It’s no surprise to me that financial services organisations missed the 17 January2025 deadline to be in compliance with the European Union’s Digital Operational Resilience Act (DORA). I personally have not met a CIO or CISO who thought this deadline was realistic.Even back in January, research from Orange Cyberdefense saw 43% of respondents in the…
One almost feels a little nostalgic for the days of old-school phishing attacks, those poorly worded, spray-and-pray emails that most people could spot a mile off. While they were still a danger, it was fairly simple to create countermeasures. But things have changed. Today’s phishing campaigns harness artificial intelligence (AI), deepfakes and adversarial techniques to…
Beyond the hook: How phishing is evolving in the world of AI Read More »
Two of the UK’s leading female cyber practitioners – Secureworks threat intelligence knowledge manager Rebecca Taylor and CybAid founder and Hewitt Partnerships managing director Amelia Hewitt – are to launch a book for women starting and navigating careers in the cyber security sector. The duo describe their co-authored book, Securely Yours, as a practical, agony…
Cyber ‘agony aunts’ launch guidebook for women in security Read More »
Veteran UK retailer Marks & Spencer (M&S) has apologised to customers after a cyber incident of a currently undisclosed nature forced multiple public-facing services offline, with shoppers predictably taking to social media in their droves to lament the outages. In a note published on the afternoon of 22 April, the company revealed it had been…
Financially motivated threat actors – including ransomware crews – remain the single biggest source of cyber threat in the world, accounting for 55% of active threat groups tracked during 2024, up two percentage points on 2023 and 7% on 2022, demonstrating that cyber crime really does, to a certain extent, pay. At least, this is…
Financially motivated cyber crime remains biggest threat source Read More »
On a month-by-month basis, recorded ransomware attacks dropped by 32% in March 2025, to 600 in total, according to NCC Group’s latest monthly Threat Pulse data, but the decline appears to be very much a red herring, and likely the result of large, one-off events in previous months that yielded multiple victims, such as Clop/Cl0p’s…
March ransomware slowdown probably a red herring Read More »
In the wake of the abrupt termination of the Mitre contract to run CVE Programme, a group of vulnerability experts and members of Mitre’s existing CVE Board have launched a new non-profit with the intention of safeguarding the programme’s future. The CVE Foundation’s founders want to ensure the continuity, viability and stability of the 25-year-old…
CVE Foundation pledges continuity after Mitre funding cut Read More »
Businesses are under attack from all corners of the globe and while many organisations may think that nation-state threat actors would never target or be interested in them, the reality is that no-one is exempt from security threats. Security leaders need to ensure they are staying up to speed on the latest threat intelligence, this…
Collaboration is the best defence against nation-state threats Read More »
Small and medium-sized enterprises (SMEs) throughout the UK are losing £3.4bn every year as a result of inadequate and unfit-for-purpose cyber security measures, with more than 30% of businesses having no form of security protections in place whatsoever, and over a quarter being targeted multiple times every year, according to a report produced by Vodafone…
UK SMEs losing over £3bn a year to cyber incidents Read More »
Over 80% of global companies are now using AI to improve business operations. AI has also become a feature of individuals’ daily lives as we interact with chatbots, voice assistants, or predictive search technologies. But as AI diffusion grows, so too do the risks associated with its misuse – particularly by nation state actors engaged…
How CISOs can counter the threat of nation state espionage Read More »
