Cloud security
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
05 Sep 2022
How Okta is regaining customer trust after a cyber attack
In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident Continue Reading
-
Opinion
05 Sep 2022
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
-
News
02 Sep 2022
Dutch government finally allowed to use public cloud
Public cloud is finally within reach for Dutch public services. Previously, the Dutch government was only allowed to use private clouds due to risks concerning privacy and security Continue Reading
-
News
22 Aug 2022
Kaspersky threat data added to Microsoft Sentinel service
Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service Continue Reading
-
News
19 Aug 2022
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading
-
News
19 Aug 2022
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years Continue Reading
-
News
18 Aug 2022
Growing MFA use spurs ‘pass-the-cookie’ attacks
The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools Continue Reading
-
News
11 Aug 2022
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading
-
Blog Post
10 Aug 2022
SASE vs SSE – Is SASE One “A” Better?
One of the problems with acronym-defined industry “go to’s” in IT, is that they can easily be misconstrued and/or a myriad variations on a theme emerge from the original – thereby confusing the ... Continue Reading
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
-
News
27 Jul 2022
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading
-
News
25 Jul 2022
NCSC seeks community input for Cyber Advisor service
The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward Continue Reading
-
News
25 Jul 2022
Latest Atlassian Confluence vulnerability raises concerns
CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
-
News
20 Jul 2022
Cato aims to bust cyber myths as it extends network protections
Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading
-
News
20 Jul 2022
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims
Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection Continue Reading
-
E-Zine
19 Jul 2022
Tracking the rise of homeworking across the UK
In this week’s Computer Weekly, new figures show that homeworking has more than doubled in the UK due to the pandemic – we look at the regional differences. The pressure is growing on cyber security teams – we analyse the expert advice on how to avoid staff burnout and lost talent. And we examine the important role that tech startups play in the rapid growth of Amazon Web Services. Read the issue now. Continue Reading
-
E-Zine
14 Jul 2022
CW APAC: Buyer’s guide to backup and recovery software
The cyber threat landscape leaves firms with little room for error. In this handbook, focused on backup and recovery software in the Asia-Pacific region, Computer Weekly looks at data protection capabilities, how Veeam aims to achieve a market-leading position, Rubrik’s focus on recovery and Kubernetes’s mission to meet the challenges of containerised application environments. Continue Reading
-
Blog Post
14 Jul 2022
SASE - The Importance Of Spelling It Out In Full
First to note that in these financially – and politically – challenging times, it’s good to see serious investment still in the security area of IT. Let’s face it – we need it more than ever. In ... Continue Reading
-
News
12 Jul 2022
Microsoft Windows Autopatch now generally available
Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service Continue Reading
-
E-Zine
12 Jul 2022
UKtech50 2022: The most influential people in UK technology
In this week’s Computer Weekly, we reveal the 50 most influential people in UK IT for 2022, and talk to the winner of the 12th annual UKtech50, National Cyber Security Centre CEO Lindy Cameron. Also, we take an in-depth look at the crisis in chip supply and what’s needed to solve it. Read the issue now. Continue Reading
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
-
News
05 Jul 2022
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams Continue Reading
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
24 Jun 2022
US cyber agency in fresh warning over Log4Shell risk to VMware
Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability Continue Reading
-
Opinion
24 Jun 2022
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
Opinion
23 Jun 2022
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
Opinion
22 Jun 2022
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
News
21 Jun 2022
CNI leaders’ attitude to ransomware lackadaisical at best
A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats Continue Reading
-
Opinion
21 Jun 2022
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
Opinion
17 Jun 2022
Consider governance, coordination and risk to secure supply chain
A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
-
News
16 Jun 2022
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading
-
News
16 Jun 2022
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
-
News
14 Jun 2022
MS Azure Synapse vulnerability fixed after six-month slog
Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
-
E-Zine
14 Jun 2022
Managing Apple Macs in the enterprise
In this week’s Computer Weekly, with more people working remotely, the use of Apple Macs in the enterprise is growing – we look at how to manage them securely. Our latest buyer’s guide examines security in the supply chain. And 10 years on from the London Olympics, we find out how data innovation is revitalising its legacy. Read the issue now. Continue Reading
-
News
13 Jun 2022
Government recommits to UK’s cyber future in Digital Strategy
New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed Continue Reading
-
News
13 Jun 2022
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading
-
Opinion
10 Jun 2022
Security Think Tank: Don’t trust the weakest link? Don’t trust any link
Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must Continue Reading
-
Blog Post
08 Jun 2022
Using A SASE Platform approach: What Are The Real Cost Benefits?
Following on from my previous blog - where I talked about the real costs of going down the DIY/product portfolio integration route, rather than opting for a “here’s one they made earlier” solution ... Continue Reading
-
Blog Post
07 Jun 2022
Contemporary IT: Off the Shelf Vs Bolt-On Approach? It's a No Brainer!
We’ve talked before in this ‘ere blog about the options available nowadays in terms of buying into a platform-based approach, versus integrating a portfolio of specialist products and services – or ... Continue Reading
-
News
07 Jun 2022
Software house Mega achieves holistic SaaS security with Synopsys
Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards Continue Reading
-
News
01 Jun 2022
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco
Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief Continue Reading
-
Opinion
01 Jun 2022
What does the EU’s NIS 2 cyber directive cover?
We run the rule over the European Union’s updated NIS2 security directive Continue Reading
-
News
26 May 2022
Consultation launched on datacentre, cloud security
The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms Continue Reading
-
Opinion
26 May 2022
Security Think Tank: Core security processes must adapt in a complex landscape
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
25 May 2022
Rubrik charts data security path
Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats Continue Reading
-
News
19 May 2022
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading
-
News
17 May 2022
Veeam outlines data protection vision
Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads Continue Reading
-
News
16 May 2022
Keeping Singapore’s critical systems secure
Tracy Thng offers a glimpse into her work in strengthening the cyber resilience of 11 essential service sectors in Singapore Continue Reading
-
Opinion
12 May 2022
Security Think Tank: Your path to understanding attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
12 May 2022
APAC career guide: Becoming a cyber security pro
The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field Continue Reading
-
News
10 May 2022
CyberUK 22: NCSC refreshes cloud security guidance
The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading
-
News
06 May 2022
IT infrastructure used to launch DDoS attack on Russian targets
Organisations could unwittingly be participating in hostile activity against the Russian government as compromised IT infrastructure is used without their knowledge to launch denial of service attacks Continue Reading
-
Opinion
05 May 2022
Security Think Tank: Identify, assess and monitor to understand attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
Opinion
04 May 2022
Security Think Tank: Defenders must get out ahead of complexity
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading
-
Opinion
03 May 2022
Security Think Tank: Solving for complexity in the network
The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading
-
News
28 Apr 2022
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading
-
News
27 Apr 2022
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading
-
News
26 Apr 2022
Coralogix makes foray into cyber security with Snowbit
Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent Continue Reading
-
News
25 Apr 2022
Mimecast makes deeper push into ASEAN
Mimecast opens regional office in Singapore and is looking at setting up a datacentre in Southeast Asia as it makes a deeper push into the region Continue Reading
-
Blog Post
22 Apr 2022
Singing the key management blues
We need cryptographic keys, but who is going to manage them? How do you make an obscure topic like cryptographic key management interesting? And can you then persuade people to move this security ... Continue Reading
-
News
22 Apr 2022
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading
-
News
21 Apr 2022
Zoom adds new round of cyber security enhancements
Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading
-
E-Zine
20 Apr 2022
CW APAC: Trend Watch: Cyber security
Protection from malicious actors has become a critical consideration for organisations in recent years. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at how to minimise edge security risks, India’s rise in cyber security revenues, Check Point’s sales force and partner ecosystem processes, and Trellix’s decision to democratise XDR access Continue Reading
-
News
20 Apr 2022
AWS fixes vulnerabilities in Log4Shell hot patch
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation Continue Reading
-
News
13 Apr 2022
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading
-
News
13 Apr 2022
More ANZ organisations warm to DevSecOps
About four in 10 organisations in Australia and New Zealand are undertaking the transition to development, security and operations, while a further 36% plan to do so in 2022, study finds Continue Reading
-
News
12 Apr 2022
Universal IAM policy failings put cloud environments at risk
Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study Continue Reading
-
News
11 Apr 2022
Singapore to start licensing cyber security service providers
Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading
-
News
08 Apr 2022
Was Spring4Shell a lot of hot air? No, but...
Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading
-
E-Zine
07 Apr 2022
CW Middle East: UAE and UK researchers work on ‘trustworthy’ cloud OS for datacentres
Imperial College London is embarking on a three-year project with an Abu Dhabi-based group of researchers to find ways for datacentre operators and cloud providers to secure their infrastructure. Also read how Dubai is positioning itself to reap the benefits of a promising global market for drone technology. Continue Reading
-
News
06 Apr 2022
Denonia malware may be first to target AWS Lambda
The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind Continue Reading
-
News
04 Apr 2022
How remote browser isolation can mitigate cyber threats
Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device Continue Reading
-
News
01 Apr 2022
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading
-
News
30 Mar 2022
Australia to spend A$9.9bn on intelligence and cyber capabilities
The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate Continue Reading
-
News
29 Mar 2022
NCSC: Not necessarily wise to ditch Kaspersky
UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates Continue Reading
-
News
29 Mar 2022
Singapore rolls out cyber security certification scheme
Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices Continue Reading
-
News
25 Mar 2022
London police arrest seven in connection to Lapsus$
Seven people arrested by London police over cyber attacks carried out by Lapsus$ group, which is responsible for a number of recent, high profile attacks Continue Reading
-
Blog Post
24 Mar 2022
The Importance of CASB And Its Limitations
It’s been over two years since I introduced the Gartner-defined SASE (“sassy”) to my CW readers – in that time the world has changed somewhat, but the requirement for an intensified, integrated ... Continue Reading
-
News
24 Mar 2022
How India organisations can mitigate cyber threats
Organisations in India will need to invest more in cloud security, gain more visibility into their systems and improve security awareness among employees to fend off cyber attacks Continue Reading
-
News
24 Mar 2022
Hiring and retention challenges in cyber security persist
Latest ISACA report shows that enterprises are struggling to find and retain cyber security talent Continue Reading
-
E-Zine
22 Mar 2022
One year on from IR35 reforms – why IT skills are harder to find
In this week’s Computer Weekly, a year after IR35 tax reforms were introduced, we assess the impact on the UK’s IT talent pool – and it’s not looking good. We examine the rise of industry clouds, and how they are changing the market. And we find out how London councils plan to work together on data and innovation. Read the issue now. Continue Reading
-
News
17 Mar 2022
Kaspersky CEO: Ukraine war must end through diplomacy
Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting Continue Reading
-
News
16 Mar 2022
German authorities warn on Kaspersky but stop short of ban
Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine Continue Reading
-
News
16 Mar 2022
Kubernetes vulnerability underscores repeated security warnings
The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments Continue Reading
-
Opinion
15 Mar 2022
Achieving agility, collaboration and data control in the cloud
Organisations have historically had to make a trade-off between the proven benefits of the cloud and maintaining full control of their data, but with the right strategy it is possible to have both Continue Reading
-
E-Zine
15 Mar 2022
How the tech sector is supporting Ukraine
In this week’s Computer Weekly, we examine the global tech sector response to the invasion of Ukraine, and how hackers are responding to calls for an IT army to target Russia. Our latest buyer’s guide looks at cloud-based ERP and other business applications. And IBM’s UK chief tells us how Big Blue is reinventing itself. Read the issue now. Continue Reading
-
E-Zine
08 Mar 2022
Using technology to protect human rights
In this week’s Computer Weekly, we investigate how technology is being used to tackle human rights abuses worldwide. We offer a step-by-step guide to disaster recovery in the cloud era. And we examine the vital, and successful, role of digital and data in the UK Covid-19 vaccine roll-out. Read the issue now. Continue Reading
-
Feature
08 Mar 2022
How APAC organisations can mitigate edge security threats
The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks Continue Reading
-
News
28 Feb 2022
Cloudflare: Our network is our product
Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats Continue Reading
-
News
25 Feb 2022
Irish data watchdog calls for ‘objective metrics’ for big tech regulation
Helen Dixon, Ireland’s data protection commissioner, says EU regulators must agree on metrics to measure the effectiveness of data protection regulation Continue Reading
-
Feature
24 Feb 2022
Define RPO and RTO tiers for storage and data protection strategy
We look at RPO and RTO in defining data protection and disaster recovery strategies and how to specify tiers that reflect the importance of different systems in your organisation Continue Reading
-
Opinion
24 Feb 2022
The UK’s cyber security sector is thriving, but our work has only just begun
The government’s Annual Cyber Sector Report painted a positive picture of the UK security industry. CIISec’s Amanda Finch thinks we can go further in developing cyber talent and opening up the sector Continue Reading
-
News
23 Feb 2022
Salesforce pays out over £2m in bug bounties
Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme Continue Reading
-
News
23 Feb 2022
Microsoft extends Defender umbrella to Google Cloud Platform
Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in Continue Reading
-
E-Zine
22 Feb 2022
Think nation-state cyber attacks won’t hit you? Think again…
In this week’s Computer Weekly, with Russian state cyber attacks in the news, we find out why security professionals in every organisation need to remain alert. Our buyer’s guide looks at the tools and programmes helping improve IT training. And we look at how the traditional sport of golf is undergoing a digital transformation. Read the issue now. Continue Reading
-
News
16 Feb 2022
2021 another record year for UK cyber investment
Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment Continue Reading
-
News
15 Feb 2022
Botched third-party configuration exposes Internet Society data to web
Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage Continue Reading
-
News
11 Feb 2022
Lack of knowledge disastrous for effective security strategy within Dutch companies
Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy Continue Reading
-
News
09 Feb 2022
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware Continue Reading