This week, we discuss a data breach affecting Casio users in 149 countries, two zero-day vulnerabilities in Cisco’s IOS XE web user interface, a slew of legal action against Progress Software following the MOVEit Transfer breach, and an update on last month’s cyber attack on the International Criminal Court.

This week, we discuss another GDPR fine for TikTok relating to its processing of child users’ personal information, more data breaches caused by MOVEit Transfer, including Sony Interactive Entertainment, and the exposure of a mammoth 3.8 billion data records.

This week, we discuss a cyber attack on MGM Resorts that has allegedly cost the company millions of dollars in revenue even before it began its remediation efforts, the leak of 38 terabytes of Microsoft data and a cyber attack on the International Criminal Court in The Hague.

This week, we discuss security issues at the Electoral Commission, Meta’s appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi.

This week, we discuss “insider wrongdoing” at Tesla, a data breach affecting 2.6 million Duolingo users and the conclusion of a two-month court case against members of the Lapsus$ gang.

This week, we discuss data breaches affecting the Electoral Commission and the Police Service of Northern Ireland, and the financial repercussions of Capita’s March ransomware incident.

This week, we discuss the new EU adequacy decision for the US, based on the Data Privacy Framework (plus Max Schrems’s inevitable reaction), and a proposed UK-US ‘data bridge’; fixes for three more vulnerabilities in Progress Software’s MOVEit Transfer app; plus this month’s Patch Tuesday and other security updates.

This week, we discuss 100,000 compromised ChatGPT credentials, a data breach affecting the LetMeSpy stalkerware app, and a potential security vulnerability in Microsoft Teams that could be exploited to spread malware. Plus, Alan Calder discusses the current cybersecurity and regulatory landscape, and how they affect organisations.

This week, we discuss a data breach affecting users of Progress Software’s MOVEit file transfer app, GDPR fines for LinkedIn and Spotify, and the delay of Google Bard’s EU launch because of privacy concerns.

This week, we discuss more organisations affected by Capita’s security issues, the security implications of 20 NHS trusts’ use of Meta Pixel, Meta’s €1.2 billion GDPR fine and its potential effects for other organisations, and the progress of the DPDI (No. 2) Bill. Plus, Alan Calder discusses cyber regtech and how organisations can use it to manage their regulatory compliance.

This week, we look at the wider repercussions of the Capita ransomware attack, and how numerous clients have been affected, including the Universities Superannuation Scheme and other pension providers. Plus, accusations of another Capita breach and Alan Calder on what all organisations can learn from the attack and Capita’s response.

This week, we discuss ChatGPT’s restoration in Italy despite wider security concerns, an apology from the LockBit ransomware group and another breach for T-Mobile, and Alan Calder discusses what boards need to do to build their organisations’ cyber defences.

This week, we discuss the apparent sale of exfiltrated Capita data by the Black Basta ransomware group, a zero-day Google Chrome vulnerability and the development of a new LockBit ransomware variant targeting macOS, and Alan Calder analyses the new US National Cybersecurity Strategy and explains what all organisations should learn from it.

This week, we discuss a cyber attack on the outsourcing giant Capita, Italy's ban on OpenAI's ChatGPT chatbot and further bad news for TikTok: a £12.7 million fine from the ICO for breaching UK data protection law.

This week, we discuss ransomware attacks on Ferrari and the Dole Food Company, another TikTok ban – this time by the BBC – and vulnerabilities that allow some Android phones to be hacked with only the victim's phone number.

This week, we discuss a data breach affecting WH Smith, the latest proposals to reform data protection law in the UK, TikTok's response to being banned by the European Commission and European Parliament, and the proposed US RESTRICT Act, and a woman who has been sentenced for defrauding Luton Borough Council in a cyber attack.

This week, we discuss the European Parliament Committee on Civil Liberties’s opinion of the EU-US Data Privacy Framework, Twitter’s decision to disable free text-based 2FA, a series of attacks on GoDaddy’s infrastructure and the HardBit 2.0 ransomware group’s negotiation tactics.

This week, we discuss a Which? investigation into basic security flaws on banks' websites and apps, a ransomware attack on the financial firm ION Cleared Derivatives, and a phishing attack that compromised the emails of Stewart McDonald MP.

This week, we discuss the fallout from the latest Mailchimp breach, a ransomware attack on KFC, Pizza Hut and Taco Bell's parent company, another T-Mobile data breach, an incident affecting Planet Ice, and an update for older Apple devices. We also talk to the ISO 27001 expert Steve Watkins about his new pocket guide to the Standard.

This week, we discuss a series of ransomware attacks on 30 schools and colleges in the UK, legal action against both Meta and the Irish Data Protection Commission following last year’s massive Facebook GDPR fine, and the third stage of a cyber-defence-in-depth strategy: management.

This week, we discuss a ransomware attack on Rackspace, a Citrix zero-day vulnerability, the forthcoming EU adequacy decision in respect of the EU-U.S Data Privacy Framework, and the second stage of a cyber-defence-in-depth strategy: protection.

This week, we discuss the Hive ransomware as a service, the latest developments following the Medibank breach, a Canadian city shut down by ransomware, Suffolk Police's leak of sensitive data and the ethical implications of AI.

This week, we discuss a £4.4 million GDPR fine for the construction company Interserve, a data breach affecting 9.7 million customers of Medibank, an unusual GDPR fine for UPS, and Microsoft’s latest software updates.

This week, we discuss the new mechanism for transferring EU residents’ personal data to the US, the first GDPR Data Protection Seal, a new ransomware attack targeting Ukraine and its allies, and the first layer in a defence-in-depth approach to cyber security: detection.

This week, we discuss yet more planned changes to UK data protection law, a £1.35 million GDPR fine for “predatory marketing”, the conviction of Uber’s former chief security officer, and a new book about how to establish an enjoyable career.

This week, we discuss a potential fine of £27 million for TikTok, a data breach caused by a phishing attack on American Airlines and a $35 million penalty for Morgan Stanley Smith Barney LLC after ”extensive” security failures.

This week, we discuss allegations of data security failures at Twitter, a €405 million fine for Instagram, a cyber attack on InterContinental Hotels Group, and why Cloud security is so important.

This week, we discuss two zero-day vulnerabilities affecting Apple devices, the further effects of a ransomware attack on an NHS digital services provider and a large-scale phishing campaign affecting users of secure services such as Okta, Authy and Signal.

This week, we discuss a ransomware attack on an NHS digital services provider and a huge increase in cyber attacks as a result of the war in Ukraine, and provide an overview of the main reforms to UK data protection law proposed by the Digital Protection and Information Bill.

This week, we discuss a malware campaign targeting Facebook Business users, a breach apparently affecting 5.4 million Twitter users, a €1.1 million GDPR fine for Volkswagen, the new Digital Protection and Information Bill, and why it’s so important to maintain your cyber security through a recession.

This week, we discuss NCSC and ICO advice to the legal profession, a new phishing campaign that bypasses multifactor authentication, and the huge increase in the number of ransomware and phishing attacks this year. Plus, we talk to Gary Hibberd about his new book, The Art of Cyber Security.

This week, we discuss new NCSC guidance on avoiding cyber security “staff burnout”, a data breach affecting a Japanese city's entire population, good news for the ransomware-hit Maastricht University, and the privacy implications of the metaverse.

This week, we discuss a cyber attack that’s disrupted Yodel’s deliveries, new tactics from a ransomware gang, the government’s plans for reforming UK data privacy law, and the importance of a defence-in-depth approach to cyber security.

This week, we look at a $150 million fine for Twitter, phishing attacks affecting the Twitter followers of the digital artist Beeple and users of the accounting platform QuickBooks, and a massive data breach affecting Pegasus Airlines – plus we talk about security issues facing organisations with a remote or hybrid workforce.

The Schrems II ruling and Brexit mean that UK organisations are required to reconsider the legal basis for the transfer of personal data to and from Europe. The webinar recording covers: The Schrems II decision regarding transfers of data; The implications for UK and EU data controllers regarding data transfers; The types of data transfers organisations should consider; Data flows and the legal basis for UK–EU data transfers; Practical steps organisations can take now; and What the future holds following Schrems II and Brexit.

We take a look at Data Flow Audit And Data Mapping For GDPR Compliance in this webinar recoding

We take a look at Data Flow Mapping in this webinar recording

The EU General Data Protection Regulation (GDPR) highlights how the principles of ‘privacy by design’ and ‘privacy by default’ are fundamental to ensuring that organisations protect the rights of data subjects. We take a look at Data Protection By Design And By Default Under The GDPR in this webinar recording

Alan Calder, Founder and CEO of IT Governance discusses the first steps towards GDPR compliance in this webinar recording.

In our last ever podcast, we discuss Citrix’s data breach, the GDPR and cookie walls, data breach notification, and Patch Tuesday.

This week, we delve into the government's FTSE 350 Cyber Governance Health Check report, Microsoft's Security Intelligence Report Volume 24, and Cisco's latest Data Privacy Benchmark Study

This week, we discuss ICANN's warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers' responses to recent research into security flaws, and the European Data Protection Supervisor's annual report for 2018.

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy's $50 million data breach settlement.

This week, we discuss a data breach at Mumsnet, no data breach at OkCupid, and a lawsuit against Apple for implementing security measures.

This week, we discuss the compromise of Metro Bank's two-factor authentication system, nearly one million cyber attacks on the Student Loans Company, nearly 60,000 GDPR breaches and a surprising discovery for some marine biologists

31 January Weekly Podcast: Facebook VPN, FaceTime bug, and Internet Explorer 10 by IT Governance

This week, we discuss Google's €50 million GDPR fine, GDPR complaints against eight streaming services, Facebook’s Supreme Court appeal and its potential effects on the EU-US Privacy Shield, and an Emergency Directive from the US Department of Homeland Security.

This week, we discuss how the US government shutdown is affecting federal websites' security, the sentencing of a man who knocked Liberia's Internet offline with a botnet, and what a no-deal Brexit means for data protection

This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches.

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months

This week, we discuss the latest fines for Uber in connection with its 2016 data breach, GDPR complaints against Google, and the other side of the City of York Council 'hack' story.

This week, we discuss Amazon's exposure of customer names and addresses, jail sentences for two TalkTalk hackers, and a data breach affecting a City of York rubbish app.

This week, we discuss a Bank of England cyber resilience exercise, the latest cyber security news from the US Office of Personnel Management, the highlights of this month's Patch Tuesday, and a surprising admission by a Japanese cyber security minister

This week, we discuss a data breach affecting HSBC's US customers, a XSS vulnerability in Evernote and a critical RCE vulnerability in Apache Struts

This week, we discuss BA's update about its recent data breach, the 9.4 million victims of Cathay Pacific's data breach, Eurostar's password reset, and an indictment for the criminals behind an extortion attempt at lynda.com

This week, we discuss the stalemate between Bloomberg Businessweek and Supermicro, Apple and Facebook’s call for a federal data privacy law in the US, and what the Morrisons Appeal Court ruling means for every organisation

19 October Weekly podcast: US Defense Department, MOD and NHS by IT Governance

This week we discuss the end of Google+, allegations of Chinese motherboard interference, and a £120,000 fine for Heathrow Airport

This week, we discuss Russian cyber crime, the Facebook breach affecting 90 million users and the Conservative Party's conference app breach

Big numbers this week: we discuss a data breach affecting 6.42 million SHEIN customers, a potential £30 million FCA fine for Tesco Bank, the UK's new £250 million cyberwarfare unit, and a $148 million settlement for Uber

This week, we discuss a record ICO fine for Equifax, cyber attacks on Bristol Airport and Smeg, and the sentencing of the creators of the Mirai botnet

This week, we discuss the continuing fallout from the BA breach, the compromise of 5,000 Npower customers' details, DoJ charges against a North Korean computer programmer, and this month's Microsoft updates

This week, we discuss a data breach at Plusnet, poor security at tvlicensing.co.uk, why most BEC scams succeed, and what causes most data breaches

Welcome to the IT Governance Periscope Podcast: This week’s episode is an investigation into the DPO’s role – who needs one, what they do and their role in a data breach.

In this week's podcast, we discuss the data breach at Air Canada, Huazhu Hotels, and West Ham Football Club

In this week's podcast, we discuss the data incident at Superdrug, Facebook and Twitter removing accounts, and the ICO website being down.

Welcome to the IT Governance Periscope Podcast: This week’s episode is an investigation into reporting on staff training, awareness and IT Governance products and solutions for organisations that suffer a data breach

This week, we discuss a new flaw affecting Intel processors, a $13.5 million cyber attack on an Indian bank, the release of version 1.3 of the Transport Layer Security protocol and the highlights from this month's Microsoft patches.

This week, we discuss new research into attacks on industrial control systems, Reddit's recent breach, and an apparent crackdown on SIM swap fraud

This week, we discuss the 10 million affected by Dixons Carphone's 2017 data breach, the exposure of hundreds of thousands of clothes shoppers' details, Yale University's ten-year old data breach, and a return to typewriters for government workers in Matanuska-Susitna Borough in Anchorage.

Welcome to the IT Governance Periscope Podcast: This week’s episode is an investigation into cyber incident response management and IT Governance products and solutions for organisations which suffer a data breach.

This week we discuss Google Chrome flagging sites that use HTTP as not secure, BA's GDPR fail, and a massive data breach affecting more than 100 manufacturing companies.

Welcome to the IT Governance Technology & Media Podcast: Client X. Account Manager Zak Rush joins us again for our second episode. Zak is a Technology & Media sector specialist at IT Governance. It’s his job to identify client obligations, discuss project scope and generally facilitate any and all client needs in the Technology & Media sector.

This week, we discuss a £200,000 fine for the IICSA, a move to suspend the EU-US Privacy Shield, how much a data breach might cost your organisation, and the sentencing of two National Lottery hackers.

This week, we discuss operational resilience in the banking and financial market infrastructures sectors, a data breach affecting Thomas Cook subsidiaries, London's proposed new court building and the latest development in the Facebook/Cambridge Analytica scandal

Welcome to the IT Governance Technology & Media Podcast: Client X. Account Manager Zak Rush joins us for our first episode. Zak is a Technology & Media sector specialist at IT Governance. It’s his job to identify client obligations, discuss project scope and generally facilitate any and all client needs in the Technology & Media sector.

This week, we discuss the unauthorised sharing of 150,000 patients' confidential health data, the first ripples from the Typeform data breach, and a £4,500 fine for a company that didn't register with the ICO

This week, we discuss the apparent leak of 340 million data records, a vulnerability that exposed sensitive BetVictor data, a data breach affecting up to 40,000 Ticketmaster customers, and the number of GDPR complaints since 25 May.

This week, we discuss a £77,000 fine for BT, Bithumb's loss of £24 million, Islington Council's PCI DSS fail and some topical phishing campaigns.

This week, we discuss the compromise of 92 million MyHeritage users' credentials, “unauthorised activity” at PageUp, a missing memory stick at Rochester Grammar School, and the first couple of weeks of the GDPR

This week, we discuss the sentencing of one of the perpetrators of the 2013 Yahoo breach, a new type of denial-of-service attack that can crash computers just using sound and how not to email your customers

The General Data Protection Regulation is now in force. Don't panic.

This week, we discuss the exposure of millions of Facebook users' data, security failings in train passenger networks and Kaspersky Lab's relocation to Switzerland

This week, we discuss Twitter's password reset, new Spectre CPU flaws, the implementation of the EU's NIS Directive, and patch Tuesday's highlights

This week, we discuss a new deal between the NHS and Microsoft, the financial cost of Equifax's massive data breach, and a jail sentence for a hacker who altered prison records

This week, we discuss TSB's chaotic system upgrade, a security flaw in electronic hotel locks and a major NATO cyber security exercise

This week’s extract is taken from Graham Day’s book: Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Find out more: www.itgovernance.co.uk/shop/product/…digital-world

This week, we discuss an alert from the NCSC, US DHS and FBI, a £120,000 fine for the Royal Borough of Kensington and Chelsea, and a data breach at IKEA's TaskRabbit marketplace.

This week’s extract is taken from Graham Day’s book: Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Find out more: www.itgovernance.co.uk/shop/product/…digital-world

This week’s extract is taken from Graham Day’s book: Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Find out more: www.itgovernance.co.uk/shop/product/…digital-world

This week, we discuss responses to data breaches at Panera Bread, Grindr and Under Armour's MyFitnessPal

This week’s extract is taken from Graham Day’s book: Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Find out more: www.itgovernance.co.uk/shop/product/…digital-world

This week’s extract is taken from Graham Day’s book: Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Find out more: www.itgovernance.co.uk/shop/product/…digital-world

This week, we discuss a credential-stuffing attack on Camelot, heightened fears over Russian cyber attacks and, inevitably, Cambridge Analytica/Facebook.

This week, we discuss the ICO's new GDPR campaign for micro businesses, a potential data breach at Gwent Police, a US$250,000 reward from Binance and Windows Defender stops a massive malware campaign

This week’s extract is taken from Graham Day’s book: Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Find out more: https://www.itgovernance.co.uk/shop/product/security-in-the-digital-world

This week, we discuss the biggest distributed denial-of-service attacks on record, another 2.4 million people affected by the Equifax data breach, and Alexa's sense of humour.

A vital source of information and thought-provoking insights into potential issues within critical information infrastructure (CII).

This week, we discuss new reports from Cisco, McAfee and the CSIS, and Big Brother Watch, and hear more about malicious Monero mining.

A vital source of information and thought-provoking insights into potential issues within critical information infrastructure (CII).

This week, we discuss the use of cryptocurrency mining software on numerous government websites, a phishing scam that robbed Bee Token investors of $1 million and cyber attacks on the Pyeongchang Winter Olympics

A vital source of useful information and thought-provoking insights into potential issues within critical information infrastructure (CII).

This week, we discuss breaches at Grammarly and Octoly, and the arrest of leading members of the Infraud cyber crime group.

A vital source of useful information and thought-provoking insights into potential issues within critical information infrastructure (CII).

This week, we discuss the Australian government's loss of thousands of classified documents, DCMS Secretary of State Matt Hancock's buggy new app and the growing trend of cybercriminals using cryptocurrency miners.

A vital source of information and thought-provoking insights into potential issues within critical information infrastructure (CII).

This week, we discuss Norton's new Cyber Security Insights Report, the inevitability of a category one cyber attack on the UK, unofficial PDFs of Fire and Fury spreading malware, and further fallout from the Spectre and Meltdown CPU vulnerabilities

A vital source of information and thought-provoking insights into potential issues within critical information infrastructure (CII).

This week, we discuss further problems caused by patches for the Meltdown and Spectre vulnerabilities, a text bomb that crashes Apple devices and the World Economic Forum's Global Risks Report 2018.

This week, we discuss a £400,000 ICO fine for Carphone Warehouse, an unfortunate prize from Taiwan's Criminal Investigations Bureau, a $650,000 FTC settlement for VTech and the highlights of this month's Patch Tuesday.

This week, we look back at the big news from last year, and consider what the next 12 months have in store.

This week, we discuss the NCSC's warning to senior civil servants, the poor password habits of MPs, and a bug in the patch Apple rushed out last week.

This week, we discuss a data breach affecting 1.7 million Imgur users, the 2.7 million UK victims of the Uber breach, a major security flaw in macOS High Sierra, and a new investment in data security from the NHS.

This week, we discuss Uber's cover-up of a 2016 breach that compromised 57 million drivers' and customers' personal information, the theft of almost $31 million worth of USDT and more than €100,000 worth of Bitcoin, and good news for victims of Western Union transfer scams.

This week, we discuss security breaches at Jewson and Huddle, and Equifax's post-breach losses.

This week, we discuss a vulnerability that's caused $280 million of cryptocurrency Ethereum to be frozen, the cost of NotPetya to AP Moller-Maersk, the data breach at law firm Appleby, and the former Yahoo and Equifax CEOs grilling by Senators.

This week, we discuss Hilton's settlement following breaches in 2014 and 2015, an important WordPress update that fixes a SQL injection vulnerability, and a new phone service to help small organisations prepare for the GDPR.

This week, we discuss a new strain of ransomware, Kaspersky’s new ‘comprehensive transparency initiative’, and the latest Data Protection Bill news.

This week, we discuss the WPA2 protocol's susceptibility to attack, claims that Iran subjected the UK's parliamentary email system to a brute-force attack, breaches at pizza vendors, and an alleged security slip-up at Microsoft that exposed a database of unfixed vulnerabilities.

This week, we discuss the exposure of four unsecured Accenture servers to the Internet, how Disqus handled its data breach, and bad news for Equifax's UK customers.

This week, we discuss 3 billion compromised Yahoo! accounts, the latest Equifax news, and Home Secretary Amber Rudd's opinion of technology experts

29 September Weekly podcast: Deloitte and Equifax breaches by IT Governance

This week we discuss the Locky/FakeGlobe ransomware campaign, the moral quandary facing cyber criminals, and the worst celebrities to search for online – from a security point of view, that is

This week, we discuss the Equifax data breach, a fine for Facebook and a ban for Kaspersky.

This week we discuss a phishing scam affecting students, a Canadian university’s loss of C$11.8 million, and an increase in data dumps from the Shadow Brokers.

This week, we discuss the exposure of 711 million email addresses by a spambot's server, a £70,000 ICO fine for Nottinghamshire County Council, and a cyber attack on WikiLeaks.

This week, we discuss an data breach at an NHS contractor, the hacking of FC Barcelona’s Twitter account, and a new government report on cyber security awareness.

This week, we discuss a brute-force attack on the Scottish Parliament, the ongoing costs of June's NotPetya attacks, and a double in the number of data breaches affecting the retail sector.

This week, we discuss a prankster’s email conversation with Amber Rudd, the ongoing effects of the NotPetya malware pandemic, the arrest of WannaCry sinkholer Marcus Hutchins by the FBI, and the launch of a data protection bill to implement the GDPR in the UK

This week, we discuss a vulnerability that could allow attackers to turn your Amazon Echo into a wiretap, a new strain of the Svpeng mobile banking malware and the hacking of a digital billboard to display right-wing messages.

This week, we discuss the arrest of a well-meaning Hungarian teenager, vulnerabilities in Internet-connected car washes that could cause them to physically attack users, and data breaches at Italy's biggest bank.

This week, we discuss a data breach affecting adoptees in Newcastle, Myspace's account recovery process, and a security update fixing 47 iOS flaws

In this week's podcast, we discuss another breach at Trump Hotels, a change in how Microsoft collects user data, and the GDPR Report 2017.

Christopher Wright, author of 'Fundamentals of Information Risk Management Auditing', sits down with us and talks about his book. Buy this book here: https://www.itgovernance.co.uk/shop/product/fundamentals-of-information-risk-management-auditing

This week, we discuss another incident response debacle at the AA, the latest move from the NotPetya group, and the hacking of the Bithumb virtual currency exchange.

This week, we discuss a password reset at the AA, a cyber attack on parliamentary emails and the NotPetya malware attack.

This week, we discuss a DDoS attack on Skype, a ransomware attack on South Korean web hosting firm Nayana, and the UK government's new Data Protection Bill

This week, we discuss a £100,000 fine for Gloucester City Council, a new set of post-WannaCry patches for unsupported Windows versions, and two new strains of Mac malware

This week, we discuss the use of the EternalBlue exploit to distribute new payloads after WannaCry, a vulnerability that will give access to network credentials via locked computers, and news that there will be 350,000 cyber security job vacancies by 2022.

This week, we discuss a £150,000 fine for Basildon Borough Council, a data breach affecting a Lithuanian cosmetic surgery clinic, and news that the recent WannaCry ransomware attack may not have spread via Windows XP.

Brian Honan, author of 'ISO27001 in a Windows Environment', sits down with us and talks about his book. Buy this book here: https://www.itgovernance.co.uk/shop/product/iso27001-in-a-windows-environment-third-edition

This week we discuss a phishing attack target BT customers, a major vulnerability in Twitter, and a vulnerability in the Samsung Galaxy S8

This week we provide an overview of the WannaCry ransomware worm, and discuss a number of recent data breaches.

This week, we discus a data breach affecting the Guardian Soulmates dating site, a new IoT botnet potentially affecting 120,000 IP cameras, and the worst Windows remote code execution vulnerability 'in living memory'.

Michael Krausz, author of 'Managing Information Security Breaches - Studies from real life', sits down with us and talks about his book. Buy this book here: https://www.itgovernance.co.uk/shop/product/managing-information-security-breaches-studies-from-real-life-2nd-edition

This week, we discuss a new Google Docs spam campaign, name the companies involved in a $100 million phishing scam, and discuss a seven-year old Intel vulnerability.

This week, we discuss a Skype vulnerability called Spyke, new Android malware that gives attackers access to networks via infected devices, and vulnerabilities affecting 25 models of Linksys router

This week, we discuss data breaches affecting customers of InterContinental Hotels, RingGo and Allrecipes, those companies’ handling of the incidents, and how incident handling will be affected by the EU’s new data protection law.

This week we discuss a data breach that may have compromised the personal information of more than 250,000 Wonga customers, the enterprising cyber crimes of four Ohio prisoners, and a series of security flaws that could allow anyone to control your Aga.

This week, we discuss a new vulnerability in LastPass's browser extensions, phishing at the Leeds Teaching Hospitals NHS Trust, Internet-connected garage door opener Garadget, and a new exploit that hacks Samsung smart TVs via radio signals.

This week, we discuss companies falling foul of existing laws while attempting to comply with the GDPR, problems for Warcraft and Minecraft players, and a bot attack affecting gift cards on nearly 1,000 websites.

This week, we discuss the arrest of a Lithuanian man over a $100 million phishing scam, an indictment against the alleged perpetrators of the Yahoo breach that compromised half a billion accounts, a number of vulnerabilities affecting LastPass's browser extensions, and the ICO's warning to local councils to prepare for the GDPR

This week, we discuss new reports from KPMG, Beaming and the NCSC, which cover a huge increase in cyber fraud, the massive business cost of phishing, and how to fight the "significant and growing" cyber threat.

This week, we discuss the re-emergence of the Shamoon/Disttrack malware, a new trove of CIA documents from WikiLeaks and "numerous security vulnerabilities" in an app used by President Trump's aides.

This week, we discuss the Cloudbleed bug, a breach affecting CloudPets, and the latest news from Yahoo.

This week, we discuss a large-scale cyber-reconnaissance operation, a former system administrator who caused $1 million of damage, and access problems at the US Department of Homeland Security

This week, we discuss yet another Yahoo breach, a university attacked by its own Internet of Things network, and a WordPress vulnerability that leaves blogs open to defacement.

This week, we discuss a hack that Sports Direct didn’t tell its staff about, a spate of malware attacks against enterprise networks, and 150,000 printers churning out ASCII robots.

This week, we discuss a Florida telemarketing company leaking hundreds of thousands of sensitive files, Google apparently mistaking the NHS network for a botnet, 11 charities breaching the data protection act, and the demise of LeakedSource

This week, we discuss a cyber attack on England’s biggest NHS trust, the appointment of Rudi Giuliani to a White House cyber security committee and new research into the biggest threat to critical infrastructure (hint: for once it’s not cyber attack).

This week, we discuss the reappearance of the exposed Hello Kitty database, a warning from Action Fraud about ransomware attacks on schools, and an unsecured airport system leaking passenger data.

This week, we look at the biggest stories of the year.

This week we discuss the compromise of another 1 billion Yahoo records, the sentencing of the boy responsible for the TalkTalk breach, and Ashley Madison's $1.6 million settlement

This week, we discuss a massive data breach at Dailymotion, a very serious data breach at Europol, and the Met Police's novel way of bypassing iPhone encryption.

This week, we discuss suspicious activity on online National Lottery players’ accounts, 900,000 Deutsche Telekom routers knocked offline by the Mirai botnet, and a ransomware attack on the San Francisco transport system.

This week, we discuss a jackpotting malware attack that caused cash machines across Europe to spit out cash, a WordPress RCE vulnerability affecting 27% of the web, and a data breach affecting more than 133,000 Three customers.

This week, we discuss the 17-year-old who admitted to last year’s TalkTalk cyber attack, the compromise of more than 400 million ‘adult’ accounts, further news about the Tesco Bank breach, and a $1 million fine for Adobe Systems.

This week, we discuss the government’s confirmation that the GDPR will apply in the UK, the online theft of £2.5 million from 9,000 Tesco Bank Current accounts, and the youngest ever winner of the Cyber Security Challenge.

This week, we discuss the launch of the UK’s National Cyber Security Strategy for 2016 – 2021, a malware attack on Northern Lincolnshire and Goole NHS Foundation Trust, and how a cyber criminal was caught by the FBI

This week, we discuss theMirai botnet DDoS attack that affected the Dyn Managed DNS service and, with it, many household names, plus mega breaches compromising the personal data of millions of Weebly, Modern Business Solutions and FourSquare users.

This week, we discuss new cyber crime statistics released to mark Get Safe Online Day, a handful of zero-day vulnerabilities affecting Windows machines, and the arrest in Prague of a Russian man in connection with a number of high-profile cyber attacks – including the 2012 LinkedIn hack.

This week, we discuss American 1 declining Wendy’s transactions for poor security, criminals using gaming currency to launder money and new strain of ransomware DXXD.

This week, we discuss a record ICO fine for TalkTalk, new encryption for Facebook, and state surveillance of all Yahoo Mail

This week, we discuss the compromise of 2.2 million teens' i-Dressup accounts, the aftermath of the massive 2014 Yahoo breach, and cyber security advocacy campaigns ECSM and NCSAM.

This week, we discuss a new Cisco vulnerability, a remote attack on Tesla cars, and the implications of the new Insurance Act on cyber security insurance policies

This week, we discuss the theft of £88,000 worth of gold by criminal hackers, ambitious plans from the NCSC's new CEO, and the appointment of the first Federal Chief Information Security Officer.

In this week’s podcast, we take a look at two incidents in which credentials from historic data breaches have appeared on the web, and a password mistake by Owen Smith MP.

This week we discuss the compromise of 68 million Dropbox accounts, cyber security in the international financial sector, and the illegal hacking of voter registration systems in the US

This week we discuss the Epic Games data breach, Ashley Madison's woeful security, and an exaggerated report about Jimmy Wales's death.

This week, we discuss a data breach at software company Sage, a malware attack on hotel and resorts chain HEI, and the attempted auction of alleged US "cyber weapons" by hacking group the Shadow Brokers…

In this week's podcast, we look at Apple's bug bounty programme, two vulnerabilities in cars and a 19-year-old's recent bug bounty success.

Stewart K. Bertram, author of 'The Tao of Open Source Intelligence', sits down with us and talks about his book. Buy this book here: http://www.itgovernance.co.uk/shop/p-1692-the-tao-of-open-source-intelligence.aspx?utm_source=social&utm_medium=soundcloud

This week, we discuss O2 customer data appearing on the dark net, a new affiliate programme for ransomware, and this month’s list of data breaches and cyber attacks.

This week, we discuss a DDoS attack on the US Library of Congress, a cyber attack that cost Steemit users $85,000, and the arrest of the alleged founder of the world's most visited illegal file-sharing site, Kickass Torrents

Alan Calder, the author of EU GDPR – A Pocket Guide, joined us to discuss the GDPR and how organisations should get started.

This week, we discuss a series of major cyber attacks on the UK rail network, a malware attack at Omni Hotels & Resorts affecting 50,000 cards and a data breach at SaaS platform Datadog, and answer a listener question about the new EU-US Privacy Shield

This week, we discuss new analysis of police data breach information, the rise of phishing campaigns capitalising on post-referendum uncertainty, data security incidents in the health sector, and (nearly) answer your question on EU-US data transfers.

This week, we discuss the second breach to hit Hard Rock Hotel & Casino in just over a year, a Plymouth teenager in court for carrying out DDoS attacks, a database of terrorists exposed to the Internet, and what the referendum means for cyber security.

This week, we discuss a disgruntled former student hacking Greenwich University, the exposure of 154 million American voters’ unprotected personal information, and answer listeners’ questions on data protection legislation.

This week, we discuss a Windows zero-day vulnerability on sale for $90,000, hundreds of millions of MySpace, Tumblr and LinkedIn account details on the dark web, and consider the implications of the new EU GDPR.

Author Podcast | Nine Steps To Success: An ISO 27001 Implementation Overview with Alan Calder by IT Governance

This week, we discuss two vulnerabilities in Instagram’s Android app and website, a teenager charged with attacking parenting forum Mumsnet, and a massive increase in phishing attacks. We also ask what you want.

In this week's podcast, we look at a database of LinkedIn login credentials, a smart doorbell with some issues and nominations for the EU Security Blogger Awards 2016

This week, we discuss the evolution of the CryptXXX malware, two malvertising attacks at PerezHilton.com, a data breach at Kiddicare, and evidence that the criminals who stole $81 million from Bangladesh’s central bank had company…

May’s book of the month is A Manager’s Guide to ISO22301, which provides a comprehensive, non-technical introduction to business continuity management and the ISO 22301 standard. We recently sat down with the author, Tony Drewitt, and asked him some questions about the book and ISO 22301

This week, we discuss the youngest beneficiary of Facebook’s bug bounty programme, a Pwnedlist security flaw that exposed 866 million stolen credentials, and 272.3 million Gmail, Yahoo Mail and Hotmail credentials apparently for sale on the dark web.

This week, we look at data breaches affecting the entire Mexican voter database, the exclusive online dating site BeautifulPeople.com, and the Minecraft 'Lifeboat' community...

Christopher Wright, author of 'Fundamentals Of Information Risk Management Auditing' talks to us about his book and why he wrote it.

This week, we consider 400 million vulnerable Android devices, a hosting firm that mistakenly deleted its customers’ websites, a chance to hack the Pentagon, and the sentencing of three Russians on cyber crime charges

Now in its second edition, CyberWar, CyberTerror, CyberCrime and CyberActivism encourages cyber security professionals to take a wider view of what cyber security means, and to make the most of international standards and best practice to create a culture of cyber security awareness that complements technology-based defences. We recently sat down with the author, Dr Julie Mehan, to find out what encouraged her to write the book.

In this week’s podcast, we discuss the formal approval of the EU GDPR, a lawsuit brought against Morrisons by its own staff, and a tool that recovers encrypted hard drives that have been infected with ransomware

This week, we examine a phishing scam that includes recipients’ home addresses, an Android Trojan that’s been downloaded 3.2 million times, a vulnerability in Domino’s pizza ordering app, and the big story of the moment: the data breach at Mossack Fonseca.

In this week's podcast, we examine more hospital ransomware attacks, a new Android vulnerability, Trident's cyber security, and a new strain of malware that's making household appliances move

In this week's podcast, we look at another ransomware attacks on hospitals, a new USB trojan and a serious iMessage security flaw.

In this week's podcast, we discuss cyber criminals' poor spelling, Google's bug bounty programme and a malvertising spike.

In this week’s podcast, we discuss new statistics on password sharing, a recent spike in ransomware, and a newly discovered vulnerability affecting a children’s tablet

In this week’s podcast, we consider the DROWN vulnerability, the apparent resurrection of Hacking Team, and new CPS guidelines for prosecuting trolls

Published in June 2015, ‘Information Security: A Practical Guide’ sets out to address communicating corporate information security to all of your colleagues. Alexandra recently sat down with the author, Tom Mooney, to find out what encouraged him to write the book.

This week, we look at a vulnerability affecting wireless mice and keyboards, one firm’s reaction to a security researcher, and the imprisonment of an app developer’s former employee.

Hello, poddlers! This week, we consider the threat of ransomware, the apparent hacking of the Turkish police, a survey of IT professionals, and new security measures for Instagram.

In this week's podcast, we look at a ransomware attack on Lincolnshire County Council, the cost of last year’s TalkTalk's cyber attack and the new EU-US Privacy Shield.

The Security Consultant’s Handbook by IT Governance

In this week’s podcast, we look at a €50 million cyber fraud, the loss of nearly one million medical records, Google’s ad blocking efforts, and a bug causing iPhones to reboot

In this week’s podcast, we look at Paul Moore’s discovery of a vulnerability in Asda’s website, malvertising, and the RSA conference’s odd interesting choice of keynote speakers.

In our first podcast of 2016, we explain why information security can't be ignored – by anyone – and consider some recent criminal arrests.

Part two of last week's podcast is now available. Rather than covering the events of the past week, we take a look back at the major information security events of 2015. A transcript of the podcast is available below.

This week's podcast is slightly different. Rather than cover what's happened in the previous week, we take a look back at the major events that have occurred in 2015. A transcript of the podcast is available below.

In this week’s podcast, we look at the breach at toy manufacturer VTech, the arrest of the alleged OPM hackers and great information security hygiene at hungryhouse.