Regulatory compliance and standard requirements
-
News
19 Dec 2024
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee Continue Reading
-
Opinion
19 Dec 2024
The Data Bill: It’s time to cyber up
The Computer Misuse Act is outdated and needs reform - so it's disappointing to see the government decline an opportunity to update the legislation, says the peer who proposed amendments Continue Reading
-
News
24 Jul 2023
Why cyber security should be part of your ESG strategy
The impact of data breaches and cyber threats on businesses, societies and the environment makes cyber security a key consideration in an environment, social and governance strategy Continue Reading
-
Feature
21 Jul 2023
Handbook helps Dutch organisations migrate to quantum-safe communication
Organisations must start implementing new cryptography standards – as migration is a lengthy process Continue Reading
-
Opinion
21 Jul 2023
The problem with ‘secure’ messaging
Secure instant messaging is becoming a norm for business communications but it raises three important security and compliance questions Continue Reading
-
Definition
21 Jul 2023
invitation to tender (ITT)
An invitation to tender (ITT) is a formal document that is issued by a company or an organization inviting suppliers or contractors to submit a bid for a project or service. Continue Reading
-
Feature
21 Jul 2023
What the Product Security and Telecommunications Infrastructure Act means for UK industry
For years, many network-connected devices have lacked adequate security, putting their users and others at risk of cyber attacks. The UK’s PSTI Act aims to prevent this by mandating minimum security requirements, but what impact will this have on industry? Continue Reading
-
News
21 Jul 2023
Government boosts protection for encryption in Online Safety Bill but civil society groups concerned
House of Lords adopts amendment to require Ofcom to commission a report before requiring technology companies to scan encrypted messages, but drops proposals for judicial oversight Continue Reading
-
News
20 Jul 2023
How the DSMA balances security and privacy with press freedom
In a world of information sharing and 24-hour news cycles, the Defence and Security Media Advisory committee have to balance national security and data privacy with freedom of the press Continue Reading
-
Opinion
19 Jul 2023
At the gates – How to survive the era of cyber insecurity
Businesses face more legal risks, a mine field of regulation, and individual liability for failures. Getting the basis right is more important than ever. Continue Reading
-
News
19 Jul 2023
Half of cyber pros engage in risky behaviour at work, report claims
Approximately 55% of security professionals say they have engaged in behaviours they would more usually advise against in the workplace, according to a report Continue Reading
-
News
19 Jul 2023
Cyber criminal AI tool WormGPT produces ‘unsettling’ results
A newly discovered generative AI tool dubbed WormGPT is being sold to the cyber criminal underground via the dark web, and poses a significant danger, researchers warn Continue Reading
-
Opinion
19 Jul 2023
Prepare for quantum to fundamentally change PKI effectiveness
Encryption has always been a fundamental aspect of Public Key Infrastructure but the rise of quantum computing poses a significant threat to this. Thales' John Cullen says post-quantum cryptography may hold the key to safeguarding the future. Continue Reading
-
News
18 Jul 2023
NATO membership to drive Nordic cyber security sector growth
The Nordic cyber security sector will see increasing demand as Finland and Sweden joint NATO Continue Reading
-
Opinion
17 Jul 2023
The essential role of PETs in unlocking the trillion dollar SaaS market
Ahead of the Eyes-Off Data Summit in Dublin, Jack Fitzsimons of Oblivious AI explains why so-called Privacy Enhancing Technologies or PETs may hold the key to unlocking the full potential of SaaS in the enterprise Continue Reading
-
News
17 Jul 2023
Police Scotland use cloud for biometric data despite clear risks
Police Scotland confirms it has stored significant volumes of biometric data on a cloud-based digital evidence sharing system despite major ongoing data protection concerns, bringing into question the effectiveness of the current regulatory approach and the overall legality of using hyperscale public cloud technologies in a policing context Continue Reading
-
Opinion
14 Jul 2023
Improve business outcomes by managing data and analytics risk
An effective data and analytics risk and control environment requires a full understanding of data, analytics and AI risks, related risk decisions and their impact on business outcomes Continue Reading
-
News
13 Jul 2023
MPs launch inquiry into government use of data
The Public Administration and Constitutional Affairs Committee is to investigate the possibility of reforming the way government collects and analyses data, and whether the UK census could be scrapped Continue Reading
-
News
12 Jul 2023
Forensic Institute provides Hansken viewing method for Dutch lawyers
Dutch lawyers can now view crypto communication in criminal cases from their own workplace via digital search engine Hansken. Previously, this had to be done at an external location Continue Reading
-
News
12 Jul 2023
Ofcom’s online safety preparedness efforts hobbled by government
Despite Ofcom’s progress so far, UK government changes to the scope and timetable of the Online Safety Bill are hobbling the ability of the regulator to successfully prepare for the new regime Continue Reading
-
News
12 Jul 2023
Whistleblower contacts NatWest customers affected by a decade-old data breach
Former worker says contacting the people affected by the data breach is her last resort after the bank and regulators appear satisfied that the sensitive data file is safe stored under her bed Continue Reading
-
News
11 Jul 2023
EU formally grants data adequacy to US
The European Commission has formally granted the US data adequacy, allowing companies and organisations to freely transfer personal data across the Atlantic via the EU-US Data Privacy Framework. But privacy activist Max Schrems has already committed to legally challenging the decision Continue Reading
-
News
11 Jul 2023
Malicious URL volumes soar as cyber criminals pull on Threads
Malicious actors have been quick to exploit the buzz around Meta’s newly launched Threads platform, with thousands of new suspicious domains registered exploiting its branding Continue Reading
-
Feature
11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI
Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
-
News
07 Jul 2023
Suspicious email reported every five seconds in UK
National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year Continue Reading
-
News
06 Jul 2023
VMware ramps up on sovereign cloud in APAC
VMware is working with local partners to deliver sovereign cloud services in the region, amid growing sovereignty interests among governments and the need maintain business continuity Continue Reading
-
News
06 Jul 2023
Biometrics watchdog calls for public space surveillance review
The biometrics and surveillance camera commissioner is calling for a review of public space surveillance to gain a clearer picture about the proliferation of Chinese surveillance technology across the public sector, but warns against applying double standards on companies just because they are from China Continue Reading
-
News
06 Jul 2023
Meta’s Threads hits app stores, but no EU launch in sight
Meta’s Twitter competitor makes its debut and signs up millions of users in just 12 hours, but concerns over compliance with the EU’s Digital Markets Act have sunk a pan-European launch for now Continue Reading
-
News
05 Jul 2023
Germany: European Court of Justice hears arguments on lawfulness of EncroChat cryptophone evidence
The European Court of Justice will decide whether the collection and sharing of data intercepted by law enforcement from EncroChat crypto phone network is compatible with European law Continue Reading
-
News
05 Jul 2023
UK public increasingly concerned over NHS data sovereignty
Amid security concerns and AI advances, a majority of the British public still trusts the NHS to store and analyse their health data, but would prefer it remains domiciled in the UK Continue Reading
-
News
04 Jul 2023
EU judgment sinks Meta’s argument for targeted ads
The EU Court of Justice has issued a significant judgment against Meta, ruling that national anti-trust bodies can investigate GDPR breaches, disrupting the platform’s entire basis for carrying out targeted advertising Continue Reading
-
News
30 Jun 2023
AI can never be given control over combat decisions, Lords told
Artificial intelligence is technically incapable of distinguishing between the complex contextual factors of combat situations, and will likely never be able to, according to legal and software experts Continue Reading
-
Opinion
30 Jun 2023
The time to implement an internal AI usage policy is now
As with any emerging technology, AI’s growth in popularity establishes a new attack surface for malicious actors to exploit, thereby introducing new risks and vulnerabilities to an increasingly complex computing landscape. Continue Reading
-
News
28 Jun 2023
Charity demands transparency in digital universal credit system
The digital universal credit system needs overhauling to ensure greater transparency over benefit claims and more effective means of redress when things go wrong, says child poverty charity Continue Reading
-
News
28 Jun 2023
GDPR tax reclaim scheme preys on fears of SMEs
IT suppliers are a target of companies offering a tax reclaim scheme that preys on small businesses’ fears around General Data Protection Regulation compliance Continue Reading
-
News
27 Jun 2023
3,600 potential cyber security experts apply to government scheme
The UK government’s Upskill in Cyber programme is reporting great success just a month after launch, with almost half of applicants women Continue Reading
-
Opinion
26 Jun 2023
ChatGPT’s phishing ‘problem’ may not be overstated
Some data now suggests that threat actors are indeed using ChatGPT to craft malicious phishing emails, but the industry is doing its best to get out in front of this trend, according to the threat intelligence team at Egress Continue Reading
-
News
23 Jun 2023
ICO under fire for taking limited action over serious data breaches
The ICO has come under fire from lawyers and data protection specialists for just issuing written warnings to two public bodies over serious data breaches that placed people’s lives at risk Continue Reading
-
Feature
23 Jun 2023
Generative AI: Data privacy, backup and compliance
We look at generative AI and the risks it poses to data privacy for the enterprise, implications for backup, and potentially dangerous impacts on compliance Continue Reading
-
News
23 Jun 2023
Phishing and ransomware dominate Singapore’s cyber threat landscape
Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene Continue Reading
-
News
21 Jun 2023
Nearly quarter of a million malicious websites reported and removed through NCSC service
A suspicious email and text message reporting service in the UK has directly led to a quarter of a million malicious websites being removed Continue Reading
-
Podcast
21 Jun 2023
Podcast: Cloud security, compliance and data classification
The rise of cloud has led to a proliferation of enterprise data and a rise in risk. We talk to Vigitrust CEO Mathieu Gorge about how to ensure compliance in a multicloud world Continue Reading
-
Feature
20 Jun 2023
ChatGPT is creating a legal and compliance headache for business
ChatGPT’s increased use in the workplace has led many to question its legal and compliance implications for businesses. Experts warn that the software poses major security and copyright risks Continue Reading
-
Definition
19 Jun 2023
PCI compliance
PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information. Continue Reading
-
News
15 Jun 2023
NCSC warns over ‘enduring’ LockBit threat
Although its activity volumes have been lower of late, LockBit is still a highly dangerous ransomware gang and is now the subject of a new international cyber advisory Continue Reading
-
News
14 Jun 2023
Ransomware-stricken Capita to run Action Fraud successor
A £50m deal to replace the Action Fraud service has been handed to PwC and Capita, which is facing investigations over its handling of customer data in a ransomware incident Continue Reading
-
Podcast
14 Jun 2023
Podcast: Containers, Kubernetes, data protection and compliance
Containers offer benefits to application deployment, but they proliferate, so tracking them for compliance purposes can be a challenge. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading
-
News
14 Jun 2023
TSB calls on Meta to intervene and protect users from fraud losses of £250m this year
TSB is the latest bank to demand more action from social media sector in helping to reduce online fraud Continue Reading
-
News
13 Jun 2023
Arnold Clark data leak victims prepare legal action
More than 10,000 people who had their data stolen and leaked in a ransomware attack on the Arnold Clark car dealer network have signed up to a group legal action after facing elevated amounts of fraud Continue Reading
-
News
13 Jun 2023
(ISC)² and CIISec set out to make cyber language more inclusive
Newly published guide on appropriate use of language in cyber security aims to help make the profession more inclusive for all Continue Reading
-
News
09 Jun 2023
UK and US move closer to transatlantic data bridge deal
The British and American governments have committed, in principle, to a new data bridge agreement that will ease the free flow of personal data across the Atlantic Continue Reading
-
News
08 Jun 2023
UK gets new rules to regulate crypto sector
The Financial Conduct Authority is introducing new rules to regulate the cryptoasset sector, after being handed a government remit to oversee crypto promotions Continue Reading
-
Opinion
08 Jun 2023
Regulatory ‘lacuna’ around facial recognition threatens rights
The UK is heading for a “legal quagmire” around live facial recognition if the government and regulators do not take action to rein in use of the technology before it becomes ubiquitous Continue Reading
-
News
08 Jun 2023
Bishop Fox’s Vinnie Liu talks offensive security skills
There is growing demand for offensive security testing, but it needs a multi-layered skillset that can be hard to quantify. Bishop Fox’s CEO and co-founder explains why and some potential mitigation strategies Continue Reading
-
Podcast
08 Jun 2023
Podcast: Storage, backup, AI and data classification at RSA 2023
Much discussion at RSA 2023 about artificial intelligence, the risks to data protection, storage and compliance, plus risk and data classification, especially its impacts on access and data management Continue Reading
-
News
07 Jun 2023
UKtech50 2023 winner: Michelle Donelan/Chloe Smith, secretary of state, DSIT
Computer Weekly looks at the achievements and successes of the Department for Science, Innovation and Technology, as its secretary of state is recognised as the most influential person in UK technology for 2023 Continue Reading
-
News
07 Jun 2023
Clop cyber gang claims MOVEit attack and starts harassing victims
The Clop cyber extortion and ransomware operation is demanding organisations pay a ransom to avoid data stolen via an exploited vulnerability in a file transfer product being leaked Continue Reading
-
News
06 Jun 2023
Google launches hacker-backed SME security training scheme
Citing research that shows almost half of SMEs are struggling to recruit cyber security specialists, Google is launching a programme designed to upskill more people to fill thousands of vacant roles Continue Reading
-
News
05 Jun 2023
Bank of International Settlement sets up channel secure from quantum breach
The Bank of International Settlement has worked with two of Europe's central banks to explore preventing the security risks posed by quantum computers Continue Reading
-
Opinion
02 Jun 2023
Discovering the Diversity Process Flow in cyber
The UK Cyber Security Council's Simon Hepburn explains the Council's new Diversity Process Flow framework, and outlines its potential implications for ethnic minorities in the cyber sector Continue Reading
-
News
01 Jun 2023
Met Police director of intelligence defends facial recognition
The Met Police’s director of intelligence has appeared before MPs to make the case for its continuing use of facial-recognition technology, following announcements from the force and the Home Office that they intend to press on with its adoption Continue Reading
-
Opinion
01 Jun 2023
Generative AI – the next biggest cyber security threat?
Following the launch of ChatGPT in November 2022, several reports have emerged that seek to determine the impact of generative AI in cyber security. Undeniably, generative AI in cyber security is a double-edged sword, but will the paradigm shift in favour of opportunity or risk? Continue Reading
-
Opinion
31 May 2023
Security Think Tank: A brief history of (secure) coding
From controlling who was allowed to work with IBM mainframes to present-day DevSecOps techniques, the concept of secure coding has a longer history than you might think Continue Reading
-
News
30 May 2023
Downstream breaches of Capita customers spreading
As many as 90 organisations that used Capita services have now reported data breaches arising from various security incidents at the outsourcer Continue Reading
-
News
26 May 2023
Cisco joins growing Manchester cyber security hub
Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills Continue Reading
-
Opinion
26 May 2023
Five key steps where there is a risk of fraud investigation
When fraud investigators come knocking, there are some important ways in which management and senior IT professionals can make sure their company is best protected. Continue Reading
-
News
25 May 2023
Cabinet Office publishes response to data sharing for digital ID consultation
The majority of respondents to government’s consultation on data sharing for digital identity are critical to the plans and concerned about data privacy, but Whitehall’s response says many of the responses ‘were driven by anti-digital commentaries’ Continue Reading
-
News
24 May 2023
Almost all ransomware attacks target backups, says Veeam
Some 93% of ransomware attacks go for backups and most succeed, with 60% of those attacked paying the ransom, according to a Veeam survey Continue Reading
-
News
24 May 2023
Kuwait bank introduces biometric payments card
Middle East bank launches payment cards with fingerprint sensor technology embedded Continue Reading
-
News
23 May 2023
Cohesity Turing aims AI tools at backup and ransomware
Backup supplier continues to enrich its ecosystem with more artificial intelligence for backup and ransomware, with chat-like reporting functions and new security partners in its alliance Continue Reading
-
News
22 May 2023
Facebook owner Meta fined record €1.2 billion over EU-US data transfers
Decision could have implications for other companies using Standard Contractual Clauses to share data between Europe and the US Continue Reading
-
Feature
15 May 2023
How AI ethics is coming to the fore with generative AI
The hype around ChatGPT and other large language models is driving more interest in AI and putting ethical considerations surrounding their use to the fore Continue Reading
-
News
12 May 2023
Let’s put an end to secrecy and cover-ups in ransomware attacks
The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them Continue Reading
-
News
11 May 2023
Australia to shore up cyber and digital capabilities in Budget 2023
Australia is spending more than A$2bn to strengthen cyber resilience, improve digital government services and fuel AI adoption, among other areas, in its latest budget Continue Reading
-
News
11 May 2023
Journalists’ confidential communications subject to unlawful spying, court hears
Campaign group Liberty and the National Union of Journalists tell Court of Appeal the government has not gone far enough to protect confidential journalist information and sources from surveillance Continue Reading
-
News
10 May 2023
Black Basta ransomware attack to cost Capita over £15m
Exceptional costs arising from the March 2023 Black Basta ransomware attack on the systems of outsourcer Capita will be somewhere between £15m and £20m, the organisation says Continue Reading
-
Definition
09 May 2023
standardization
Standardization is the process of developing, promoting and possibly mandating standards-based and compatible technologies and processes within an industry. Continue Reading
-
News
09 May 2023
OVHcloud aims to bring Glacier-like cloud archive to Europe
OVHcloud makes Cold Archive GA with deep archive storage cheaper than AWS’s offer and all based on IBM 3592 tape hardware spread across four sites with Atempo backup Continue Reading
-
News
08 May 2023
Chat control: EU lawyers warn plans to scan encrypted messages for child abuse may be unlawful
Leaked legal advice warns that European ‘chat control’ proposals to require tech companies to scan private and encrypted messages for child abuse are likely to breach EU law Continue Reading
-
News
05 May 2023
Capita pension clients told data may have leaked
Capita has told trustees of some of the pension funds for which it provides outsourced services that their customer data may have been stolen by the Black Basta ransomware operation Continue Reading
-
News
05 May 2023
Santander reports increase in scams and admits fraud head was impersonated
Santander has reported an increase in impersonation scams, and admitted its own head of fraud was impersonated by a fraudster Continue Reading
-
News
03 May 2023
Cyber Action Plan for Wales launched
The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country Continue Reading
-
News
03 May 2023
Government anti-fraud strategy targets the tech behind the scams
The UK government’s anti-fraud strategy proposes to make it much harder for criminals to target their victims by cracking down on the exploitation of technology Continue Reading
-
Feature
03 May 2023
Data classification tools: What they do and who makes them
Data classification is necessary for all organisations for reasons that range from simply putting data on the most cost-efficient media to ensuring legal and regulatory compliance Continue Reading
-
News
03 May 2023
US competition watchdog issues generative AI warning
Generative AI can be used to manipulate people into making harmful decisions, says US Federal Trade Commission in warning to firms building and using AI-powered tools Continue Reading
-
News
02 May 2023
UK Cyber Security Council launches certification mapping tool
Cyber careers body aims to offer clarity for professionals seeking to advance through security certification Continue Reading
-
Blog Post
01 May 2023
Tackling the challenges of data sovereignty in a multi-cloud world
This is a guest post by Andy Ng, vice-president and managing director for Asia South and Pacific region at Veritas Technologies The shift to public cloud adoption is alluring, driven by the ... Continue Reading
-
News
28 Apr 2023
Government is playing ‘psychic war’ in battle over end-to-end encryption
Peers hear that the UK government is being deliberately ambiguous about its plans to require technology companies to scan the content of encrypted messages Continue Reading
-
News
26 Apr 2023
Police Scotland receive formal notice about cloud system
Scotland’s biometrics watchdog has issued Police Scotland with an information notice over its deployment of a cloud-based digital evidence system, following disclosure of major data protection concerns by Computer Weekly Continue Reading
-
News
25 Apr 2023
CISOs under-supported, under pressure, Trellix finds
The vast majority of CISOs say they are finding it difficult to get sign-off on the resources they need to do their job Continue Reading
-
Podcast
25 Apr 2023
Podcast: Ransomware, data protection and compliance
Ransomware is a huge and ever-present threat, but there are ways to avoid it and to mitigate its effects. We get key practical steps from Mathieu Gorge, CEO of Vigitrust Continue Reading
-
News
25 Apr 2023
How non-fungible tokens can be used to manage health data
Non-fungible tokens will give patients more ownership and control over their health data and improve its transparency in healthcare research, according to SingHealth clinicians Continue Reading
-
News
24 Apr 2023
Most IT staff uncomfortable deploying surveillance tech at work
The IT teams responsible for deploying and running digital surveillance in workplaces say they are uncomfortable with “extremely common” practice of spying on colleagues, research finds Continue Reading
-
Opinion
24 Apr 2023
Security Think Tank: Going beyond IAM for cloud security
Managing access and privilege across complex and powerful cloud tooling is not a straightforward task; but there are some key considerations that can help security teams stay on top of identities in the cloud Continue Reading
-
News
21 Apr 2023
UK biometrics watchdog questions police cloud deployments
The UK biometrics commissioner has warned that policing and justice bodies must be able to demonstrate ‘immediately and unequivocally’ that their cloud deployments are lawful Continue Reading
-
News
21 Apr 2023
CyberUK 23: New advice on smart city security issued
The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities Continue Reading
-
News
20 Apr 2023
Online Safety Bill could pose risk to encryption technology used by Ukraine
CEO of encrypted messaging service Element says Online Safety Bill could pose a risk to the encrypted comms systems used by Ukraine Continue Reading
-
News
20 Apr 2023
New GovAssure cyber regime launches across UK government
An enhanced cyber security regime is being put in place to better protect UK government IT systems from growing threats Continue Reading
-
News
19 Apr 2023
UK plc sees fewer cyber breaches and attacks, but lacks resilience
Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears poor Continue Reading
-
News
19 Apr 2023
Surrey and Sussex police spared fines after recording 200,000 phone calls without people’s knowledge
Police forces escape potential £1m fines following change of policy by ICO to protect the finances of public sector bodies Continue Reading
-
News
19 Apr 2023
CyberUK 23: NCSC launches Cyber Advisor service for SMEs
The UK’s NCSC has launched an industry assurance scheme designed to address the needs of SMEs, and is calling for potential advisors to step up and help out Continue Reading
-
News
19 Apr 2023
Global finance firms take part in NATO cyber attack simulation
Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure Continue Reading