Regulatory compliance and standard requirements
-
News
05 Nov 2025
Dutch boardroom cyber security knowledge gap exposed
Cyber security governance professor warns that executives lack the capability to assess cyber threats in implementation approaches Continue Reading
-
News
25 Sep 2025
Netherlands establishes cyber resilience network to strengthen public-private digital defence
Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing Continue Reading
-
Opinion
15 Dec 2025
In cyber security, basics matter, even in 2025
As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading
-
Opinion
15 Dec 2025
What is driving the rise of infostealer malware?
Infostealer malware is a growing problem for cyber security teams, and these attacks have the potential to cause significant damage to businesses. What is enabling them to thrive? Continue Reading
-
Opinion
12 Dec 2025
Quantum risk to quantum readiness: A PQC roadmap
No one knows exactly when quantum computing will arrive, but accelerating progress is prompting security and IT leaders to recognise the potential risks. So how do organisations begin implementing post-quantum cryptography? Continue Reading
-
Opinion
12 Dec 2025
What lies in store for cyber security skills in 2026?
As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading
-
Opinion
10 Dec 2025
Security pros should prepare for tough questions on AI in 2026
As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading
-
Opinion
09 Dec 2025
Are we mistaking regulation for resilience?
We have a growing number of cyber compliance regulations, yet our country’s cyber resilience remains fragile. What is going wrong? Continue Reading
-
Opinion
09 Dec 2025
Digital sovereignty about outcomes, not theoretical ideals
SAP’s chief executive counsels against abstractly idealistic conceptions of digital sovereignty that over-focus on physical data centres Continue Reading
-
News
09 Dec 2025
OAIC to launch blitz on privacy compliance
Australia’s privacy watchdog will begin the new year with a compliance sweep targeting businesses that run afoul of privacy rules, including the over-collection of personal information in-person, warning that non-compliance could trigger fines Continue Reading
-
Opinion
08 Dec 2025
Ethical hackers can be heroes: It's time for the law to catch up
The UK government's plan to finally rewrite the 1990 Computer Misuse Act to provide much-needed legal protections for ethical hackers is welcome, but now we need firm action. Continue Reading
-
News
08 Dec 2025
NCSC warns of confusion over true nature of AI prompt injection
Malicious prompt injections to manipulate GenAI large language models are being wrongly compared to classical SQL injection attacks. In reality, prompt injection may be a far worse problem, says the UK’s NCSC Continue Reading
-
Opinion
03 Dec 2025
In 2026, collaboration, honesty and humility in cyber are key
As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading
-
News
03 Dec 2025
UK government pledges to rewrite Computer Misuse Act
Campaigners celebrate as security minister Dan Jarvis commits to amending the outdated Computer Misuse Act to protect security professionals from prosecution Continue Reading
-
News
03 Dec 2025
UK national security strategy failing to account for online world
The UK government’s national security strategy is falling short on online matters, according to the independent reviewer of terrorism Continue Reading
-
News
03 Dec 2025
Post Office avoids £1m fine over botched website upgrade data breach
The Information Commissioner’s Office considered fining the Post Office £1m for a 2024 data breach that let subpostmasters down again Continue Reading
-
News
03 Dec 2025
Women in Cybersecurity Middle East marks five years of impact at Black Hat MEA
As AI reshapes the regional cyber security landscape, diversity and skills development remain at the heart of building a resilient digital workforce Continue Reading
-
News
03 Dec 2025
Black Hat MEA: Saudi Vision 2030 fuels surge in cyber security innovation
Global cyber firms are racing to support the Kingdom’s mega-projects, but building trusted partnerships remains key, says Exabeam CEO Pete Harteveld Continue Reading
-
Opinion
02 Dec 2025
UK's Cyber Bill should be just one part of a wider effort
New cyber legislation is necessary but a wider effort is needed to harden the UK's security and resilience. Continue Reading
-
Opinion
02 Dec 2025
Cyber's defining lessons of 2025, and what comes next
As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading
-
Feature
02 Dec 2025
Inserting AI into cyber awareness
As industry looks to grasp the use of AI and automated features, how are security suppliers facing the challenge of adding these capabilities to their products and services? We talked to one provider to find out Continue Reading
-
Opinion
01 Dec 2025
What lies in store for the security world in 2026?
As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading
-
Opinion
01 Dec 2025
How headlines can drive change in cyber security
Big news stories can shift attitudes. There’s no doubt that insurance vendors and brokers are using major cyber attacks to promote their products, but can security teams also use it to help their businesses be better prepared? Continue Reading
-
Feature
01 Dec 2025
A framework for software development self-service
Keeping software developers happy is an essential ingredient in IT project success. Developer self-service is the way forward, but with guardrails Continue Reading
-
News
26 Nov 2025
US breach reinforces need to plug third-party security weaknesses
Cyber breach at US financial sector tech provider highlights the risk of third-party vulnerabilities in finance ecosystems Continue Reading
-
25 Nov 2025
MI5 made multiple applications for phone data to identify BBC journalist’s sources
MI5 discloses it made and authorised unlawful ‘sequential applications’ for Vincent Kearney’s phone data during his time at the BBC, but will neither confirm nor deny whether it undertook further ‘lawful’ surveillance of BBC journalists Continue Reading
-
Opinion
21 Nov 2025
Protecting the defenders: Addressing cyber's burnout crisis
The Computer Weekly Security Think Tank considers the burdens and responsibilities that accompany the role of chief information security officer, and share guidance on how to navigate a challenging career path. Continue Reading
-
News
19 Nov 2025
UAE to launch first space-to-ground quantum communication network
Technology Innovation Institute and Space42 unveil a collaboration at the Dubai Airshow to deliver the UAE’s first space-enabled quantum communication network, strengthening national cyber resilience and advancing sovereign leadership in next-generation secure infrastructure Continue Reading
-
News
18 Nov 2025
Fintech leaders call for united front against AI-driven cyber crime
As AI makes financial scams more personalised and convincing, fintech experts have called for deeper collaboration and the use of behavioural analytics and other technologies to protect consumers Continue Reading
-
Feature
17 Nov 2025
Data retention in the UK: How long should you keep data?
We look at data retention periods, what the key laws and regulations say, how long they recommend to keep different kinds of data, and the software tools that can help Continue Reading
-
News
16 Nov 2025
Australia lags regional peers in AI adoption
Report finds governance gaps, a lack of training and fear of risks as key reasons for the nation’s slow uptake of artificial intelligence compared with regional peers Continue Reading
-
News
14 Nov 2025
MI5 made multiple applications for phone data to identify BBC journalist’s sources
MI5 discloses it made and authorised unlawful ‘sequential applications’ for Vincent Kearney’s phone data during his time at the BBC, but will neither confirm nor deny whether it undertook further ‘lawful’ surveillance of BBC journalists Continue Reading
-
News
12 Nov 2025
US cyber intel sharing law set for temporary extension
The CISA 2015 cyber intelligence sharing law, which lapsed just over a month ago amid a wider shutdown, will receive a temporary lease of life should attempts to reopen the federal government succeed Continue Reading
-
News
12 Nov 2025
IT services companies and datacentres face regulation as cyber security bill reaches Parliament
The Cyber Security and Resilience Bill will require large IT services companies, including datacentres, to report security incidents within 24 hours Continue Reading
-
Opinion
10 Nov 2025
Who is really accountable for the online safety gap?
There has been a flurry of regulatory activity on online safety around the world with no consensus on the best approach. How should companies and governments respond? Continue Reading
-
News
09 Nov 2025
Nikkei data breach exposes personal data of over 17,000 staff
Hackers used stolen login details from an employee's computer to access the Japanese media giant’s Slack messaging platform, with names, email addresses and chat histories potentially exposed Continue Reading
-
News
07 Nov 2025
Popular LLMs dangerously vulnerable to iterative attacks, says Cisco
Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible to so-called multi-turn cyber attacks producing undesirable outputs Continue Reading
-
Opinion
07 Nov 2025
Resilience for resilience: Managing burnout among cyber leaders
The Computer Weekly Security Think Tank considers the burdens and responsibilities that accompany the role of chief information security officer, and share guidance on how to navigate a challenging career path. Continue Reading
-
News
07 Nov 2025
Industry calls for clarity on government digital ID plans
The digital identity industry asks UK government for transparency on its digital identity scheme and proposes a formal collaboration agreement Continue Reading
-
News
05 Nov 2025
Dutch boardroom cyber security knowledge gap exposed
Cyber security governance professor warns that executives lack the capability to assess cyber threats in implementation approaches Continue Reading
-
News
04 Nov 2025
Ryt Bank taps agentic AI for conversational banking
Malaysia’s Ryt Bank is using its own LLM and agentic AI framework to allow customers to perform banking transactions in natural language, replacing traditional menus and buttons Continue Reading
-
News
04 Nov 2025
The Security Interviews: Colin Mahony, CEO, Recorded Future
Recorded Future’s CEO talks threat intelligence, AI in cyber security and the ever-changing cyber threat landscape Continue Reading
-
News
04 Nov 2025
Nordic investors drive investment in region’s defence sector
Slush Startup in Helsinki will feature dual-use, defence and security events that bring suppliers together Continue Reading
-
News
04 Nov 2025
UAE Sovereign Launchpad begins nationwide roll-out with support from e& and AWS
The cloud infrastructure platform aims to strengthen digital resilience and regulatory compliance across government and regulated sectors in the United Arab Emirates Continue Reading
-
News
04 Nov 2025
Fewer data breaches in Australia, but human error now a bigger threat
Australian privacy commissioner warns that the human factor is a growing threat as notifications caused by staff mistakes rose significantly even as total breaches declined 10% from a record high Continue Reading
-
Opinion
03 Nov 2025
CISOs in court: Balancing cyber resilience and legal accountability
The Computer Weekly Security Think Tank considers the burdens and responsibilities that accompany the role of chief information security officer, and share guidance on how to navigate a challenging career path. Continue Reading
-
Opinion
03 Nov 2025
Just weeks left until Companies House ID changes: how to prepare
Just over two weeks remain before Companies House starts enforcing new digital identity verification procedures for company directors, but there's still time to get ready. Continue Reading
-
News
29 Oct 2025
Rapid7: Cyber defences stuck in the 1980s as threats mount
The company’s chief product officer notes that many defence tactics are still stuck in the past, urging organisations to adopt AI-driven security platforms to improve threat detection and response Continue Reading
-
News
29 Oct 2025
Scope of US state-level privacy laws expands rapidly in 2025
Nine state-level data protection laws have come into force in the US this year, and three more are slated for January 2026. Navigating this complex landscape is becoming a challenge Continue Reading
-
News
28 Oct 2025
Effective cyber sanctions require a joined-up approach, says Rusi
Calling out and sanctioning cyber threat actors can be an effective tool, but is not a universal panacea, and needs to be considered as part of a wider, strategic approach, say Rusi think tank analysts Continue Reading
-
Opinion
27 Oct 2025
Use second-layer tools for AI safety
While some enterprises find it difficult to adopt AI, they can now use second-layer AI tools that enable businesses to implement the technology safely Continue Reading
-
News
27 Oct 2025
Hamas lawyer seeks appeal following police’s seizure of his phone at Welsh port
Police say that solicitors cannot have a ‘cast iron defence’ to protect their electronic devices from ever being searched Continue Reading
-
News
23 Oct 2025
Amid CISA cuts, US state launches first VDP
Legislators in Annapolis, Maryland, have teamed up with Bugcrowd to launch a statewide vulnerability disclosure programme Continue Reading
-
News
23 Oct 2025
Ministry of Justice’s OpenAI deal paves way to sovereign AI
OpenAI has been busy signing deals with the UK government to bolster UK artificial intelligence. It’s now launching data residency for UK customers Continue Reading
-
Opinion
23 Oct 2025
The US government shutdown is a wake-up call for cyber self-reliance
As the US government shutdown heads towards a second month, could the disruption to cyber security programmes be the impetus end-users need to pull themselves up by their own bootstraps? Continue Reading
-
News
23 Oct 2025
Business leaders raise concerns over public cloud data sovereignty
The unpredictable geopolitical climate is having an impact on IT strategies, a report from Kyndryl has found Continue Reading
-
News
22 Oct 2025
Singapore unveils efforts to govern agentic AI, prepare for post-quantum era
Guidelines and tools will help organisations in the city-state manage risks from AI agents and prepare for a future where quantum computers could break current encryption Continue Reading
-
News
22 Oct 2025
Jaguar Land Rover attack to cost UK £1.9bn, say cyber monitors
The UK's Cyber Monitoring Centre calculates the overall cost of the Jaguar Land Rover cyber attack will be almost two billion pounds Continue Reading
-
News
22 Oct 2025
Building security and trust in AI agents
AI agents require standardised guidelines, clear human responsibility and a shared language between developers and policymakers to be secure and trusted, experts say Continue Reading
-
News
21 Oct 2025
New cyber resilience centre to help SMEs fend off cyber threats
Spearheaded by the Singapore Business Federation, the cyber resilience centre will equip SMEs in the city-state with cyber security capabilities to mitigate and recover from cyber attacks Continue Reading
-
News
20 Oct 2025
France’s Atos eyes UK public sector with investment in secure UK infrastructure
French IT services supplier invests in highly secure and accredited UK-based infrastructure Continue Reading
-
News
16 Oct 2025
Microsoft identifies boardroom cyber awareness as a top priority
Digital security report urges IT leaders to convince company boards that cyber security is a board-level problem Continue Reading
-
News
16 Oct 2025
Securing the AI era: Huawei’s cyber security strategy for the GCC
At Gitex 2025, Sultan Mahmood, chief security officer for Huawei Gulf North, outlined how the company supports GCC digital sovereignty, AI security, and enterprise cyber resilience Continue Reading
-
News
15 Oct 2025
ICO fines Capita £14m after ransomware caused major data breach
Outsourcing giant hit with £14m fine over 2023 cyber attack, but costs could rise as legal actions continue Continue Reading
-
News
15 Oct 2025
Obsession with cyber breach notification fuelling costly mistakes
The race to meet security breach notification deadlines is leading to staff burnout, destroyed evidence and a culture of blame, warns a Trend Micro risk and security strategist Continue Reading
-
News
07 Oct 2025
The Security Interviews: David Bradbury, CSO, Okta
Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model Continue Reading
-
Opinion
07 Oct 2025
Building resilience in the cloud: Bridging SLA gaps and mitigating risk
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
06 Oct 2025
Police ordered to give reasons in closed court for seizing phone of UK Hamas lawyer
London court orders police to disclose reasons for seizing and copying the contents of a phone belonging to a UK lawyer who represented Hamas, but refuses an injunction to prevent police from reviewing the phone until after judicial review Continue Reading
-
News
06 Oct 2025
Data sovereignty demand pushes Herabit to get S3 storage
Italian service provider gets Cubbit DS3 distributed S3 storage to provide up to 2PB of cloud services to customers demanding data sovereignty, while cutting costs by up to 50% Continue Reading
-
News
02 Oct 2025
PSNI appoints legal counsel to report on police conduct after McCullough surveillance review
The Police Service of Northern Ireland has commissioned a senior lawyer to report back on whether there was any misconduct by police officers following the McCullough Review into the surveillance of journalists, lawyers and NGOs Continue Reading
-
News
01 Oct 2025
Home Office issues new ‘backdoor’ order over Apple encryption
A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service Continue Reading
-
News
01 Oct 2025
US government shutdown stalls cyber intel sharing
A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk. Continue Reading
-
News
01 Oct 2025
EU Chat Control plans pose ‘existential catastrophic risk’ to encryption, says Signal
As EU member states prepare to vote on plans to mandate tech companies to introduce technology to scan messages before they are encrypted, Signal warns that Chat Control will create new security risks Continue Reading
-
News
30 Sep 2025
MPs press outsourcer TCS over Jaguar cyber attack
The government’s cross-bench Business and Trade Committee has written to Tata Consultancy Services seeking answers over possible links to cyber attacks on Jaguar Land Rover, Marks and Spencer, and Co-op Continue Reading
-
News
29 Sep 2025
JLR tentatively restarts production, following £1.5bn government backing
Jaguar Land Rover is to resume car production after a £1.5bn government loan guarantee amid its cyber attack fallout. Debate is growing over the bailout and insurance Continue Reading
-
News
26 Sep 2025
Over half of India-based companies suffer security breaches
Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year Continue Reading
-
News
26 Sep 2025
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers Continue Reading
-
News
26 Sep 2025
Okta CEO: AI security and identity security are one and the same
At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations Continue Reading
-
News
25 Sep 2025
Netherlands establishes cyber resilience network to strengthen public-private digital defence
Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing Continue Reading
-
News
24 Sep 2025
McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists
A review by Angus McCullough KC reveals that Northern Ireland police failed to comply with the law but that there was no ‘widespread and systemic’ surveillance of journalists, lawyers and NGOs Continue Reading
-
Definition
23 Sep 2025
What is SOX compliance? A complete guide and checklist
SOX compliance entails adhering to the Sarbanes-Oxley Act of 2002, a U.S. law introduced to enhance investor protection by ensuring greater accuracy, transparency and accountability in public companies' financial reporting. Continue Reading
-
News
23 Sep 2025
‘Our worst day’: The untold story of the Electoral Commission cyber attack
As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly Continue Reading
-
Opinion
23 Sep 2025
Angus McCullough’s review: A reckoning for the PSNI – and for press freedom
The McCullough Review to be published on Wednesday could mark a turning point for press freedom and for policing in Northern Ireland Continue Reading
-
Opinion
22 Sep 2025
From breach to resilience: How the Electoral Commission rebuilt its cyber defences
The UK's Electoral Commission fell victim to a major cyber attack in 2022. Three years on, the organisation is reflecting on its experience and sharing the lessons it learned to help others improve their security resilience. Continue Reading
-
Definition
22 Sep 2025
What is regulatory compliance?
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes. Continue Reading
-
News
19 Sep 2025
UK cyber action plan lays out path to resilience
A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector Continue Reading
-
News
19 Sep 2025
French court ruling may lead to legal challenges over state Sky ECC and EncroChat phone hack
A decision by the French supreme court may pave the way for defendants to challenge the lawfulness of France’s hacking of the EncroChat and Sky ECC cryptophone networks used by organised crime groups Continue Reading
-
News
17 Sep 2025
Firms urged to adopt risk-based data sovereignty strategy
Geopolitical uncertainty is forcing organisations to rethink where their data is located, but a full retreat from the public cloud is not the answer Continue Reading
-
Podcast
17 Sep 2025
Podcast: Data sovereignty and what you need to do about it
Patrick Smith, EMEA CTO of Pure Storage, talks about data sovereignty, what’s driving heightened interest in it, and how customers, the tech industry and states are preparing for it Continue Reading
-
News
17 Sep 2025
Hamas lawyer challenges police after they seized legal files from phone in Schedule 7 stop
A UK solicitor hired by Hamas to challenge its proscription in the UK as a terrorist organisation argues police acted unlawfully by seizing a phone containing confidential legally privileged material about his clients Continue Reading
-
Opinion
16 Sep 2025
Cyber leaders must make better use of risk experts
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
15 Sep 2025
Arqit to support NCSC’s post-quantum cryptography pilot
Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography Continue Reading
-
News
15 Sep 2025
Forrester Technology & Innovation Summit preview: Digital sovereignty in the public cloud
We look at how IT leaders need to balance data access, data residency and data sovereignty Continue Reading
-
News
11 Sep 2025
Chat Control: EU to decide on requirement for tech firms to scan encrypted messages
Law enforcement and police experts meet on Friday to decide on proposals to require technology companies to scan encrypted messages for possible child abuse images amid growing opposition from security experts Continue Reading
-
News
10 Sep 2025
UK contactless card payment limits could be unlimited
The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit Continue Reading
-
News
08 Sep 2025
Northern Ireland police kept inspectors in dark over surveillance of journalists
The Police Service of Northern Ireland failed to inform the Investigatory Powers Commissioner’s Office about surveillance operations against journalists during annual inspections Continue Reading
-
News
05 Sep 2025
US politicians ponder Wimwig cyber intel sharing law
US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities Continue Reading
-
Opinion
05 Sep 2025
SLA promises, security realities: Navigating the shared responsibility gap
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
04 Sep 2025
UK sets out plans for AI assurance leadership
Labour wants the UK to become the world leader in artificial intelligence assurance Continue Reading
-
Opinion
03 Sep 2025
Bridging the SLA gap: A guide to managing cloud provider risk
The Computer Weekly Security Think Tank considers how security leaders can help assure access to the new and innovative cloud tech while minimising risk and ensuring they do not fall foul of regulators. Continue Reading
-
News
03 Sep 2025
European court upholds EU-US Data Privacy Framework data-sharing agreement
EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US – for now. An appeal may be in the offing Continue Reading
-
News
31 Aug 2025
Google Cloud brings on-premise Gemini AI to Singapore
Move allows government agencies and regulated industries to run Google’s most powerful artificial intelligence models in their own datacentres, directly addressing data security and residency requirements to fuel the nation’s AI ambitions Continue Reading