Security policy and user awareness
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
Opinion
19 Nov 2024
Underfunded, under pressure: We must act to support cyber teams
With almost half of cyber pros experiencing more incidents this year, security leaders say their teams are coming under increasing strain. Businesses must be more proactive approach about building a resilient, future-ready workforce Continue Reading
-
News
11 May 2021
SolarWinds CEO calls for collective action against state attacks
SolarWinds CEO tells NCSC’s CyberUK conference he is exploring the possibility of collaborating with other companies on collective cyber action against attacks backed by nation states Continue Reading
-
News
10 May 2021
NCSC Active Cyber Defence blocks surge of pandemic scams
The NCSC responded to a surge in online scams last year as it moved to protect both the general public and critical national services during the pandemic Continue Reading
-
Feature
07 May 2021
How do I get my users to pay attention to security training?
As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees? Continue Reading
-
News
07 May 2021
NCSC, CISA publish new information on Russia’s Cozy Bear
New intelligence from UK and US cyber agencies suggests that APT29, or Cozy Bear, has been switching up its tactics Continue Reading
-
News
07 May 2021
Cyber accreditation to improve legal standing of security pros
Institute of Cyber Digital Investigations Professionals will help incident responders and cyber investigators get the professional recognition they deserve Continue Reading
-
News
06 May 2021
Government urged to add scam protections to Online Safety Bill
Group of organisations calls for the government to use the Online Safety Bill to protect people from cyber scams Continue Reading
-
News
06 May 2021
Google to introduce mandatory MFA for users
In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services Continue Reading
-
News
06 May 2021
HSBC blocks £249m in UK fraud with voice biometrics
HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases Continue Reading
-
Feature
05 May 2021
Deploying productivity monitoring software ethically
While software that tracks the activities of staff can be helpful to companies with a remote workforce, managers must consider employees’ concerns and privacy Continue Reading
-
Opinion
30 Apr 2021
The case for vaccine passports: the real world versus the digital world
What are the security issues challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
29 Apr 2021
Northern Ireland pilots security training plan for 16-25s
Pilot scheme in Northern Ireland aims to widen access to cyber security careers Continue Reading
-
News
28 Apr 2021
Recruiters can’t afford to hold out for cyber ‘unicorns’
The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic Continue Reading
-
News
28 Apr 2021
NHS App to serve as vaccine passport for foreign holidays
Existing NHS App will have vaccine passport functionality added to it, transport secretary confirms Continue Reading
-
News
27 Apr 2021
Total cost of ransomware attack heading towards $2m
Sophos’ latest study finds that ransomware attacks are proving increasingly disruptive to their victims’ finances Continue Reading
-
News
27 Apr 2021
Apple OS updates patch multiple security holes
The much-heralded release of the privacy-centric iOS 14.5 also brings patches for multiple CVEs, and users of Apple smartphones, tablets and notebooks are best advised to update as soon as possible Continue Reading
-
News
27 Apr 2021
North London school wins NCSC girls’ cyber challenge
Highgate School in North London is the winner of this year’s CyberFirst Girls security competition Continue Reading
-
News
27 Apr 2021
The Security Interviews: Making sense of outbound email security
Screening inbound emails is an accepted part of an organisation’s security posture, but the topic of securing outbound traffic is less often discussed. Zivver’s Rick Goud is on a mission to change this Continue Reading
-
News
26 Apr 2021
French legal challenge over EncroChat cryptophone hack could hit UK prosecutions
Lawyers are challenging the legality of a French police operation to harvest tens of thousands of messages from the EncroChat encrypted phone network in a move that could overturn criminal prosecutions in the UK Continue Reading
-
News
22 Apr 2021
GCHQ: Cyber investment a guarantor of UK’s global status
GCHQ director Jeremy Fleming sets out a vision for the UK’s cyber security future Continue Reading
-
News
22 Apr 2021
Automation, zero-trust, API-based security priorities for EMEA CISOs
Report by FireMon sheds light on buyer behaviour across the EMEA region Continue Reading
-
News
22 Apr 2021
ToxicEye malware exploits Telegram messaging service
The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
News
21 Apr 2021
SonicWall Email Security zero-days need urgent patch
Users of SonicWall Email Security are advised to patch immediately, but the supplier is being criticised for the pace of its response Continue Reading
-
News
21 Apr 2021
Time is running out to probe networks for Emotet
Security teams will lose an unprecedented opportunity to gain valuable intelligence to enhance their defences when Emotet is finally ‘executed’ in a few days’ time Continue Reading
-
News
20 Apr 2021
Health app myGP adds Covid-19 vaccine passport function
The new feature is described as the UK’s first NHS-assured Covid-19 certification feature Continue Reading
-
News
20 Apr 2021
UK’s proposed IoT cyber security law gathers momentum
New statistics appear to vindicate UK government proposals to force suppliers to be upfront about IoT security Continue Reading
-
News
20 Apr 2021
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
-
Opinion
20 Apr 2021
Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
E-Zine
20 Apr 2021
Shop and go – will Amazon’s cashless ‘just walk out’ store work?
In this week’s Computer Weekly, Amazon has opened its first ‘just walk out’ grocery store in the UK, but is it the right time to hit the high street? We examine the human and technical issues around email security. And we analyse Microsoft’s $19bn purchase of voice recognition supplier Nuance. Read the issue now. Continue Reading
-
20 Apr 2021
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on. Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Dutch accuse UK of ‘damaging confidence’ by disclosing details of EncroChat police collaboration
The Dutch Public Prosecution Service claims Britain has damaged confidence by disclosing details of an international investigation into the EncroChat encrypted phone network to the courts Continue Reading
-
News
15 Apr 2021
University of Hertfordshire is latest academic cyber attack victim
Multiple systems are offline at the University of Hertfordshire following a cyber attack Continue Reading
-
News
15 Apr 2021
Microsoft is most impersonated brand in phishing attempts
Technology companies continue to be frequently spoofed by cyber criminals in their phishing attempts Continue Reading
-
News
15 Apr 2021
Ireland’s DPC launches probe into Facebook leak
The Irish Data Protection Commission has launched an ‘own volition’ inquiry into the leak of data from 500 million Facebook profiles Continue Reading
-
Definition
14 Apr 2021
compliance risk
Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting from its failure to act in accordance with industry laws and regulations, internal policies or prescribed best practices. Continue Reading
-
News
14 Apr 2021
NSA unearths more MS Exchange vulnerabilities
Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports must be secure by design
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
13 Apr 2021
MP told to ditch official email over hacking fears
MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked Continue Reading
-
News
13 Apr 2021
Covid-19 left people feeling vulnerable to cyber crime
Around 15 million people in the UK experienced cybercrime in the past 12 months, with a cumulative 64 million hours wasted dealing with the fallout Continue Reading
-
News
13 Apr 2021
Millions of devices at risk from NAME:WRECK DNS bugs
Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading
-
News
12 Apr 2021
Vaccine passports and travel plans race up Covid threat charts
With lockdown restrictions easing in the UK, cyber criminals are tailoring their phishing lures to new areas of interest Continue Reading
-
Feature
12 Apr 2021
Why some jobseekers have turned to cyber crime during the pandemic
Research shows that many people have been seeking cyber crime-related work on the dark web, but why? Continue Reading
-
Blog Post
11 Apr 2021
How do YOU find and attract the Cybersecurity skills/talent YOU need?
Review the salaries you offer to Cybersecurity and Computer Science Graduates - unless your policy is to pay more for those implementing security by design. If you are worried about losing those ... Continue Reading
-
News
09 Apr 2021
Egypt, Italy and US most affected in Facebook leak
Researchers at VPN firm Surfshark have been analysing data on 533 million people leaked from Facebook Continue Reading
-
News
09 Apr 2021
NCSC: Using your pet’s name as a password is very stupid
If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said Continue Reading
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
07 Apr 2021
Facebook ducks calls to apologise over huge data leak
Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise Continue Reading
-
News
06 Apr 2021
Facebook data leak could be outside scope of GDPR
Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
Feature
29 Mar 2021
Ecolabels and data sanitisation key to recycling and reusing IT assets
Ecolabels on hardware and data sanitisation of devices are key to recycling and reusing old IT equipment respectively, helping enterprises avoid unnecessary asset destruction and contributing to increasingly high levels of electronic waste globally Continue Reading
-
Feature
26 Mar 2021
Backup appliances the hot topic for Pas-de-Calais fire brigade
With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
-
News
26 Mar 2021
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
-
News
26 Mar 2021
Remote working burn-out a factor in security risk
After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected Continue Reading
-
News
25 Mar 2021
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
-
News
24 Mar 2021
UK faces significant cyber talent shortfall
Cyber security sector is struggling to attract the talented workforce it needs Continue Reading
-
News
24 Mar 2021
Cyber criminals forging Covid-19 vaccine certificates
Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon Continue Reading
-
Feature
24 Mar 2021
How to choose the right email security service for your organisation
With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider Continue Reading
-
Feature
23 Mar 2021
Anti-money laundering technology must operate in a collaborative ecosystem
With new technologies making it easier for banks to spot money laundering activity, we look at why the problem persists at scale, finding that ecosystems and collaborative processes need to be built Continue Reading
-
News
23 Mar 2021
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
-
23 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
E-Zine
23 Mar 2021
Would the UK really nuke a cyber attacker?
In this week’s Computer Weekly, did the UK’s defence and security review really suggest a nuclear response to a cyber attack? Data visualisation has been widely used to explain the Covid-19 pandemic, but not always that effectively. And jewellery retailer Pandora explains how it kept the personal touch as customers went online. Read the issue now. Continue Reading
-
News
22 Mar 2021
Unionised drivers call on Microsoft to suspend Uber’s Face API licences
Unionised private hire drivers in the UK are calling for Microsoft to suspend Uber’s licences to use its Face API technology after claims the ride-hailing firm’s ID-checking system has led to drivers losing their jobs and having licences revoked Continue Reading
-
Opinion
22 Mar 2021
Security Think Tank: Back to square one – ground-up CNI protection
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
18 Mar 2021
Vaccine passports cannot put basic rights at risk, warns BCS
BCS warns of challenges to come as the government presses on with its plans for Covid-19 vaccine passports Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Average ransomware cost triples, says report
The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report Continue Reading
-
News
17 Mar 2021
Digital Green Certificate proposed for travel in Europe
Digital Green Certificates will supposedly help re-establish freedom of movement within the European Union Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
News
16 Mar 2021
MoD partners playing fast and loose with confidential data
Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD Continue Reading
-
News
16 Mar 2021
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
-
News
16 Mar 2021
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
-
News
16 Mar 2021
Government calls for input into Covid-19 vaccine passports
Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme Continue Reading
-
News
15 Mar 2021
UK plans ‘full spectrum’ approach to national cyber security
PM Boris Johnson expands on proposed National Cyber Force and plans to set up a north of England Cyber Corridor Continue Reading
-
News
15 Mar 2021
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
-
Opinion
15 Mar 2021
EncroChat ruling has ‘far-reaching effects’ for legal role of interception in UK investigations
The computer forensic experts involved in the review of police use of data hacked from the ultra-secure EncroChat phone network assess the impact of the Appeal Court ruling on future legal use of intercept evidence Continue Reading
-
Opinion
15 Mar 2021
Security Think Tank: CNI operators are in an unenviable position
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Feature
14 Mar 2021
India is becoming a hotspot for IoT
India is set to be a cradle for internet of things deployments thanks to its vibrant economy and its potential to play a bigger role in global manufacturing Continue Reading
-
News
12 Mar 2021
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading
-
Feature
12 Mar 2021
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on Continue Reading
-
News
12 Mar 2021
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading
-
Opinion
12 Mar 2021
Security Think Tank: US security efforts may centre on collaboration
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
11 Mar 2021
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading
-
News
11 Mar 2021
After Emotet takedown, Trickbot roars up threat charts
Malicious actors are turning to new tricks as Emotet fades away Continue Reading
-
News
11 Mar 2021
Norwegian government falls victim to Microsoft attacks
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers Continue Reading
-
News
10 Mar 2021
Patch Tuesday overshadowed by Microsoft Exchange attacks
Microsoft’s March Patch Tuesday update drops amid ongoing fall-out from widespread Exchange attacks Continue Reading
-
News
09 Mar 2021
Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network
More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat Continue Reading
-
Opinion
09 Mar 2021
Why your business needs SOC as a service
Security in the digital era demands that businesses monitor their entire IT estate and resolve all alerts, but for many organisations the most effective way of doing that is SOCaaS Continue Reading
-
News
09 Mar 2021
Significant jump in number of hackers reporting vulnerabilities to companies
Since the onset of the Covid-19 pandemic, the number of hackers reporting security vulnerabilities and bugs to enterprises has increased by nearly two-thirds Continue Reading
-
News
05 Mar 2021
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago Continue Reading
-
Feature
05 Mar 2021
Dealing with the challenge of beg bounties
The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
-
Blog Post
04 Mar 2021
Making sense of the changing UK Cyber Policing and Skills Scene
There is an urgent need to make rapid use of the trusted partner programmes of the new Cyber Resilience Centres to help business of all sizes (and charities, schools, reputable training providers ... Continue Reading
-
News
04 Mar 2021
Microsoft Exchange CVEs more widely exploited than thought
US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer Continue Reading