The National Audit Office has criticised the Cabinet Office for failing to produce a business case for its £1.9 billion National Cyber Security Programme ahead of its implementation.
US Federal prosecutors are reportedly probing Facebook's data sharing partnerships with electronics companies, including smartphone makers, & a grand jury has subpoenaed information from at least two firms.
While the skills gap has been editorialised to death, less attention has been given to the problem of retaining those skilled staff once an organisation has recruited them. ISACA Report digs deeper.
China has been successfully attacking both the US Navy itself along with its suppliers and third-party vendors and stealing secrets to gain a military advantage says new Navy report.
The European Parliament adopted a new Cybersecurity Act on Tuesday in response to China's National Intelligence Law which compels domestic firms to "support, assist, and cooperate with state intelligence work".
The level of protection is reduced by half, but 2^63 is still a large number - however fixing the problem can potentially introduce new vulnerabilities or cause business systems to fail.
Hacked software enables drones to bypass no-fly zone restrictions; Israeli MOD and the Israel Innovation Authority grant US$1.2 million to develop AI to mitigate cyber-attacks in drones and robotics.
Research based on ICO reporting data shows widespread failure to meet GDPR standards, particularly in relation to the time it takes to identify and report a breach.
Facebook has filed a lawsuit against two Ukrainian men accused of creating fraudulent quiz applications that tricked users into installing malicious browser extensions.
UK Foreign Secretary Jeremy Hunt calls for a strategy that deters hostile states from intervening in free elections, announced: "Britain now has a National Offensive Cyber Programme."
A data leak at data validation company Verifications.io is three times larger than originally reported, comprising two billion leaked records not 809 million, according to cyber-security company Dynarisk.
Nation-state actors may not have brought the same chaos and disruption to bear during the 2018 midterms as Russian operatives did in the 2016 presidential election, but the US is still under a relentless onslaught of cyber-attacks.
For the past six months the US National Security Agency has not been collecting metadata on Americans' calls and texts domestically, marking the quiet end to a controversial surveillance programme enacted by the 2001 Patriot Act.
Whether you are a CISO, want to become one, or employ/ought to employ one, reading this book will repay the time spent, providing both practical advice and wider social/commercial context of the role.
A new UK government report, the 2018 FTSE 350 Cyber Governance Health Check, uncovered a lack of cyber-security nous at boardroom level, although progress has been made over 2017 in some areas
30 years ago, in 1989, the Berlin Wall came down, SC made its debut in the UK, and Sir Tim Berners-Lee was inventing the World Wide Web while at CERN, the European Particle Physics Laboratory.
New research on Chafer threat actor group - which is known for targeting Middle Eastern targets - found using a Python-based payload, shows an overlap with Oilrig.
Iranian actors that are possibly backed by segments of that nation's government are likely behind an on-going cyber-espionage campaign that most recently targeted the Australian Parliament.
Website compromise that started as a cryptomining operation escalated into downloader drop on visiting computers -- allowing attackers to inject various types of malware through full command and control.
The adoption of hybrid cloud solutions by enterprises across various sectors is taking place on such a grand scale that security teams are struggling to secure such solutions in a timely manner.
TV series Holby City and Casualty are about to be hit by cyber-attack in a crossover joint episode. We asked several cyber-security experts to give their view on what dramatic scenarios might actually happen in an attack on the NHS.
Panellists Cheri McGuire, CISO Standard Chartered bank; Mandy Haeburn Little, CEO Scottish Business Reslience Centre; Sharon Barber, CISO Lloyds Bank; Maria Vello, CEO Cyber Defence Alliance explain how information sharing works in finance.
DCMS cyber-security chief says a prosperous digital economy needs to be resilient in face of cyber-threats, and revising cyber-essentials to increase adoption is just one of the actions being taken.
Steve Purser, head of core operations at the European Union Network and Information Security Agency (ENISA), explains the agency's expanding role in promoting joined up cyber-security across the EU.
A former Cambridge Analytica executive is cooperating with Special Counsel Robert Mueller's investigation into collusion between the Trump campaign and Russian operatives.
The integrity of democracy itself is being undermined by the failure of Facebook and other social media giants to control 'fake news', MPs have said.
Police in the UK are keenly aware of the need for additional training and tools to combat the growth of cyber-crime, but they also see a role for technology in fighting traditional forms of crime.
A fund of £800,000 is available to help academics get their ideas for improved cyber-security to market.
Law firms are increasingly being asked to supply ever-greater amounts of evidence of data management safeguards to their corporate clients for GDPR compliance.
Parenting website reports itself to ICO after botched cloud migration resulted in users being logged into each other's accounts, able to see personal data and private posts.
Facebook will no longer be allowed to combine German users' data taken from WhatsApp, Instagram and Facebook Messenger, according to the German competition authority.
Helping manufacturers achieve privacy by design was the goal of the Information Commissioner's first-ever regulatory sandbox event in London yesterday.
The US Federal Reserve has agreed to provide technical assistance to Bangladesh's central bank to help it prosecute dozens of individuals thought to be involved in stealing US$ 81 million (£63 million) in 2016.
The Chinese state-sponsored threat actor APT10 used stolen remote access software credentials to infiltrate the network of Norwegian managed services provider Visma last year, likely in an effort to launch secondary attacks against the MSP's clients.
When is a war really a not a war, at least as far as an insurance company is concerned?
A coherent strategy for a national digital ID policy needs to be created by government to replace the ad hoc systems currently being used by business and government, says TechUK.
The EU's GDPR regulation and its attached fines appears to be encouraging data breach reports with almost 60,000 such reports being filed since the privacy law went into effect in May, but the number of fines imposed lag far behind.
Subscribers to a Tibetan Government-in-Exile mailing list were targeted in a recent email-based phishing campaign designed to infect them with a remote access trojan.
A smartwatch which enables parents to track their children has been recalled by the European Commission over serious security concerns that could leave children vulnerable.
Almost 90 countries have adopted a national cyber-security strategy, providing information to explain how states think and interpret the limits of mandatory, allowed and prohibited behaviour in cyber-space.
The cyber-security industry recognises that it needs a broader range of skills than purely technologists, but where do they come from, and how do they demonstrate the tech understanding to make a contribution?
"We are not just in the security business because its a vibrant market and a great opportunity to grow BT's business, we are in the security business because we have to be in the security business," says Kevin Brown, recently-appointed managing director of BT Security.
The role of CISOs at global organisations has appreciated greatly in the recent past, so much so that they are now playing a principal role in 90 percent of significant business decisions.
The US Department of Justice is attempting to disrupt the North Korean operated Joanap botnet by creating a roadmap of computers infected with the malware and then notifying those affected so the infected computer can be removed from the botnet.
Houston attorney Larry Williams is suing Apple over the recently disclosed FaceTime bug which allows callers to listen to the audio of the recipient before they answer the phone, claiming it allowed the recording of a private deposition.
A federal judge in San Jose, California rejected Yahoo's proposed data breach settlement offer faulting Yahoo's lack of transparency.
Four in five UK businesses surveyed achieve Cyber Essentials certification, but the figure for SMEs is more like two thirds, down to budget restrictions and failure to understand the benefits.
Attribution is difficult and sometimes it seems that cyber-criminals are beyond the long arm of the law. But hackers - some even foreign nationals - were increasingly brought to justice on both sides of the Atlantic in 2018 for various cyber-crimes.
Stronger sources of domestic cyber-threat intelligence must be developed and additional European context added to existing intelligence, according to a report from ENISA.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout
Why do cyber security breaches continue to dominate the news headlines?
Brought to you in partnership with CrowdStrike