Michael Hill

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

Unique TTPs link Hades ransomware to new threat group

New DDoS extortion attacks detected as Fancy Lazarus group returns

New DDoS extortion attacks detected as Fancy Lazarus group returns

After operating under other names, Fancy Lazarus has fine-tuned its DDoS extortion campaigns, although with mixed results.

Ransomware surge emphasises cyberthreats faced by UK education sector

Ransomware surge emphasises cyberthreats faced by UK education sector

Increasing ransomware attacks against schools, colleges and universities underline the cyber-risks faced by the UK’s education sector and highlight the need for defence-in-depth security.

5 questions to answer before jumping on the bug bounty bandwagon

5 questions to answer before jumping on the bug bounty bandwagon

Bug bounty programs can bolster your vulnerability management capabilities, but are you ready?

UK orgs urged to clean up cookies as enforcement heats up

UK orgs urged to clean up cookies as enforcement heats up

Increasing focus on enforcement of EU cookie regulations highlights importance of compliance for organisations to avoid fines, lawsuits, and impact on cybersecurity.

Natural History Museum IT sinks its teeth into security alert overload

Natural History Museum IT sinks its teeth into security alert overload

Despite limited security resources, the Natural History Museum’s two-person IT security team has found a way to better triage alerts.

5 best practices for conducting ethical and effective phishing tests

5 best practices for conducting ethical and effective phishing tests

Phishing tests have become a popular feature of cybersecurity training programs, but they should follow ethical frameworks to ensure they don’t do more harm than good.

Tailor security training to developers to tackle software supply chain risks

Tailor security training to developers to tackle software supply chain risks

Software developers need specialized security awareness training to help them spot supply chain risk and avoid being victimized by attackers.

UK government considers strengthening security rules for MSPs to address supply chain risks

UK government considers strengthening security rules for MSPs to address supply chain risks

DCMS calls for feedback on improving cybersecurity in supply chains. New proposals could require managed service providers to meet strengthened security guidelines.

NCSC announces new cybersecurity resources to protect UK organisations from cyberthreats

NCSC announces new cybersecurity resources to protect UK organisations from cyberthreats

New and updated cybersecurity resources are designed to help organisations large and small better understand and mitigate cyber risks.

UK Cyber Security Association aims to enhance collaboration, training, and best practices

UK Cyber Security Association aims to enhance collaboration, training, and best practices

The freshly launched UK CSA hopes to build a strong and caring cybersecurity community. Membership is now open.

3 steps to smarter cybersecurity hiring and team building

3 steps to smarter cybersecurity hiring and team building

Amid the global cybersecurity skills shortage, organizations and security leaders must shift their hiring and team development approach to have fewer barriers, be more diverse, and take the long view.

Load More