Latest from the Lab... January 2025
Hello there, and welcome back to our first newsletter issue of 2025! We've got a few things to report on since the turn of the year, from the latest stories in cyber security, to some updates from our side. We're happy to be back with you as we truly kick off 2025 in earnest.?
Italy bans DeepSeek over data protection concerns
?
Italy’s data protection authority, the Garante, has blocked access to Chinese AI company DeepSeek’s services, citing inadequate transparency about its data handling practices. The decision follows the company’s failure to provide satisfactory responses regarding what personal data it collects, where it sources its training data, and whether any information is stored in China. DeepSeek’s parent companies have claimed they do not operate in Italy and that EU data protection laws do not apply to them, prompting the regulator to take immediate action while launching a formal investigation.
Beyond privacy concerns, DeepSeek has also come under scrutiny for vulnerabilities in its AI models, making them susceptible to jailbreak techniques that could allow bad actors to generate malicious content, including cyberattack tools. Security researchers have also raised questions about whether DeepSeek has incorporated OpenAI data into its models, sparking legal and ethical concerns. This ban marks another example of regulators cracking down on AI platforms over security and privacy risks—much like Italy’s temporary ban on OpenAI’s ChatGPT in 2023. With AI governance tightening, companies will face increasing pressure to prove their compliance with global data protection standards.
British Government Warned of Increased Cyber Risks, NAO reports
?
The UK government faces an escalating cyber threat, with dozens of critical IT systems vulnerable to attack, according to a new report from the National Audit Office (NAO). An assessment of 58 key systems found significant weaknesses in cyber-resilience, while at least 228 outdated “legacy” systems remain unassessed, leaving the government unaware of their vulnerability. With recent attacks—including breaches of NHS networks and the British Library ransomware incident—ministers have been warned that cyber strikes against public infrastructure are expected to become a regular occurrence.
Despite growing threats from hostile states and cyber criminal groups, the NAO criticised the government’s slow response, citing underinvestment, a lack of coordination, and a persistent shortage of cyber security skills. While steps are being taken, such as new legislation and regional cyber-skills projects, experts warn that without urgent action, the UK remains exposed to disruptive attacks.
Our CTO, Chris Templeton said: "Proactive funding in the British public sector is a challenge. It's vital that IT departments in central and local government have the adequate resources to combat potential threats and vulnerabilities. It's increasingly common to see boosts in cyber funding after a breach has happened, but it's important to ensure that protections are in place so that these attacks don't happen in the first place."
Expert Opinion
The chances are, you're already on your way to Zero Trust - Ewan Ferguson
In November of 2024, our CEO - Ewan Ferguson - had the opportunity to speak at Futurescot: Digital Scotland. Alongside our partner, Fortinet, Ewan discussed the importance of Zero Trust policy adoption.
Many of you are already on the path to Zero Trust adoption without realising it. If you’re using multi-factor authentication (MFA), single sign-on (SSO), endpoint protection, or strict access controls, you’re already laying the foundation. The key is to build on what you have, treating Zero Trust as a set of adaptable security layers rather than a one-time overhaul.
领英推荐
FULLPROXY NEWS
We're exhibiting at the National Cyber Security Show in April!
In April of this year, we'll be attending the National Cyber Security Show in Birmingham! One of the biggest cyber events in the UK, the NCSS brings together a range of cyber businesses of all shapes and sizes to connect and learn. We'll be there with our friends from AppViewX, showcasing the vital importance of automated certificate lifecycle management in the context of quantum resilience.
?
More to follow!
FullProxy listed as Top 200 Technology Supplier for the UK Public Sector
We were delighted to be included in Tussell and techUK's Top 200 list of the fastest-growing UK tech suppliers for the public sector! We're proud of the work we've done to help keep the public sector private, including NHS Trusts, Local Authorities and Central Government Departments.
FullProxy's 2025 Predictions
As we move into 2025, the cyber security landscape continues to evolve rapidly, bringing new threats and challenges for businesses and government institutions alike. In January, we identified four key cyber security that we believe will shape the year ahead, starting with the growing challenge of data harvesting. The rise of Shadow IT and Shadow AI—where employees use unauthorised tools and AI applications—poses serious risks, from data leaks to security blind spots. For this, it's key that you implement clear policies and robust Data Loss Prevention (DLP) measures to prevent sensitive information from slipping through the cracks.