IT for consulting and business services
Companies in the consulting and business services industries often have specialist needs that require effective use of IT. Law firms, consultancies, accountants, recruitment firms and other advisory services use innovative technology to deliver business benefits, and you can read our news and analysis of the key trends and what they mean to you
-
News
03 Jan 2024
Artificial intelligence to the front in Sweden’s National Technology Strategy
Sweden focuses in on artificial intelligence in its latest far-reaching national IT strategy Continue Reading
-
Feature
07 Sep 2023
Interview: Ashish Gupta, head of EMEA, HCLTech
It’s not just enterprises that changed their operating models during and after Covid, but also the suppliers that took them on the journey, HCLTech Europe’s head explains Continue Reading
-
News
13 Apr 2023
Thousands at risk from critical RCE bug in legacy MS service
Thousands of organisations worldwide are at risk from three vulnerabilities – one critical – in a legacy Microsoft service that they may not be aware they are running Continue Reading
-
News
12 Apr 2023
April Patch Tuesday fixes zero-day used to deliver ransomware
A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update Continue Reading
-
News
12 Apr 2023
Gartner: Rebalance cyber investment towards human-centric elements
Security decision-makers need to reprioritise their investment outlooks towards people, rather than technology, according to the latest market forecast from Gartner Continue Reading
-
News
11 Apr 2023
UKtech50 2023: Help us find the most influential people in UK IT
Computer Weekly’s annual search for the 50 most influential people in UK IT is back – let us know who you would like to nominate for this year’s list Continue Reading
-
Opinion
11 Apr 2023
Security Think Tank: Adopt a coherent framework for ID first security
With IAM central to enabling appropriate access to cloud-based services, identity first security is becoming a key trend for IAM in the cloud. Continue Reading
-
News
05 Apr 2023
Quick-acting Rorschach ransomware appears out of nowhere
Emergent Rorschach ransomware strain is highly advanced and quite unusual in its capabilities, warn researchers, who say they have been unable to link it to any other known strains Continue Reading
-
News
05 Apr 2023
CGI signs up to prison leaver employment initiative
IT supplier is working with training company specialised in helping prison leavers to find recruitment in the tech sector Continue Reading
-
News
04 Apr 2023
Threat researchers dissect anatomy of a Royal ransomware attack
Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022 Continue Reading
-
News
04 Apr 2023
Over 90% of organisations find threat hunting a challenge
Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report Continue Reading
-
News
31 Mar 2023
Generative AI central to Accenture’s tech vision
Generative AI will play a central role over the next 10 years as the digital and physical world become more and more integrated Continue Reading
-
News
30 Mar 2023
OSC&R supply chain security framework goes live on Github
The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework Continue Reading
-
News
30 Mar 2023
NCSC issues revised security Board Toolkit for business leaders
National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools Continue Reading
-
News
30 Mar 2023
Climate change vs technology: Study suggests tech investments could mitigate environmental risks
Bloomberg Media report, sponsored by investment firm Mubadala, highlights human impacts of various industry megatrends, including climate change and technology adoption Continue Reading
-
News
28 Mar 2023
Alan Turing Institute unveils strategy to support UK AI
The strategy is built around helping the UK government realise its artificial intelligence ambitions, and focuses on areas where the UK can play a transformative role in shaping AI development Continue Reading
-
News
28 Mar 2023
Apple security updates fix 33 iPhone vulnerabilities
A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels Continue Reading
-
News
28 Mar 2023
Ransomware attacks up 45% in February, LockBit responsible
NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active Continue Reading
-
News
27 Mar 2023
CBI launches campaign to boost UK tech unicorns
The CBI has launched a campaign to transform the UK’s technology unicorns into decacorns valued at $10bn, with specific policy recommendation due to be published later in 2023 Continue Reading
-
News
24 Mar 2023
National Crime Agency sting operation infiltrates cyber crime market
The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks Continue Reading
-
News
24 Mar 2023
Accenture to cut 19,000 jobs globally
Accenture is cutting ‘structural’ costs which includes a reduction of 19,000 staff and a consolidation of office space Continue Reading
-
News
21 Mar 2023
Ransomware gangs harass victims to ‘bypass’ backups
Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order Continue Reading
-
News
20 Mar 2023
BBC cracks down on TikTok after review
The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences Continue Reading
-
News
17 Mar 2023
UK TikTok ban gives us all cause to consider social media security
The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for Continue Reading
-
News
16 Mar 2023
BEC attacks doubled in 2022, outstripping ransomware
Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks Continue Reading
-
News
16 Mar 2023
Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine
A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly Continue Reading
-
News
15 Mar 2023
Chinese Silkloader cyber attack tool falls into Russian hands
A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators Continue Reading
-
News
15 Mar 2023
Microsoft patches Outlook zero-day for March Patch Tuesday
A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading
-
Feature
14 Mar 2023
As Covid fades away, what’s the future of remote work in Europe?
Many IT leaders are still supporting some form of work from home, and a trend is beginning to take shape in Europe Continue Reading
-
News
13 Mar 2023
MI5 to oversee new National Protective Security Authority
The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets Continue Reading
-
News
06 Mar 2023
Over 50s and IR35: How retired IT workers could help close the tech sector skills gap
With the UK government wanting to get more people who took early retirement in the wake of the pandemic back to work, recruitment experts ponder if encouraging them to work on a freelance basis could close the IT sector’s skills gap Continue Reading
-
Opinion
28 Feb 2023
Security Think Tank: Training can no longer be a compliance exercise
Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading
-
Opinion
27 Feb 2023
Cyber training in 2023 needs to drive measurable change
2023 will see more focus on security training programmes that not only provide employees with an understanding of the risks they face but more importantly drive measurable behavioural change, says PA Consulting’s Richard Allen Continue Reading
-
News
23 Feb 2023
WithSecure proposes ‘undo’ button for ransomware
WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening Continue Reading
-
News
22 Feb 2023
Researchers find new bug ‘class’ in Apple devices
A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix Continue Reading
-
News
22 Feb 2023
Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert
Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result Continue Reading
-
News
22 Feb 2023
Half of cyber leaders to switch jobs by 2025, citing stress
A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study Continue Reading
-
Opinion
21 Feb 2023
Cyber security training: Insights for future professionals
Future cyber security professionals need soft skills as well as technical ones, says security educator Sudeep Subramanian Continue Reading
-
News
21 Feb 2023
HMRC slammed for ‘needlessly’ pursuing CEST-assured outside-IR35 contractor
HMRC stands accused of needlessly drawing out an IR35-related investigation into an engineering contractor’s tax affairs by ignoring the findings of its own Check Employment Status for Tax tool Continue Reading
-
Opinion
16 Feb 2023
Security Think Tank: New trends and drivers in cyber security training
Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading
-
News
15 Feb 2023
Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs
Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off Continue Reading
-
News
15 Feb 2023
Microsoft fixes three zero-days in February update
February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver Continue Reading
-
News
14 Feb 2023
Vidar, nJRAT re-emerge as prominent malware threats in January
Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry Continue Reading
-
Opinion
14 Feb 2023
How to protect your business from fraud during a recession
This winter, the chilly winds of a global recession have fraudsters turning up the heat. PJ Rohall of SEON Fraud Fighters shares some guidance on how to bundle up against fraud Continue Reading
-
News
13 Feb 2023
KPMG launches metaverse and digital twin hub in Saudi Arabia
The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores Continue Reading
-
News
13 Feb 2023
Security buyers lack insight into threats, attackers, report finds
The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report Continue Reading
-
Opinion
08 Feb 2023
Security Think Tank: Poor training is worse than no training at all
Bad security training is a betrayal of users, a security risk, and ultimately a waste of money, but there are some reasons to be optimistic about the future, say Mike Gillespie and Ellie Hurst of Advent IM Continue Reading
-
News
06 Feb 2023
The Security Interviews: How to overcome data protection compliance challenges
Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how? Continue Reading
-
News
03 Feb 2023
LockBit gang confirms Ion cyber attack as disruption continues
The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February Continue Reading
-
Opinion
03 Feb 2023
Security Think Tank: In 2023, we need a new way to cultivate better habits
Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress Continue Reading
-
Opinion
02 Feb 2023
Security Think Tank: Getting the training and development mix right
Rob Dartnall, CEO at SecAlliance and chair of Crest’s UK Council, describes the need for formal, varied and continuous development in the cyber security sector Continue Reading
-
News
02 Feb 2023
Suspected LockBit ransomware attack causes havoc in City of London
A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders Continue Reading
-
News
01 Feb 2023
Cloud security top risk to enterprises in 2023, says study
A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year Continue Reading
-
News
01 Feb 2023
UK Cyber Council and ISACA launch audit, assurance programme
The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros Continue Reading
-
News
31 Jan 2023
Tech Nation to shutter after more than a decade
Tech Nation due to shutter after losing core funding to Barclays Eagle Labs, which will take over its role in supporting UK technology startups and scaleups Continue Reading
-
News
27 Jan 2023
Hive ransomware gang taken down after FBI hacks back
The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation Continue Reading
-
News
25 Jan 2023
Will mass big tech lay-offs affect employment prospects of IT contractors in 2023?
With some of the biggest tech firms in the world announcing mass redundancies, will the flood of new entrants to the jobs market affect the prospects of IT contractors already looking for work amid the cost-of-living crisis? Continue Reading
-
News
25 Jan 2023
Boards struggle to resolve cyber risk in digital supply chains
Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk Continue Reading
-
News
24 Jan 2023
UK insurers need to up their game on cyber gaps, says PRA
Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority Continue Reading
-
News
24 Jan 2023
SSRF attacks hit 100,000 businesses globally since November
There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers Continue Reading
-
News
23 Jan 2023
CIO interview: Ed Higgs, group director of IT shared services, Rentokil Initial
The pest control provider has consolidated 77 datacentres globally to just three – but with a corporate culture of acquisitions, there’s still a lot more to do Continue Reading
-
News
17 Jan 2023
Crest throws support behind CyberUp CMA reform campaign
Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990 Continue Reading
-
News
13 Jan 2023
Unionised contract workers who train Google’s AI win pay rise
Google contract workers employed at artificial intelligence training supplier RaterLabs have secured their first-ever pay rise, following collective demands that Google fulfil its own commitment to pay its extended workforce a minimum of $15 an hour Continue Reading
-
News
12 Jan 2023
Government accused of leaving umbrella company regulation in limbo by shelving enforcement body
The UK government is coming under pressure to reveal the state of its plans to regulate umbrella companies after it emerged that the enforcement body it promised to create is unlikely to materialise Continue Reading
-
News
11 Jan 2023
Microsoft fixes EoP zero-day on January Patch Tuesday
On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns Continue Reading
-
News
10 Jan 2023
Insurer Beazley introduces catastrophe bond to ease cyber risk
Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover Continue Reading
-
News
04 Jan 2023
Why India’s Mphasis chose West Yorkshire for tech hub
IT services firm Mphasis is moving more service delivery to the UK with around 1000 tech recruits planned for Northern England Continue Reading
-
News
03 Jan 2023
CDO interview: Lisa Heneghan, global chief digital officer, KPMG
The advisory and consultancy firm’s former UK CDO has stepped up into a global role – with a whole new set of challenges and opportunities around taking digital transformation further Continue Reading
-
Feature
29 Dec 2022
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
News
29 Dec 2022
Top 10 Nordic IT stories of 2022
Here are Computer Weekly's top 10 Nordic IT articles of 2022 Continue Reading
-
Opinion
29 Dec 2022
How does red teaming test the ultimate limits of cyber security?
An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading
-
News
22 Dec 2022
Top 10 cyber security stories of 2022
The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading
-
News
22 Dec 2022
Top 10 cyber crime stories of 2022
Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading
-
News
20 Dec 2022
Four-day working week set to stay at Atom bank
Challenger bank Atom has formalised a four-day working week policy after a successful trial Continue Reading
-
Opinion
19 Dec 2022
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
News
14 Dec 2022
Ethical hackers flex their muscles in 2022
Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021 Continue Reading
-
News
14 Dec 2022
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading
-
News
13 Dec 2022
EU issues draft data adequacy decision in favour of US
The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision Continue Reading
-
News
13 Dec 2022
The nature of the CISO role will be in flux in 2023
As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report Continue Reading
-
Opinion
12 Dec 2022
Security Think Tank: Embrace prioritisation, people, imperfections
Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading
-
News
09 Dec 2022
Iranian APT seen exploiting GitHub repository as C2 mechanism
A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading
-
Opinion
09 Dec 2022
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
News
08 Dec 2022
Apple to tap third party for physical security keys
Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys Continue Reading
-
News
07 Dec 2022
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
-
Opinion
07 Dec 2022
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
News
06 Dec 2022
Don’t become an unwitting tool in Russia’s cyber war
Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack? Continue Reading
-
Opinion
01 Dec 2022
Ransomware: Is there hope beyond the overhyped?
Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading
-
News
30 Nov 2022
Latest LockBit ransomware versions have wormable capabilities
Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter Continue Reading
-
Opinion
30 Nov 2022
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
Feature
29 Nov 2022
How gamifying cyber training can improve your defences
Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading
-
News
25 Nov 2022
Data management, backup becoming the CISO's responsibility
More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year Continue Reading
-
Opinion
24 Nov 2022
Your staff are the frontline in your ransomware fight
As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading
-
News
23 Nov 2022
South Korea data adequacy pact brings £15m Brexit bonus
UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m Continue Reading
-
News
22 Nov 2022
Ducktail spins new tales to hijack Facebook Business accounts
The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts Continue Reading
-
News
22 Nov 2022
C-suite mystified by cyber security jargon
Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders Continue Reading
-
News
18 Nov 2022
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use Continue Reading
-
News
17 Nov 2022
Brexit deregulation will make UK next Silicon Valley, vows Hunt
Chancellor vows to revolutionise how the IT industry is regulated to spur competition, investment and innovation in a technological ‘Big Bang’ Continue Reading
-
News
17 Nov 2022
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching Continue Reading
-
News
16 Nov 2022
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading
-
Opinion
16 Nov 2022
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
Opinion
14 Nov 2022
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
Opinion
11 Nov 2022
Cyber insurance: The good, the bad and the ugly
Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee Continue Reading