks
Facebook faces growing government pressure to abandon its plans to offer users end-to-end encryption to secure the privacy of their messages as the NSPCC raises concerns about child protection Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Biden sanctions Russia over SolarWinds cyber attacks
US president imposes new sanctions on Russia following malicious cyber attacks against the US and allies Continue Reading
-
News
15 Apr 2021
Ireland’s DPC launches probe into Facebook leak
The Irish Data Protection Commission has launched an ‘own volition’ inquiry into the leak of data from 500 million Facebook profiles Continue Reading
-
Definition
14 Apr 2021
compliance risk
Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting from its failure to act in accordance with industry laws and regulations, internal policies or prescribed best practices. Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports must be secure by design
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Opinion
12 Apr 2021
What has a year of home working meant for the DPO?
Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months Continue Reading
-
News
11 Apr 2021
Executive interview: Unleashing blockchain’s potential
Labrys founder and CEO Lachlan Feeney offers his observations about blockchain adoption in Australia, and what his firm is doing to help organisations unleash the full potential of the technology Continue Reading
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
07 Apr 2021
A billion extra contactless payments in year since limit increase
Visa said there was an extra one billion contactless payments made by its customers last year Continue Reading
-
Blog Post
06 Apr 2021
API Daze
Earlier this week, the US Supreme Court ruled that Google did not infringe Oracle copyright on the Java SE API (application programming edition). The fact the US Supreme Court has digested a load ... Continue Reading
-
News
01 Apr 2021
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
31 Mar 2021
Nordics run information sharing on digital vaccination passports
Nordic countries advance plans for digital Covid-19 vaccination passports in a bid to kick-start their economies Continue Reading
-
News
26 Mar 2021
Surveillance expert ‘unfairly’ refused job at intelligence regulator after MI5 intervened
The Home Office unfairly refused Eric Kind, a specialist in criminal justice and UK surveillance law, clearance for a job at an intelligence watchdog after MI5 claimed he was “insufficiently deferential” Continue Reading
-
Feature
26 Mar 2021
Backup appliances the hot topic for Pas-de-Calais fire brigade
With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
-
News
25 Mar 2021
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
-
News
24 Mar 2021
UK faces significant cyber talent shortfall
Cyber security sector is struggling to attract the talented workforce it needs Continue Reading
-
Opinion
24 Mar 2021
Employees must be given the right to disconnect
As enterprises increasingly turn to workplace monitoring technologies and more of the workforce moves to remote or hybrid working, unions are campaigning for workers’ ‘right to disconnect’ and not engage in digitally enabled work after hours Continue Reading
-
Feature
23 Mar 2021
Anti-money laundering technology must operate in a collaborative ecosystem
With new technologies making it easier for banks to spot money laundering activity, we look at why the problem persists at scale, finding that ecosystems and collaborative processes need to be built Continue Reading
-
News
22 Mar 2021
Unionised drivers call on Microsoft to suspend Uber’s Face API licences
Unionised private hire drivers in the UK are calling for Microsoft to suspend Uber’s licences to use its Face API technology after claims the ride-hailing firm’s ID-checking system has led to drivers losing their jobs and having licences revoked Continue Reading
-
News
18 Mar 2021
Eastern Health reports ‘cyber incident’, takes systems offline
Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Digital Green Certificate proposed for travel in Europe
Digital Green Certificates will supposedly help re-establish freedom of movement within the European Union Continue Reading
-
News
17 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
News
16 Mar 2021
Uber and Ola ordered to hand over more data to drivers
A Dutch court has rejected Uber and Ola’s claims that drivers collectively taking action to access their data amounts to an abuse of their individual data access rights, laying the ground for drivers to form their own union-controlled data trust Continue Reading