IT for small and medium-sized enterprises (SME)

NCSC calls out Microsoft over Dmarc reports

The UK’s cyber security agency has called out Microsoft for seriously undermining global email security by failing to provide crucial reports from its email platforms Continue Reading

Digital safety skills initiative launched against cyber crime

Security industry partners have launched an initiative aimed at raising individuals’ digital safety skills to enable them to protect themselves and their families from most common cyber attacks Continue Reading

NCSC reports on second year of cyber defence at scale

The UK’s National Cyber Security Centre releases a report on the second year of its Active Cyber Defence programme to demonstrate its effects in the public sector and wider UK cyber ecosystem Continue Reading

Security Think Tank: Aligning data privacy with business objectives

What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

Smartodds bets on Rubrik backup appliance with cloud archive

Betting intelligence analytics firm Smartodds replaced its old tape backup infrastructure with Rubrik appliances to cut management time and database restores from hours to minutes Continue Reading

Billion-dollar privacy penalties put CEOs on notice

Facebook’s potential $5bn settlement with the FTC follows notifications of planned GDPR fines for British Airways and Marriott International, underlining the importance of data stewardship Continue Reading

Organisations turn to AI in race against cyber attackers

Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks Continue Reading

UK boards ignoring £30bn cyber risk

Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds Continue Reading

Security Think Tank: Don’t dismiss the business benefits of GDPR

What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

New FinSpy versions extend surveillance capabilities

New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers Continue Reading

Windows 10 to enable passwordless sign-in

Windows 10 users will soon be able to sign in to devices without using a password to encourage the use of two-factor authentication methods to improve security Continue Reading

Draft finance bill dims hopes of private sector reprieve on April 2020 roll-out of IR35 reforms

Publication of the draft IR35 private sector reform legislation dims hopes the government might announce a delay to rolling out the changes in April 2020 Continue Reading

Securing your mobile estate – best practice for CIOs

The prevalence of mobile devices in every part of daily life is shaping how enterprises make choices about software and network infrastructure, but how do businesses go about securing these vast new endpoint estates? Continue Reading

Attacks against AI systems are a growing concern

European research group says attacks against AI systems are already occurring, difficult to identify, and could be far more common than currently understood Continue Reading

RiskIQ uncovers new Magecart campaign

A fresh Magecart campaign is breaching websites on a massive scale using indiscriminate attacks exploiting misconfigured Amazon S3 buckets, say researchers Continue Reading

Security Think Tank: Align compliance objectives with business goals

What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

Agent Smith mobile malware hits millions of devices

New mobile malware that exploits Android vulnerabilities has infected millions of devices, security researchers have discovered Continue Reading

Security Think Tank: Changing the GDPR focus to business benefit

What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

Demand for ICO help escalates in GDPR's first year

The past year has seen increased demand across all support services offered by the UK’s privacy watchdog as new data protection laws went into force Continue Reading

Marriott International facing £99m GDPR fine

Hotel group Marriott International is the second major company to be fined by the UK privacy watchdog for infringements of the GDPR Continue Reading

Data protection: How privacy can be a benefit, not a burden

With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features Continue Reading

Security Think Tank: Benefits of GDPR compliance

What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

European Court hears case on EU-US data transfers

Facebook could be forced to rethink its legal position regarding transfers of data of EU citizens to the US, as the CJEU considers the validity of standard contractual clauses that many businesses rely on Continue Reading

Nearly half of firms fear cloud apps make them insecure

Survey shows more than one-third of global companies appoint a CISO in the face of data breaches, and the UK is giving CISOs more power despite making fewer appointments Continue Reading

Buckinghamshire village pools broadband vouchers to fund full-fibre dig

The village Lillingstone Lovell in Buckinghamshire is helping to fund an Openreach broadband network dig using vouchers pooled through the government’s Rural Gigabit Connectivity scheme Continue Reading

Security Think Tank: Embrace data protection as a necessary business process

What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading

IISP gains Royal Charter status

The UK finally has its first national professional body for cyber security that will be responsible for setting the standards for skills and knowledge in the industry to reduce the skills gap and increase diversity Continue Reading

St John Ambulance praised for response to ransomware attack

Charity’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared Continue Reading

Security and privacy key to smart buildings and cities

Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper Continue Reading

Implementing IoT – overcoming barriers to commercial adoption

Tim Wright from the Institute of Telecoms Professionals reports from a recent seminar exploring questions around the barriers to commercial, at-scale adoption of the internet of things, and how to overcome them Continue Reading

FireEye ties Microsoft Outlook exploit to Iranian hackers

US Cyber Command has issued a warning that a patched Microsoft Outlook vulnerability is being exploited by unnamed threat actors, and recommended immediate patching Continue Reading

Email still top security vulnerability, survey shows

Email is still the top security vulnerability, a survey shows, but security researchers caution that switching to instant messaging is not necessarily a solution in the longer term Continue Reading

Sodin ransomware exploiting Windows zero-day, Kaspersky warns

Security researchers are warning that a recently discovered type of ransomware is now exploiting a zero-day Windows vulnerability, and does not require user interaction to trigger an infection Continue Reading

CPS faces legal ruling over refusal to disclose emails with US on WikiLeaks and Assange extradition

A court will decide whether the Crown Prosecution Service can refuse to neither confirm nor deny the existence of correspondence with US on investigations into Julian Assange and WikiLeaks Continue Reading

UK consumers still concerned about personal data security

Most UK consumers are still concerned about the security of their personal data, indicating that organisations need to do more to gain consumer trust, such as implementing biometric controls Continue Reading

Orvibo data leak puts security spotlight on IoT back end

The security of devices that make up the internet of things (IoT) is a top concern for many in the industry, but leaks from an IoT database highlights the importance of back-end security too Continue Reading

Few UK firms are cyber insured despite financial losses

More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses Continue Reading

French baby store modernises backup as Veeam handles 150TB a night

France-based maternity, baby and children’s store Orchestra needed to share IT resources between 700 points of sale across multiple time zones, and backup for 100 applications Continue Reading

Symantec gearing up for future cyber security

Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson Continue Reading

Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading

Huge jump in cyber incidents reported by finance sector

The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement Continue Reading

How to get the basics of mobile device management right the first time

When adopting mobile device management, there are often fears around implementation and whether or not the strategy is even required Continue Reading

TIN coalition calls for industry action against cyber fraud

An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud Continue Reading

Cyber crime reporting crucial, say UK police

UK police are gearing up to make it easier for business to report cyber crime, saying that under-reporting continues to be a challenge Continue Reading

Exploring UCaaS: The main benefits for enterprises

Getting unified communications-as-a-service right can mean more agility, higher productivity, and cost control Continue Reading

Fido Alliance announces new standards

Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security Continue Reading

Commercial interests put customer security at risk, survey shows

Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows Continue Reading

Wider threat campaign behind Wipro breach

A sophisticated, far-ranging threat campaign was behind the breach at Indian IT services firm Wipro in April, which was not an isolated incident, RiskIQ report reveals Continue Reading

How facial recognition technology threatens basic privacy rights

As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check Continue Reading

UK cyber security progress stalled, says report

UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India Continue Reading

Moscow’s 2019 Startup Village rewards innovation

Moved to a bigger site, Moscow’s annual Startup Village continues to expand, with interest from large corporates growing Continue Reading

Airbus opens cyber innovation hub in Wales

Newport hub will focus on industrial control systems, artificial intelligence and data analytics Continue Reading

Cyber attackers using wider range of threats

Businesses need to ensure they are able to defend against a wide range of threats in the face of increased malicious Office documents, Mac malware and web application exploits, report shows Continue Reading

UK firms downloading vulnerable open source software

Vulnerable open source software components are posing a security threat to UK firms, according to a report that also shows how best practice, including automation, can reduce the risk Continue Reading

Hospitality industry at highest risk of phishing

Benchmarking report shows average phish-prone percentage across all industries and sizes of organisations at 29.6% – up 2.6% since 2018 Continue Reading

Steel firm adds steel to resilience with Scale hyper-converged

Carrs Tool Steels had to move on from legacy servers and found hyper-converged infrastructure from Scale Computing the ideal fit for a small business that couldn’t afford downtime Continue Reading

Nominations open for UK’s security unsung heroes

The Security Serious cyber awareness campaign has opened nominations for the fourth annual cyber security Unsung Heroes awards Continue Reading

Small business not necessarily weakest security link

Small businesses may not be the weakest link in the supply chain after all, with a lack of skills and best practices being bigger factors, a study by (ISC)² reveals Continue Reading

Disaster planning: How to expect the unexpected

Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities Continue Reading

Enterprises challenged with security basics

Visibility, security tool overload and manual reporting are cited as top concerns by UK security leaders, a report reveals Continue Reading

UK to launch security standard for surveillance cameras

The UK is launching the world’s first voluntary cyber security standard and compliance certification mark for the manufacturers of surveillance cameras Continue Reading

Most mobile apps vulnerable to malware

iOS and Android apps equally vulnerable to being exploited remotely by malware, report reveals Continue Reading

Looming private sector IR35 reforms prompts calls for gig economy-focused tax system overhaul

The growth of the gig-based economy has exposed weaknesses in the UK tax system – exacerbated by the IR35 reforms – that mean an overhaul is needed, panel claims Continue Reading

IoT Security Foundation publishes smart building whitepaper

The IoT Security Foundation has published a guide on security for smart buildings to highlight key issues and gather feedback to inform future guidance for industry stakeholders Continue Reading

Converged security takes centre stage at IFSEC

The importance and benefits of combining physical and cyber security was underlined in the opening session of the 2019 IFSEC security conference Continue Reading

Luxembourg tech startups get premium connections

Luxembourg is at the centre of a continent with ambitious plans to develop a thriving tech industry, but what makes it different? Continue Reading

Openreach trials will speed up broadband upgrade

Tests to focus on process of migrating households and businesses to fibre to the premise and voice over IP Continue Reading

UK to host world’s first surveillance camera day

The UK is to host the world’s first surveillance camera day to raise awareness about surveillance cameras and generate a debate about how they are used Continue Reading

Security Think Tank: Business needs to see infosec pros as trusted advisers

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

DevSecOps is key to uniting opposing forces

Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer Continue Reading

Security Think Tank: Top infosec task is getting on board agenda

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

HMRC urged to delay April 2020 extension of IR35 rules to private sector by 'at least' 12 months

An analysis of the responses HMRC has reportedly received to its consultation on extending the IR35 tax avoidance reforms to the private sector suggests the tax agency is coming under pressure to put its plans on hold for at least 12 months Continue Reading

Asco breaks silence on ransomware attack

A week after reportedly being hit by a ransomware attack, Belgium-based mechanical equipment manufacturer Asco has finally provided some details Continue Reading

Building a cyber-physical immune system

Shantanu Rane, researcher in cyber-physical systems security at the Palo Alto Research Center, explains how our own immune systems can inspire the design of modern cyber-physical systems Continue Reading

Security Think Tank: Infosec needs to avoid FUD and keep it real

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Innovation drives Nominet to cyber security

Embracing an innovation strategy for a mature organisation led domain name registry Nominet to found a cyber security business based on its core expertise, its CEO tells London Tech Week Continue Reading

UK firms need to address risky user habits

McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers Continue Reading

Security Think Tank: Security risk ratings key to security/business understanding

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

AI-enabled cyber attacks a reality soon, warns Mikko Hypponen

Technology continues to shape human conflict and artificial intelligence will be no exception, so business needs to up its ability to detect attacks and respond, says security expert Continue Reading

Security Think Tank: Focus on business impact and likelihood of cyber attacks

How can cyber security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Why the rise of IT managed by the business is driving creative thinking

Organisations that encourage business units to implement and run their own IT systems have an edge over competitors that rely entirely on the IT department, research from Harvey Nash and KPMG reveals Continue Reading

In a cyber data breach, preparation is key

The importance of preparation was strongly emphasised at a breach response workshop hosted by DAC Beachcroft as part of London Tech Week Continue Reading

Scale targets edge workloads with HE500 hyper-converged nodes

Scale Computing adds hyper-converged infrastructure nodes to provide edge compute and storage that is fully compatible with its datacentre-scale HCI appliances Continue Reading

Most code-signing processes insecure, study shows

The majority of organisations are failing to enforce security for code-signing processes, providing opportunities for cyber criminals, a survey reveals Continue Reading

Security Think Tank: Frame cyber security impacts in business contexts

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

Implementing Dmarc a top priority for UK

Basic email security should be a top priority for UK firms, followed by reducing third-party web exposure and monitoring data flows leaving the enterprise, a Rapid7 study reveals Continue Reading

Security Think Tank: Infosec letter to the board

How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading

NotPetya offers industry-wide lessons, says Maersk’s tech chief

There are several key industry-wide lessons to be learned from the NotPetya attack in 2017, according to the information chief at one of the companies most heavily impacted Continue Reading

Ofcom confirms broadband USO to be introduced in March 2020

BT and Kcom will begin to provide broadband services under the government’s USO scheme from 20 March 2020 Continue Reading

Misconfigured container services are a security risk

Researchers at Palo Alto Networks have released details of the scale of misconfigured and exposed container services putting organisations at risk of cyber attack Continue Reading

Weak cyber security top challenge, says NCSC chief Ciaran Martin

UK cyber security agency NCSC is focusing on practical support and making the internet and technology safer to use, but says the area that needs most attention is improving basic cyber security in firms, says agency chief Continue Reading

Firms face targeted bespoke cyber attacks, dark web study reveals

Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard Continue Reading

Half of CFOs frustrated by complex accounting systems

Chief financial officers need to upgrade to easier-to-use accounting systems, but are strapped for time and lack the resources to make the right choices, according to survey Continue Reading

Legacy IT systems a significant security challenge

Information security professionals need to work closely with the business to identify critical legacy IT systems to ensure security risks are managed effectively, CISO tells Infosecurity Europe Continue Reading

Digital transformation an opportunity for security

Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe Continue Reading

London could be world cyber risk leader, says ex-Lloyd’s chief

Collaboration across the cyber insurance, technology and security organisations in London could make the capital a leading world centre on these topics, says former Lloyd’s of London boss Continue Reading

DNS – a security opportunity not to be overlooked, says Nominet

Domain name system data is the best-kept secret for eliminating network cyber threats, Nominet tells Infosecurity Europe attendees Continue Reading

Nearly two-thirds of businesses hit by credential abuse

Most businesses admit to breaches relating to abuse of user credentials, according to a report that highlights cyber hygiene failings in the UK and the importance of greater visibility and integration to cyber defence capability Continue Reading

Cyber crime widely under-reported, Isaca study shows

Cyber crime, which is the top cyber threat to business, remains widely under-reported, and only a third of organisations are confident in their ability to detect and respond to threats, a study reveals Continue Reading

Business leaders failing to address cyber threats

Businesses are failing to address growing cyber threats as business leaders admit to knowledge gaps, a lack of resources and confusion about who is responsible for data breaches, a report reveals Continue Reading