Regulatory compliance and standard requirements
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
09 Apr 2024
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures Continue Reading
-
News
09 Apr 2024
Is a cyber arms control treaty out of reach?
The world needs cyber arms control more than ever, but the challenges facing a multilateral agreement will be hard to surmount, according to researchers at Germany’s Digital Society Institute Continue Reading
-
News
09 Apr 2024
Greek government fined over AI surveillance in refugee camps
Greece’s Data Protection Authority has issued a €175,000 fine against the country’s migration ministry over its deployment of artificial intelligence-powered security systems in refugee camps after the watchdog’s investigation found ‘serious shortcomings’ with the roll-out Continue Reading
-
Feature
05 Apr 2024
Seven ways to be sure you can restore from backup
Backups are no good if you can’t restore from them. We look at key elements of backup restoration, including backup audits, RPOs and RTOs, and how and when to test backups Continue Reading
-
News
04 Apr 2024
Changes needed for SOCs and CSIRTs, claims Dutch research institute
Cyber security specialists need a game-changer to keep up with their adversaries, who increasingly use automation and AI for their attacks Continue Reading
-
Opinion
03 Apr 2024
Security Think Tank: Banning ransomware payments is not so straightforward
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
Opinion
02 Apr 2024
Security Think Tank: How to tackle the scourge of ransomware?
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
Opinion
01 Apr 2024
Security Think Tank: Ransomware lessons from the armed forces
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
29 Mar 2024
Organisations getting better at spotting identity fraud
As the barriers to committing identity fraud continue to drop, organisations should consider more sophisticated technical measures to successfully up their game, according to a report Continue Reading
-
News
28 Mar 2024
UK plc going backwards on cyber maturity, Cisco report claims
Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape Continue Reading
-
News
28 Mar 2024
Sellafield to be prosecuted over alleged cyber compliance failure
Sellafield Ltd, the organisation responsible for cleaning up and decommissioning the UK's largest nuclear waste site, is to be prosecuted over alleged cyber security failings dating back to 2019 Continue Reading
-
News
28 Mar 2024
Counter-eavesdropping agency unlawfully used surveillance powers to identify journalist’s source
More than 750 journalists had their communications data accessed by law enforcement and government agencies between 2018 and 2022 Continue Reading
-
News
27 Mar 2024
Ransomware gang leaks data stolen from Scottish NHS board
Data stolen from an earlier attack on NHS Dumfries and Galloway has been leaked by a ransomware gang that claims to be in possession of much more content Continue Reading
-
News
25 Mar 2024
Which? calls for government action on fake banking sites
Amid high volumes of spoofed, fraudulent banking websites, Which? is calling for the government to implement new legal obligations for domain registrars Continue Reading
-
Tip
22 Mar 2024
Data protection impact assessment template and tips
Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading
-
News
22 Mar 2024
Court finds EncroChat hacked messages admissible as former footballer is jailed
A judge in ‘lead’ EncroChat case found that messages obtained by police from the encrypted phone network can be lawfully used in evidence Continue Reading
-
News
21 Mar 2024
US sues Apple, alleging smartphone monopoly
A major legal action against Apple over its dominance of the smartphone market has kicked off in the US, alleging anticompetitive practices on Apple’s part that have damaged the sector and restricted consumer choice Continue Reading
-
News
21 Mar 2024
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow Continue Reading
-
News
20 Mar 2024
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks Continue Reading
-
Opinion
19 Mar 2024
Board-level buy-in: preparing cyber defences the right way
The cyber security function isn’t a back office team that is never seen and never heard. To truly protect the company, cyber security touches every corner of the business, and it starts from the top Continue Reading
-
News
19 Mar 2024
Australia’s cyber security spending to grow 11.5% this year
Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner Continue Reading
-
News
18 Mar 2024
The Security Interviews: Alex Yampolskiy, SecurityScorecard
Alex Yampolskiy conceived the idea for risk management specialist SecurityScorecard after getting stung by a SaaS supplier that was being cavalier with its customer data. He tells his story to Computer Weekly Continue Reading
-
News
18 Mar 2024
Cohesity: We won’t abandon NetBackup customers or force migration
CEO promises no forced migration to Cohesity and not to abandon any NetBackup product while building new leadership in artificial intelligence and security around Cohesity Gaia Continue Reading
-
News
17 Mar 2024
UK’s AI ambitions pointless while cyber security is still neglected
The UK’s AI ambitions may be at considerable risk without stronger cyber defences across the private and public sectors Continue Reading
-
News
15 Mar 2024
London Mayor’s Office reprimanded over data breach
The London Mayor’s Office has been reprimanded by the ICO after an internal error exposed the data of people who had made complaints against the Metropolitan Police Continue Reading
-
News
14 Mar 2024
Questions raised over NHS deletion of thousands of emails during whistleblower tribunal
NHS doctor Chris Day has won the right to challenge a tribunal ruling that found no procedural unfairness when an NHS trust deleted thousands of emails. The case that raises wider questions about the use of electronic evidence Continue Reading
-
News
13 Mar 2024
British Library opens up over ransomware attack to help others
The British Library has opted for full transparency after experiencing a devastating ransomware attack, publishing details of the intrusion, its response and the lessons it has learned Continue Reading
-
Opinion
12 Mar 2024
A new security partnership to build a silicon valley in South Wales
The £140m acquisition of Newport Wafer Fab by American firm Vishay is to be welcomed but the UK needs needs security, stability and strategic investment to grow our domestic semiconductor capability, writes Alun Cairns MP Continue Reading
-
News
11 Mar 2024
Government not facing up to CNI cyber risks, committee warns
The Joint Committee on the National Security Strategy has accused the government of burying its head in the sand over the cyber threat to UK critical infrastructure Continue Reading
-
Podcast
11 Mar 2024
Podcast: Immutable storage essential against ransomware, but...
...not all immutable storage is created equal. That’s the message from Paul Speciale of Scality, who looks at immutable storage, its variants and what’s needed to secure data Continue Reading
-
News
08 Mar 2024
OSS leaders detail commitments to bolster software security
CISA has announced a number of actions to help secure the global open source ecosystem, as leading package repositories including the Python and Rust foundations advance their own initiatives Continue Reading
-
Definition
08 Mar 2024
electronic protected health information (ePHI)
Electronic protected health information (ePHI) is protected health information that is produced, saved, transferred or received in an electronic form. Continue Reading
-
Opinion
08 Mar 2024
How to address third-party risk to ensure business resiliency
Identifying third-party risks, determining risk controls and treating third-parties as allies are some of the ways to address the risks associated with third-party transactions and business engagements Continue Reading
-
News
07 Mar 2024
PSNI chief denies ‘industrial’ use of surveillance powers against journalists
PSNI chief constable Jon Boutcher has agreed to provide a report on police surveillance of journalists and lawyers to Northern Ireland’s policing watchdog Continue Reading
-
News
07 Mar 2024
NI Policing Board pressed to open inquiry into PSNI spying on journalists’ phones
Amnesty International and the Committee on the Administration of Justice have asked Northern Ireland’s policing watchdog to open an inquiry into the Police Service of Northern Ireland’s use of surveillance powers against journalists Continue Reading
-
News
05 Mar 2024
Rapid7 hits out over botched vulnerability disclosure
Software development firm JetBrains and security specialist Rapid7 fall out over the handling of a critical vulnerability disclosure, while customers are left rushing to patch Continue Reading
-
News
05 Mar 2024
American Express customers exposed through third-party breach
US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach Continue Reading
-
News
05 Mar 2024
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken Continue Reading
-
Opinion
05 Mar 2024
How Southeast Asia’s largest bank is riding the AI wave
DBS has scaled its AI capabilities across all parts of its business to deliver tangible outcomes and productivity gains Continue Reading
-
News
04 Mar 2024
The Security Interviews: Cyber security is about managing risk effectively
Effective cyber security must lead to cyber resilience – that is, the ability to anticipate, protect against, withstand and recover from any adverse condition, disruption or compromise, as Kyndryl’s security practice leader explains Continue Reading
-
News
29 Feb 2024
Police arrested journalists as part of surveillance operation to identify confidential sources
Three police forces took part in surveillance operations between 2011 and 2018 to identify sources that leaked information to journalists Trevor Birney and Barry McCaffrey, the Investigatory Powers Tribunal hears Continue Reading
-
News
28 Feb 2024
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors Continue Reading
-
News
28 Feb 2024
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently Continue Reading
-
News
27 Feb 2024
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not Continue Reading
-
News
27 Feb 2024
Hycu uses AI to develop APIs for SaaS application backup
SaaS applications don’t usually come with built-in data protection, but Hycu plans to tackle that gap in the market with AI to generate the connectors needed to backup user data Continue Reading
-
News
26 Feb 2024
Storage and backup spend in 2024 targets risk and resilience
The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay Continue Reading
-
Opinion
22 Feb 2024
How can we adapt work practices to protect CISO mental health?
Cyber leaders are finding it harder to keep up with security requirements than just two years ago, risking a domino effect of dissatisfaction, burnout and eventually, resignation Continue Reading
-
News
21 Feb 2024
Australian data breach report highlights supply chain risks
The OAIC has called for organisations to proactively address privacy risks from outsourcing personal information handling to third parties Continue Reading
-
News
21 Feb 2024
How Indian fintechs can address compliance issues
Fintechs will need to bolster their know-your-customer practices and establish self-regulatory mechanisms, among other measures, to address compliance issues that have come under the spotlight Continue Reading
-
News
20 Feb 2024
US extradition of Julian Assange is ‘state retaliation’ for exposing war crimes, court hears
Lawyers argue that the US extradition case against WikiLeaks founder Julian Assange is politically motivated and in is breach of the UK-US extradition treaty Continue Reading
-
News
20 Feb 2024
Government agrees law to protect confidential journalistic material from state hacking
The government will update Investigatory Powers Act to require secret intelligence agencies to seek independent approval before accessing confidential journalistic material obtained by bulk hacking, but journalists remain vulnerable to other bulk surveillance powers Continue Reading
-
News
15 Feb 2024
Security-by-design push prompts new ISC2 accreditations
Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles Continue Reading
-
News
14 Feb 2024
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but campaigners warn that racial discrimination will persist with new tool Continue Reading
-
Podcast
14 Feb 2024
Podcast: What is the impact of AI on storage and compliance?
Start now looking at artificial intelligence compliance. That’s the advice of Mathieu Gorge of Vigitrust, who says AI governance is still immature but firms should recognise the limits and still act Continue Reading
-
News
14 Feb 2024
Security experts: Investigatory powers plans will delay security updates
Cyber security experts warn that government proposals to amend the Investigatory Powers Act will limit tech companies’ ability to respond to security threats and could hamper the use of end-to-end encryption Continue Reading
-
Podcast
13 Feb 2024
Podcast: What are snapshots? Can they replace backup?
We talk to Shawn Meyers, field CTO at Tintri, who defines snapshots, why they are no substitute for backups, and the effect on recovery of snapshot granularity Continue Reading
-
News
13 Feb 2024
What will result from Cohesity’s Veritas acquisition?
The $7bn backup giant will leverage huge assets in enterprise customer base, compliance and governance intelligence, AI, R&D, and Kubernetes backup and storage Continue Reading
-
News
09 Feb 2024
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne Continue Reading
-
Definition
08 Feb 2024
ICD-10-PCS (International Classification of Diseases, 10th Revision, Procedure Coding System)
The International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS) is an American adaptation of the World Health Organization's ICD-10 system, tailored for procedural coding in inpatient and hospital settings. Continue Reading
-
News
08 Feb 2024
Executive alleged to be behind EncroChat encrypted phone network arrested
A businessman allegedly behind EncroChat, an encrypted phone network that was used by organised crime groups, has been extradited from the Dominican Republic to France Continue Reading
-
News
07 Feb 2024
Dozens of surveillance companies are supplying spyware to governments, says Google
Google’s Threat Analysis Group has identified 40 companies involved in selling and supplying security exploits and spyware services to governments Continue Reading
-
News
07 Feb 2024
South Staffs Water faces group action over Clop ransomware attack
South Staffordshire Plc, the parent company of South Staffordshire and Cambridge Water, is facing legal action from customers whose data was compromised in a 2022 Clop ransomware attack Continue Reading
-
News
06 Feb 2024
UK’s McPartland Cyber Review to probe trust in technology
The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies Continue Reading
-
News
06 Feb 2024
Inquiry to explore cyber risk to Sunak-Starmer showdown
The UK’s Joint Committee on National Security Strategy is opening an inquiry into securing the democratic process ahead of the next general election Continue Reading
-
News
06 Feb 2024
UK and France push for international agreement on spyware
The UK and France are hosting diplomats, big tech companies and civil society groups, in a two-day conference in London targeting the proliferation of spyware tools and ‘hackers for hire’ Continue Reading
-
Opinion
06 Feb 2024
Three predictions for responding to the cyber threat landscape in 2024
Nominet's Kim Wiles looks to the coming months and calls for cooperation and collaboration on tackling cyber security threats Continue Reading
-
Definition
05 Feb 2024
ICD-10 (International Classification of Diseases, 10th Revision)
The International Classification of Diseases, 10th Revision (ICD-10), is a global standard for classifying and coding mortality and morbidity data. Continue Reading
-
News
05 Feb 2024
Blackbaud blasted for failing to prevent customer breaches
A supply chain attack at software supplier Blackbaud in 2020 saw data on multiple UK organisations compromised. The US authorities are now taking steps to ensure it can’t happen again Continue Reading
-
News
05 Feb 2024
US sanctions Iranians behind CNI cyber attacks
US government issues new sanctions against six Iranians suspected of being behind a series of cyber attacks targeting critical national infrastructure, notably water supply systems Continue Reading
-
Feature
05 Feb 2024
IT security strategy: Assessing the risks of generative AI
Most industry watchers see 2024 as the year when generative AI and large language models will begin moving into enterprise IT Continue Reading
-
Feature
02 Feb 2024
UK police facial recognition explained: What you need to know
In this essential guide, Computer Weekly looks at the use of facial recognition technology by UK police forces, including the points of contention around its deployment so far and where it’s heading next Continue Reading
-
Opinion
31 Jan 2024
AI everywhere all at once
Artificial intelligence became mainstream in 2023. Advances in technology and accessibility led to increased awareness and use of AI Continue Reading
-
News
30 Jan 2024
We need backup! Pennsylvania police data loss shows why
Police evidence systems data was lost during ‘routine maintenance’, with human error blamed – the case clearly illustrates why data protection can’t be left to chance Continue Reading
-
E-Zine
30 Jan 2024
Tech companies warn EU over encryption plans
In this week’s Computer Weekly, tech companies are calling on the European Commission to rethink plans to weaken internet encryption – we explore the issues. We talk to credit rating agency Moody’s about why it thinks now is the time to start investing in quantum computing. And we examine how a different approach to recruitment could ease the datacentre sector skills gap. Read the issue now. Continue Reading
-
News
26 Jan 2024
GenAI tools ‘could not exist’ if firms are made to pay copyright
AI firm Anthropic hits out at copyright lawsuit filed by music publishers, claiming the content ingested into its models falls under ‘fair use’ and that any licensing regime would be too complex and costly Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: Expect more from GenAI in 2024
But 2024 also feels slightly different; the past 12 months have seen generative AI burst on to the scene, and this year its impact will continue to be felt, says Turnkey Consulting's Harshini Carey. Continue Reading
-
Opinion
26 Jan 2024
Quantum, AI and geopolitical conflict: '24 will be a big year for cyber
With big trends like quantum, generative AI and geopolitical conflict, 2024 looks set to be a big year in security, but defenders have an unparalleled opportunity to harness these trends for good, says Quorum's Federico Charosky Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: What to expect in cyber this year
Risk arising from insecure generative AI, an explosion in mainstream acceptance of zero-trust, and increasingly tight cyber insurance policies will all be high on the agenda in 2024, writes Forrester senior analyst Alla Valente Continue Reading
-
Opinion
26 Jan 2024
Bulk sender authentication: More vital than ever
With new guidelines from Google and Yahoo governing bulk emails coming into force in February 2024, here's what you need to know to keep your sales and marketing lists compliant Continue Reading
-
Opinion
25 Jan 2024
The race to regulate AI: 2024 unpacked
EU’s AI Act is set to become ‘gold standard’ of AI regulation. Will other countries adopt the same high standards or like the UK opt for a light touch in favour of growth and investment? Continue Reading
-
News
25 Jan 2024
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023 Continue Reading
-
Opinion
25 Jan 2024
Security Think Tank: 2024 is the year we bridge the cyber divide
ISACA's Steven Sim Kok Leong shares his thoughts on the coming year in cyber security, considering the impact of regulatory change, the evolving role of the CISO, and advances in innovative cyber tech Continue Reading
-
News
24 Jan 2024
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks Continue Reading
-
Podcast
23 Jan 2024
Podcast: Storage and compliance outlook for 2024
Interesting times ahead in 2024 as we talk to Mathieu Gorge, CEO of Vigitrust, about updates to EU regs, PCI, NIST, post-Brexit divergence and 60 national elections across the globe Continue Reading
-
Feature
23 Jan 2024
Expert guide to e-discovery
An expert guide to why your organisation needs an electronic discovery policy and how to go about creating one Continue Reading
-
News
23 Jan 2024
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences Continue Reading
-
News
23 Jan 2024
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack Continue Reading
-
E-Zine
23 Jan 2024
Davos 2024: AI disinformation tops global risks
In this week’s Computer Weekly, AI-generated disinformation and misinformation will be the top risks for businesses, governments and the public over the next two years, according to the World Economic Forum. Intel’s CTO discusses the chip maker’s plans for the European market. And we examine the dearth of digital skills among elected officials. Read the issue now. Continue Reading
-
News
22 Jan 2024
Chat control: Tech companies warn ministers over EU encryption plans
Tech companies have written to EU ministers to urge them to back the European Parliament, rather than the European Commission, over proposed regulations to police child abuse Continue Reading
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading
-
News
18 Jan 2024
Cyber non-profit enlists ex-NCSC head as technical chair
Founding NCSC chief exec Ciaran Martin is to join the newly launched Cyber Monitoring Centre non-profit as chair of its technical committee Continue Reading
-
News
17 Jan 2024
NCSC invites security pros to join the big leagues
The NCSC is inviting security pros from across the UK to sign up to work with its experts on an intelligence-sharing initiative Continue Reading
-
Feature
17 Jan 2024
Cloud-to-cloud backup: What it is and why you (probably) need it
Basic cloud data protection is just not enough. Several loopholes leave business data vulnerable and that means additional cloud-to-cloud backup should be seriously considered Continue Reading
-
News
17 Jan 2024
Victims of 2023 Capita data breaches head to High Court
More than 5,000 people impacted by data breaches arising from two cyber incidents affecting outsourcer Capita have joined a group action lawsuit Continue Reading
-
News
17 Jan 2024
Singapore proposes governance framework for generative AI
AI Verify Foundation and Infocomm Media Development Authority have proposed a governance framework for generative AI to address the risks and concerns about the emerging technology Continue Reading
-
Feature
15 Jan 2024
British Library cyber attack explained: What you need to know
In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
-
News
15 Jan 2024
Russia hacked ex-MI6 chief’s emails – what they reveal is more Dad’s Army than deep state
A Russian hacking group that published emails of ex-MI6 chief Richard Dearlove claimed to have uncovered a conspiracy, but it was more Dad’s Army than the ‘deep state’, Computer Weekly and Byline Times reveal Continue Reading
-
News
15 Jan 2024
How legal disclosure failures disrupted the Post Office Horizon inquiry
From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry Continue Reading
-
News
15 Jan 2024
EU amendment changes open source definition
The EU Cyber Resilience Act has the potential to cause confusion among open source developers, with questions remaining over open development Continue Reading
-
News
15 Jan 2024
NCA director sacked after WhatsApp and email security breaches
Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp Continue Reading