Business continuity planning
Business continuity is an organization's ability to maintain critical business functions during and after a disaster has occurred.. See complete definition.
-
E-Zine
07 Dec 2023
CW EMEA: Prepare for cyber war
When the war between Hamas and Israel began in October, cyber security professionals and major government and private organisations braced for an inevitable accompanying online war. In this issue of CW EMEA, we outline cyber war, patterns of threat activity, and find out what security teams can do to protect their organisations. We also look at Finland’s advances in quantum computing, how Belgian researchers have developed technology to help datacentres process data faster, and the secrets of KPN’s successful business transformation. Read the issue now. Continue Reading
-
E-Zine
13 Apr 2023
CW EMEA: Under attack and stressed out
In this month's CW EMEA, we look at how cyber attacks are taking a toll on security professionals, damaging their mental health and forcing some to quit. We also look at Finland's allure for tech entrepreneurs, how software is enabling a new business model for a Swedish car manufacturer, and the importance of backup testing. Read the issue now. Continue Reading
-
Opinion
03 Feb 2023
Security Think Tank: In 2023, we need a new way to cultivate better habits
Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress Continue Reading
-
Opinion
02 Feb 2023
Security Think Tank: Getting the training and development mix right
Rob Dartnall, CEO at SecAlliance and chair of Crest’s UK Council, describes the need for formal, varied and continuous development in the cyber security sector Continue Reading
-
News
02 Feb 2023
Suspected LockBit ransomware attack causes havoc in City of London
A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders Continue Reading
-
News
01 Feb 2023
Cloud security top risk to enterprises in 2023, says study
A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year Continue Reading
-
News
01 Feb 2023
UK Cyber Council and ISACA launch audit, assurance programme
The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros Continue Reading
-
News
31 Jan 2023
Russian DDoS hacktivists seen targeting western hospitals
A swathe of attacks by the Putin-supporting DDoS operation known as Killnet has targeted hospitals and other infrastructure in several Nato countries, with the UK thought to be at risk Continue Reading
-
News
31 Jan 2023
GitHub warns Desktop, Atom users after code-signing certificates pinched
Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users Continue Reading
-
News
31 Jan 2023
Royal Mail recovers more International Tracked services
Royal Mail is making further progress in recovering IT systems hit by a ransomware attack, and has re-enabled another tranche of international export services Continue Reading
-
News
27 Jan 2023
Hive ransomware gang taken down after FBI hacks back
The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation Continue Reading
-
News
26 Jan 2023
Royal Mail resumes some international parcel services from UK
Royal Mail has successfully stood up its International Tracked and Signed, and International Signed, services as it continues to recover from a ransomware attack Continue Reading
-
News
25 Jan 2023
Boards struggle to resolve cyber risk in digital supply chains
Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk Continue Reading
-
News
24 Jan 2023
UK insurers need to up their game on cyber gaps, says PRA
Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority Continue Reading
-
Feature
24 Jan 2023
IT’s shift to the cloud: Veeam’s data protection report in detail
With half of servers in the cloud, most backup and nearly all disaster recovery cloud-centric, the shift to the cloud is significant – but container backup is one area that is yet to settle down Continue Reading
-
News
24 Jan 2023
SSRF attacks hit 100,000 businesses globally since November
There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers Continue Reading
-
News
23 Jan 2023
NCSC warning over cyber risk to charity sector
Cash-strapped charities without the resource to tackle their resilience deficit are increasingly at risk from malicious actors, says the NCSC Continue Reading
-
News
22 Jan 2023
Royal Mail making limited progress on ransomware recovery
Royal Mail asks customers to hold back from sending post overseas as some services get back on track, while a report warns that disruptive attacks on critical infrastructure are set to become more common Continue Reading
-
News
19 Jan 2023
Outdated IT infrastructure poses growing risk to UK Security Vetting
Delays to UKSV’s important work in safeguarding the country’s national security are in part down to a legacy IT estate in dire need of modernisation, says the NAO Continue Reading
-
News
18 Jan 2023
Ukraine CERT leaders touch down in London for talks
The UK’s NCSC has been hosting Ukrainian cyber security leaders for a round of bilateral talks on improving resilience Continue Reading
-
News
18 Jan 2023
Ukraine cyber teams responded to more than 2,000 attacks in 2022
The Ukrainian authorities responded to more than 2,000 major cyber incidents during 2022, and are blocking thousands more potential attacks every day Continue Reading
-
News
17 Jan 2023
Crest throws support behind CyberUp CMA reform campaign
Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990 Continue Reading
-
News
12 Jan 2023
Guardian confirms Christmas 2022 cyber attack was ransomware
Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack Continue Reading
-
News
11 Jan 2023
Should we be worried about malicious use of AI language models?
WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned? Continue Reading
-
News
11 Jan 2023
Microsoft fixes EoP zero-day on January Patch Tuesday
On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns Continue Reading
-
News
08 Jan 2023
Vulnerable organisations to get free Cyber Essentials support
Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre Continue Reading
-
News
06 Jan 2023
Russia’s Turla falls back on old malware C2 domains to avoid detection
Mandiant says it has observed the Russian APT UNC2410, also known as Turla, re-registering expired or sinkholed domains previously used by financially motivated cyber criminals Continue Reading
-
News
05 Jan 2023
Fallout from Guardian cyber attack to last at least a month
The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time Continue Reading
-
Feature
05 Jan 2023
Securing low Earth orbit represents the new space race
The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges Continue Reading
-
News
02 Jan 2023
China and India governments among top targets for cyber attackers
Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures Continue Reading
-
Feature
29 Dec 2022
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
Opinion
29 Dec 2022
How does red teaming test the ultimate limits of cyber security?
An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading
-
News
22 Dec 2022
Top 10 cyber security stories of 2022
The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading
-
News
22 Dec 2022
Top 10 cyber crime stories of 2022
Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading
-
Feature
21 Dec 2022
A sticky story: How, and why, hackers love stickers on laptops
We’ve all seen laptops adorned with security stickers and in-jokes, but how did this cyber community trend get started, what does it signify, and what does it say about the humans behind the screens? Continue Reading
-
Opinion
21 Dec 2022
Post-Brexit cyber dynamics in the UK and Europe: diverging paradigms?
The UK faces a choice in terms of its ongoing cyber security relationship with the EU – to preserve its collaboration with the EU by adopting an aligned approach or to adopt a divergent approach Continue Reading
-
Opinion
19 Dec 2022
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
News
16 Dec 2022
UK unis implement new IP traffic policies to combat ransomware
Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading
-
News
14 Dec 2022
NHS gets new guidance on public benefits of data sharing
NHS national data guardian Nicola Byrne has published new guidance on how health and social care bodies should approach the task of evaluating public benefit when using data for purposes beyond individual care Continue Reading
-
News
14 Dec 2022
Ethical hackers flex their muscles in 2022
Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021 Continue Reading
-
News
14 Dec 2022
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading
-
Opinion
14 Dec 2022
Security Think Tank: How much digital trust can you place on zero-trust?
The events of the past couple of years have highlighted many considerations that should be taken into consideration when pursuing a zero-trust strategy, says ISACA’s Steven Sim Kok Leong Continue Reading
-
News
13 Dec 2022
EU issues draft data adequacy decision in favour of US
The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision Continue Reading
-
News
13 Dec 2022
The nature of the CISO role will be in flux in 2023
As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report Continue Reading
-
News
13 Dec 2022
Finnish government launches information security voucher scheme
Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading
-
News
13 Dec 2022
More Uber data exposed in possible supply chain attack
A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading
-
News
13 Dec 2022
Customer frustrations mount as Rackspace investigation proceeds
Rackspace says it is making progress on restoring services following a ransomware attack on its Hosted Exchange business, but customers are becoming frustrated with a lack of communication Continue Reading
-
Opinion
12 Dec 2022
Security Think Tank: Embrace prioritisation, people, imperfections
Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading
-
Opinion
09 Dec 2022
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
News
08 Dec 2022
Australia to develop new cyber security strategy
New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading
-
News
07 Dec 2022
Rackspace email outage confirmed as ransomware attack
An ongoing outage affecting Rackspace email customers is the result of a ransomware attack Continue Reading
-
News
07 Dec 2022
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
-
Opinion
07 Dec 2022
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
News
06 Dec 2022
Legacy IT magnifies cyber risk for Defra, says NAO
Some 30% of Defra’s applications are currently unsupported, magnifying cyber risk as the government department struggles to make progress on a digital transformation programme Continue Reading
-
News
06 Dec 2022
Industrial IoT focus of next NCSC startup challenge
The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading
-
News
05 Dec 2022
Cohesity doubles down on cyber-defence failings via backup
Datahawk service and Data Security Alliance bring clean data restores, ransomware artefact detection, data vaulting and data audit for a clearer understanding of attack impact Continue Reading
-
News
05 Dec 2022
French cyber consultancy Hackuity sets up UK operation
Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading
-
Opinion
05 Dec 2022
Security Think Tank: The more you buy, the less you protect
The most important lesson learned this year is that the more controls you have in place, the less secure you become, argues 2-sec’s Tim Holman Continue Reading
-
Opinion
01 Dec 2022
Ransomware: Is there hope beyond the overhyped?
Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading
-
News
30 Nov 2022
Latest LockBit ransomware versions have wormable capabilities
Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter Continue Reading
-
Opinion
30 Nov 2022
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
News
27 Nov 2022
Plexal inducts six into cyber leadership scheme
Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders Continue Reading
-
News
25 Nov 2022
Data management, backup becoming the CISO's responsibility
More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year Continue Reading
-
News
24 Nov 2022
Not-for-profit aims to encourage 1,300 girls into cyber careers
CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading
-
News
23 Nov 2022
Red team tool developer slams ‘irresponsible’ disclosure
UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors Continue Reading
-
News
23 Nov 2022
Dutch national cyber security strategy aims to protect digital society
Cabinet sets up national cyber security strategy to make the Netherlands digitally secure Continue Reading
-
News
22 Nov 2022
Killnet DDoS hacktivists target Royal Family and others
Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks Continue Reading
-
News
22 Nov 2022
C-suite mystified by cyber security jargon
Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders Continue Reading
-
Opinion
21 Nov 2022
Ransomware preparedness: The long road ahead
Is your organization ready for ransomware? A recent survey shows that businesses in a variety of industries are all struggling with ransomware prevention and recovery. Continue Reading
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
-
News
18 Nov 2022
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use Continue Reading
-
News
18 Nov 2022
CyberPeace Institute helps NGOs improve their security resilience
Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people Continue Reading
-
News
16 Nov 2022
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading
-
Opinion
16 Nov 2022
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
E-Zine
15 Nov 2022
How to protect against ransomware attacks
In this week’s Computer Weekly, we look at how to prepare for and protect against ransomware, and what to do if you’re hit by an attack. We gauge industry reaction to Ofcom’s plan to investigate the big three cloud providers. And we find out how travel giant TUI is implementing self-service analytics. Read the issue now. Continue Reading
-
Opinion
14 Nov 2022
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
Opinion
11 Nov 2022
Cyber insurance: The good, the bad and the ugly
Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee Continue Reading
-
News
11 Nov 2022
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products Continue Reading
-
Opinion
11 Nov 2022
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
News
10 Nov 2022
Cyber criminals have World Cup Qatar 2022 in their sights
Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so Continue Reading
-
News
09 Nov 2022
UK’s National Cyber Advisory Board convenes for first time
Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online Continue Reading
-
News
09 Nov 2022
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity Continue Reading
-
Opinion
09 Nov 2022
Security Think Tank: Anti-ransomware strategies should be as easy as ABC
When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading
-
Opinion
07 Nov 2022
To fight ransomware, we must treat digital infrastructure as critical
Ransomware defence is failing because we don’t view our digital infrastructure in the same way as our physical infrastructure, argues Elastic’s Mandy Andress Continue Reading
-
News
04 Nov 2022
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare Continue Reading
-
Opinion
04 Nov 2022
Security Think Tank: Ransomware and CISOs’ balancing act
Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection but also response and recovery Continue Reading
-
News
03 Nov 2022
Microsoft pledges $100m in new IT support for Ukraine
Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future Continue Reading
-
News
03 Nov 2022
Automated threats biggest source of cyber risk for retailers
Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report Continue Reading
-
News
03 Nov 2022
Global coalition reaffirms commitment to fight ransomware
Representatives of 36 countries, as well as the EU, attended the second International Counter Ransomware Initiative Summit in Washington DC Continue Reading
-
News
02 Nov 2022
UK spent £6.4m on secret cyber package for Ukraine
Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks Continue Reading
-
News
02 Nov 2022
OpenSSL vulnerabilities ‘not as bad as feared’
As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared Continue Reading
-
Opinion
02 Nov 2022
Security Think Tank: Know your networks, know your suppliers
To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights Continue Reading
-
News
01 Nov 2022
A third of UK cyber leaders want to quit, report says
Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload Continue Reading
-
News
01 Nov 2022
NCSC looks back on year of ‘profound change’ for cyber
The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful Continue Reading
-
Opinion
31 Oct 2022
Security Think Tank: Container security: why so different?
Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas Continue Reading
-
News
27 Oct 2022
NCSC’s Levy steps down after 20-year intelligence career
NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’ Continue Reading
-
Feature
27 Oct 2022
Will the OCSF create an open and collaborative cyber industry?
The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption Continue Reading
-
News
27 Oct 2022
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS Continue Reading
-
News
24 Oct 2022
Half of staff might quit after a cyber attack, report says
Findings from a survey of CISOs, IT leaders and staffers reveal how experiencing a cyber incident may take a larger-than-thought toll on employee retention Continue Reading
-
Feature
20 Oct 2022
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
News
20 Oct 2022
The Security Interviews: Why now for ZTNA 2.0?
With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading
-
News
20 Oct 2022
Cyber professional shortfall hits 3.4 million
Shortage of cyber security professionals continues to grow and shows no signs of abating, says report Continue Reading