News

'Basic IT security' could have stopped NHS WannaCry hack

The National Audit Office (NAO) has led an investigation into NHS response to the WannaCry hack in May this year, which was the most widespread to hit the healthcare service.

According to investigation the the attack led to disruption in at least 34% of trusts in England although the Department and NHS England do not know the full extent of the disruption.

New BlackBerry Cybersecurity Consulting services aim to help business towards GDPR

GDPR will enter into force on May 2018. The new regulation demands major changes to the ways organisations may collect, use, and store PII about customers and employees and could have a major effect upon the their business.

During the BlackBerry Security Summit in London, the company has announced the introduction of cyber security consulting services to guide organisations through GDPR compliance: the services will help organisations to understand how to manage company data, how GDPR applies to their data, and how to achieve a competitive readiness posture.

Director’s Handbook on Cyber-Risk Oversight

The National Association of Corporate Directors (NACD) released an updated edition of its “Director’s Handbook on Cyber-Risk Oversight.” The Handbook is part of the NACD’s Director Handbook series, which reports and comments on widespread governance practices to help directors discharge their duties appropriately.

The 2017 edition improves on the previous version by clarifying several points for board directors to help them understand the strategic importance of cyber risks and the complexity of threats.

Italy's top bank targeted in cyber attacks

UniCredit, Italy's largest bank has been hit by major cyber attacks in the past 10 months in which data of 400,000 customers have been impacted.

No passwords were stolen in the attacks, which first occurred in September and October of 2016 and again in June and July of this year, but personal and banking details could have been accessed, UniCredit said in a statement, although none of the data accessed by the attackers allowed any financial transaction to be carried out.