Opinion

Opinion

• Security Think Tank: As cyber pros, we need to articulate our needs better

  There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham  Continue Reading

• Security Think Tank: The more you buy, the less you protect

  The most important lesson learned this year is that the more controls you have in place, the less secure you become, argues 2-sec’s Tim Holman  Continue Reading

• Electronic Trade Documents Bill: Why we need to seize the day with distributed ledger technologies

  Lord Chris Holmes pens his views for Computer Weekly on how the Electronic Trade Documents Bill, which he calls ‘the most important law you’ve never heard of’, could be a game-changer for the potential of distributed ledger technologies such as ...  Continue Reading

• Ransomware: Is there hope beyond the overhyped?

  Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity  Continue Reading

• Think technology, process, human risk to manage ransomware

  Effective ransomware handling boils down to three core areas – technology, process and human risk  Continue Reading

• Chartered status and aligned standards are crucial for the UK's cyber sector

  As the UK moves closer to ushering in the world’s first chartered cyber professionals, the UK Cyber Security Council’s Simon Hepburn outlines the sector’s defining moment  Continue Reading

• Protecting children as they spend years in virtual worlds

  To protect children online, we must now focus on pre-emptive and robust regulation around immersive technologies  Continue Reading

• Your staff are the frontline in your ransomware fight

  As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect  Continue Reading

• New India – the next global tech magnet

  A group of UK tech leaders visited India, and may have seen the next world-leading tech ecosystem emerging  Continue Reading

• Why robots will make work more human

  Smart technology should be about making people’s lives easier, freeing them up for judgement-based tasks and giving them the data and information they need for smart decision-making  Continue Reading

• Redundancies – are tech companies getting it right?

  With recession now a reality, big tech companies have started slimming down their workforces, but they have legal responsibilities  Continue Reading

• Gartner: Three key tasks needed to decommission applications

  A guide to slimming down a full portfolio of applications that are expensive to maintain and difficult to adapt to business needs  Continue Reading

• Security Think Tank: Ransomware defences: An extended to-do list

  Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things  Continue Reading

• Security Think Tank: Let’s be transparent about ransomware

  Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks  Continue Reading

• Cyber insurance: The good, the bad and the ugly

  Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee  Continue Reading

• Security Think Tank: To stop ransomware, preparation is the best medicine

  You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes  Continue Reading

• All means all when it comes to encryption

  Nigel Thorpe, technical director at SecureAge, makes the case for encrypting everything all of the time when it comes to protecting data  Continue Reading

• Security Think Tank: Anti-ransomware strategies should be as easy as ABC

  When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated  Continue Reading

• How government can capitalise on a revolution in data sharing

  Alison Pritchard, deputy national statistician at the Office for National Statistics, says the new government Integrated Data Service enables tackling questions that we don’t yet know we need to answer  Continue Reading

• Data-driven decision making will fail – and here is why

  Marc Warner, CEO at Faculty, contends that corporate organisations need to go through a cycle similar to the development of scientific thought – from divination, via data deluge to theoretical understanding  Continue Reading

• To fight ransomware, we must treat digital infrastructure as critical

  Ransomware defence is failing because we don’t view our digital infrastructure in the same way as our physical infrastructure, argues Elastic’s Mandy Andress  Continue Reading

• Three million empty seats: What can we do about the cyber skills shortage?

  Companies should look for candidates with the right skills potential, rather than insist they tick a hundred different security skills boxes  Continue Reading

• Security Think Tank: Ransomware and CISOs’ balancing act

  Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection but also response and recovery  Continue Reading

• More women in tech will bridge the skills gap and bolster growth

  Large global technology firms will reach nearly 33% overall female representation in their workforces in 2022. Growth is slow, but heading in the right direction  Continue Reading

• Fewer CIOs have a seat on the board but we still need technology leaders

  This democratisation of technology still needs a leader, but it’s a healthy sign that discussion of tech has become part of business as usual at board level  Continue Reading

• Can crypto recover from the crash of 2022?

  What does the crypto wipeout of 2022 mean for an increasingly turbulent economy and can crypto bounce back in the months and years ahead? Crucially, how will regulators react?  Continue Reading

• Security Think Tank: Know your networks, know your suppliers

  To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights  Continue Reading

• The rise and risks of sovereign data strategies

  Data and analytics leaders need to understand what is happening now to mitigate risk and exploit data-driven opportunities  Continue Reading

• How to build consumer trust with a privacy-by-design approach

  Undertaken with the right mindset and technology, privacy by design delivers value to consumers and builds trust for the long term  Continue Reading

• The risk of losing our EU data adequacy agreement is real

  While some may welcome the government’s ambition to shake up the UK’s data protection regime, Westminster should be wary of drifting too far from the path charted by our US and European partners  Continue Reading

• Security Think Tank: Container security: why so different?

  Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas  Continue Reading

• How has container security changed since 2020, and have we taken it too far?

  While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up  Continue Reading

• The Conservatives are laughing at cyber security pros

  If causing a security breach is a resigning matter, then you shouldn’t expect to get your old job back a week later. Unless you’re a Conservative home secretary, apparently  Continue Reading

• IT Sustainability Think Tank: Helping IT leaders avoid falling victim to greenwashing

  How can IT leaders separate fact from fiction when weighing up a tech supplier’s sustainability claims? And, crucially, what are the dangers or risks enterprises face if they do not do their due diligence on the green claims of their providers?  Continue Reading

• IT Sustainability Think Tank: Assessing a supplier’s sustainability credentials

  How can IT leaders separate fact from fiction when weighing up a tech supplier’s sustainability claims? And, crucially, what are the dangers or risks enterprises face if they do not do their due diligence on the green claims of their providers?  Continue Reading

• IT Sustainability Think Tank: How IT buyers can verify the green claims of their supply chain

  How can IT leaders separate fact from fiction when weighing up a tech supplier’s sustainability claims? And, crucially, what are the dangers or risks enterprises face if they do not do their due diligence on the green claims of their providers?  Continue Reading

• Reducing the cyber stack with API security

  Budgets are tight, making it difficult to secure spend, but is there an argument for jettisoning fragmented approaches to securing APIs in favour of a dedicated end-to-end approach? Doubling down on API security could help businesses not just reduce...  Continue Reading

• Currency markets causing choppy waters for UK outsourcing

  Anthony Drake, director at tech advisory ISG, explains how the UK government’s botched mini-Budget announcement raised the cost of IT outsourcing  Continue Reading

• IT Sustainability Think Tank: What IT leaders need to know about greenwashing

  How can IT leaders separate fact from fiction when weighing up a tech supplier’s sustainability claims? And, crucially, what are the dangers or risks that enterprises face if they do not do their due diligence on the green claims of their providers?  Continue Reading

• Security Think Tank: Design security in to reap container benefits

  Provided container security basics are built into your development and runtime environment from the start, containerised services and applications can provide rapid – and secure – achievement of business objectives  Continue Reading

• IT Sustainability Think Tank: Getting to grips with greenwashing

  How can IT leaders separate fact from fiction when weighing up a tech supplier’s sustainability claims? And, crucially, what are the dangers or risks that enterprises face if they do not do their due diligence on the green claims of their providers?  Continue Reading

• Three ways that APIs can fail

  It’s all very well having an API strategy, but software teams need to be ready for when things start going wrong  Continue Reading

• How to maximise tech recruitment in an uncertain and unpredictable market 

  Six tips for employers to maximise your chances of securing the IT talent you need  Continue Reading

• Use site reliability engineering to address cloud instability

  How do you prepare for a worst-case scenario, when the public cloud hosting critical components of your IT infrastructure fails?  Continue Reading

• Everything you wanted to know about the metaverse

  Possession may be nine-tenths of the law, but the unique qualities of digital assets mean they do not easily fit into the age-old legal concept of ownership  Continue Reading

• Artificial intelligence in the workplace

  When AI systems are used, there is an obligation to consider how they might affect fairness, accountability and transparency in the workplace  Continue Reading

• IR35 reforms repeal: How it stands to benefit the tech sector’s SMEs and contractors

  Government’s planned repeal of IR35 reforms could help alleviate a lot of the uncertainty and pressure on the tech sector’s SMEs  Continue Reading

• How to protect against SMS mobile security weakness

  The simple messaging service provides two-factor authentication in banking and e-commerce, but what happens if your SIM card is stolen?  Continue Reading

• Security Think Tank: Three steps to a solid DevSecOps strategy

  Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first  Continue Reading

• It’s time for engineering teams to own DevSecOps

  It may seem counterintuitive, but maybe organisations should consider delegating responsibility for DevSecOps to engineering teams, not security teams, argues Elastic’s Mandy Andress  Continue Reading

• Security Think Tank: Adding trust to AppSec and DevSecOps

  When building in trust and assurance into app development through standards, it is critically important not to stifle innovation  Continue Reading

• Security Think Tank: Creating a DevSecOps-friendly cyber strategy

  When slowing down is not an option, you need to find a security strategy that is DevSecOps friendly, says Airbus Protect’s Olivier Allaire  Continue Reading

• Security Think Tank: The many dimensions of DevSecOps

  It is imperative to make our colleagues and customers know that when we talk DevSecOps, we are facing a multiphase challenge that starts at the very beginning of DevOps, and one that never ends  Continue Reading

• Data-driven government needs practical steps

  We should build data platforms for government with the same techniques used in creating anything digital, argues Jim Stamp, head of data at Made Tech  Continue Reading

• Security Think Tank: Good procurement practices pave the way to app security

  Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS  Continue Reading

• Security Think Tank: Shift left, shift right. What about shift everywhere?

  The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere  Continue Reading

• Security Think Tank: Effective DevSecOps requires collaboration

  Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access ...  Continue Reading

• ODI: Smart data promise could founder against paywalls

  The Open Data Institute’s Mahlet Zimeta examines the government’s smart data plan, which could boost competition and empower the public, but needs to be set up to allow rapid creation of new markets without barriers  Continue Reading

• Data sharing: How can we make sure the UK is a world leader?

  The UK government risks missing out on the benefits and opportunities laid out in its National Data Strategy – and could lose international competitiveness as a result  Continue Reading

• IT Sustainability Think Tank: Why IT and procurement teams must work together to go green

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprises be collaborating with to make their green IT goals a reality?  Continue Reading

• Why you should start your post-quantum encryption migration now

  Some say we have the best part of a decade to prepare for the security risks that quantum computing presents to current encryption tech, but PA Consulting experts believe that timeframe is shrinking dramatically  Continue Reading

• IT Sustainability Think Tank: Collaborating with consultancies to go green

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprises be collaborating with to make their green IT goals a reality?  Continue Reading

• IT Sustainability Think Tank: Collaboration key to achieving ESG goals faster

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprises be collaborating with to make their green IT goals a reality?  Continue Reading

• IT Sustainability Think Tank: Embedding GreenOps into enterprises

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprises be collaborating with to make their green IT goals a reality?  Continue Reading

• IT Sustainability Think Tank: How IT and procurement can collaborate for a more sustainable future

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprise leaders be collaborating with to make their organisation’s green IT goals a reality?  Continue Reading

• IT Sustainability Think Tank: Why cross-business collaboration is key to achieving green IT goals

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprise leaders be collaborating with to make their organisation's green IT goals a reality?  Continue Reading

• The dangers of the UK’s illogical war on encryption

  The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most  Continue Reading

• IT Sustainability Think Tank: How partnerships can help enterprises reach their green goals

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprises be collaborating with to make their green IT goals a reality?  Continue Reading

• Reimagining ethical digital technology

  With ever-increasing digitisation leading to greater dependence on a range of digital technologies, enterprises need to urgently look at how they can incorporate ethical and social considerations into the tech they develop  Continue Reading

• IT Sustainability Think Tank: How collaboration and partnerships enable a circular economy

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprise leaders be collaborating with to make their organisation’s green IT goals a reality?  Continue Reading

• IT Sustainability Think Tank: Collaboration is key for CIOs to reach their company’s green IT goals

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprise leaders be collaborating with to make their organisation’s green IT goals a reality?  Continue Reading

• IT Sustainability Think Tank: Hitting ESG targets relies on the power of partnerships

  It takes a village to build a credible and robust IT sustainability strategy, so who should enterprises be collaborating with to make their green IT goals a reality?  Continue Reading

• Security Think Tank: Don’t rely on insurance alone

  Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables  Continue Reading

• Where are all the technologists? Talent shortages and what to do about them

  It’s harder than ever to recruit good IT specialists, but there are some simple strategies for digital leaders to fill gaps in their teams  Continue Reading

• Cyber insurance: An effective use of your scant security budget?

  The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes  Continue Reading

• Lots to consider when buying cyber insurance, so do your homework

  When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity  Continue Reading

• The evolution of threat modelling as a DevSecOps practice

  Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process  Continue Reading

• Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it

  In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered  Continue Reading

• Security Think Tank: Now is the time to think about cyber insurance

  Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs  Continue Reading

• Assessment and knowledge: Your key tools to secure suppliers

  There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal  Continue Reading

• Finding the balance between innovation and data security in healthcare

  As the government launches its data strategy for health and social care, a fine line must be trodden between innovating through privacy-enhancing technologies, and retaining data security for patients  Continue Reading

• What will the Data Reform Bill mean for UK businesses operating in the EU?

  Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union  Continue Reading

• Germany – let’s stop debating data retention and start finding solutions

  Germany has the opportunity to set the democratic precedent for ending the collection and retention of everybody’s call details record and metadata in the EU. It is time find real and effective solutions to crime  Continue Reading

• Security Think Tank: Supply chain security demands systematic approach

  Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business  Continue Reading

• Why the world needs tech standards for UN Sustainable Development Goals

  Chaesub Lee from the ITU argues that the world needs technology standards to address the UN’s Sustainable Development Goals  Continue Reading

• Security Think Tank: Balanced approach can detangle supply chain complexity

  Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices  Continue Reading

• We’re all technologists now – the powerful impact of low-code platforms

  Low-code platforms are bringing a shift in how organisations develop and use technology – and it’s the job of the CIO to let it happen in a controlled, secure and connected fashion  Continue Reading

• Supply chain security goes deep – forget this at your peril

  It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology  Continue Reading

• Governance and progression of AI in the UK

  Artificial intelligence and machine learning are essential to growth in the global digital economy, and the UK has ambitions to lead the way  Continue Reading

• IT Sustainability Think Tank: Tightening up a circular supply chain

  With sustainability moving up the boardroom agenda, CIOs and IT managers should look to revamp their IT procurement strategies to align with the principles of the circular economy, but why and what does this mean when it comes to managing the ...  Continue Reading

• Consider governance, coordination and risk to secure supply chain

  A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on  Continue Reading

• Privacy-enhancing technologies – myths and misconceptions

  As the UK and US prepare to open a joint privacy-enhancing technology (PET) prize challenge, expert Ellison Anne Williams busts some myths and misconceptions around this emerging area  Continue Reading

• IT Sustainability Think Tank: The circular economy in the context of the datacentre

  With sustainability moving up the boardroom agenda, CIOs and IT managers should look to revamp their IT procurement strategies to align with the principles of the circular economy, but why and what does this mean when it comes to managing the ...  Continue Reading

• Security Think Tank: Best practices for boosting supply chain security

  In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk  Continue Reading

• Is digital ID still the missing link for the UK’s digital economy?

  While progress has been made, the government’s proposed digital ID trust framework needs more work – and the tech industry wants to have more input  Continue Reading

• Security Think Tank: Basic steps to secure your supply chain

  When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail  Continue Reading

• IT Sustainability Think Tank: Corporate devices and the circular economy

  With sustainability moving up the boardroom agenda, CIOs and IT managers should look to revamp their IT procurement strategies to align with the principles of the circular economy, but why and what does this mean when it comes to managing the ...  Continue Reading

• Data leaders need to overcome their fears and unlock their creativity

  Author and data management consultant Caroline Carruthers argues that data leaders need to tap into their creativity to make their analytical work pay off  Continue Reading

• IT Sustainability Think Tank: Aligning procurement with the principles of the circular economy

  With sustainability moving up the boardroom agenda, CIOs and IT managers should look to revamp their IT procurement strategies to align with the principles of the circular economy, but why and what does this mean when it comes to managing the ...  Continue Reading

• Security Think Tank: Don’t trust the weakest link? Don’t trust any link

  Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must  Continue Reading