Threats and Risks
Fewer than one in five IBM mainframe customers are using multi-factor authentication
Mainframe users cited concerns about disruption and end-user resistance as reasons not to employ MFA
University of Birmingham CISO: "I have severe doubts about the security of Facebook, and LinkedIn is going the same way"
The University of Birmingham faces security challenges from the local to the international level
Nine out of 10 reported cyber incidents never reach court
Whether it is because of legal risks, reputational damage or concerns over business continuity, reporting cyber incidents is rare and pursuing them legally is even more so
The IT director and the board must be aligned on cyber protection (video)
Communication between the board and IT cannot be solely one way
The data blame game: what to do when executives are playing fast and loose with core IP
93 per cent of CEOs store their work on a laptop or other personal device outside of official company storage, finds survey
DDoS attacker who targeted Steam, Sony and Electronic Arts pleads guilty
DerpTrolling 'brains' Austin Thompson faces up to ten years in prison over DDoS campaign
Commissioner warns against danger of 'datafying' children
Parents and children must understand how and why data is being collected by toy-makers
Researchers uncover side-channel attacks that target the GPU
The attacks begin with a malicious app that spies on the infected system and steals passwords through GPU rendering
This is what the cyber security will look like once attackers weaponise AI
Artificial intelligence will enable threats to learn as they go, remaining undetected for longer
European Commission emphasises importance of working together to support cyber defence
Differences in cyber preparedness between EU members could put cross-region systems at risk
Ministry of Defence information exposed to nation state attackers in 37 incidents
Sensitive information was left exposed to physical and cyber attackers in 2017
Troubled waters: cyber-attacks on San Diego and Barcelona's ports show risk of IT/OT convergence
Operational technology has been kept separate from IT in the past - but as that changes, systems are being exposed to attacks
NCSC casts doubt on AWS and Apple's knowledge of the China chip hack
No reason to suggest Amazon and Apple knew about the supply chain attack, says agency
Half of data breaches are the fault of insiders, not hackers, research finds
Panel urges companies to avoid euphemisms and acknowledge when they've been breached - or risk being fined
NatWest online, app and telephone banking customers locked out of their accounts
NatWest outage comes a day after similar disruption at Barclays, which is reportedly facing an investigation
Barclays online and telephone banking suffers prolonged outage
Some customers have reported a loss of funds from their accounts
Three steps to protecting your apps and data on AWS
Because the cloud itself's not the be all and end all of security
There is a massive hole in IoT security, says Avast researcher
Poorly-configured protocols are leaving whole networks open to attackers
Necurs botnet in new phishing attack on banks
Short lived campaign delivered FlawedAmmyy remote access Trojan via .pub and PDF files
Oracle releases patch for 'critical' database vulnerability
CVE-2018-3110 is easy to exploit with possibly severe consequences
Network complexity makes it hard to protect the low-hanging fruit, says Just Eat CISO
Multiple points of entry, third party contractors, external code and virtualisation make protecting a modern network a difficult task
Huawei criticised for potentially compromising UK infrastructure with old third-party software
Huawei is using software that will be unsupported from 2020, in hardware that will be used for years to come
Watch out for 'lower, slower and distributed' crime, warns Just Eat CISO
Cyber crime isn't all about speed: infiltrators are slowing down to avoid detection
Thomas Cook vulnerability potentially exposed personal data of 'hundreds of thousands' of fliers
Airline denies customers are at risk, refuses to report breach
