IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
20 Nov 2024
ORG urges ICO to revise public sector enforcement approach
The Open Rights Group is urging the Information Commissioner’s Office to revise its light touch approach to public sector data protection issues, arguing that its experimental policy of limiting its enforcement actions to reprimands and notices, rather issuing fines, is allowing bad practices to continue largely unabated Continue Reading
-
News
20 Nov 2024
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks Continue Reading
-
News
01 Jul 2021
NHS IT fraudster Barry Stannard sentenced to five years in prison
Stannard used his position as head of unified communications at an Essex NHS Trust to cheat the taxpayer of more than £800,000 Continue Reading
-
News
30 Jun 2021
REvil affiliates offer hefty ransom discounts, data reveals
REvil or Sodinokibi ransomware activity is higher than ever, but its success appears to be relative, with some affiliates prepared to dramatically cut their prices Continue Reading
-
News
30 Jun 2021
LinkedIn denies exposure of 700 million user records is a data breach
Data relating to 700 million users of the LinkedIn networking platform has appeared for sale, but the firm says it is the victim of data scraping, not a security breach Continue Reading
-
News
30 Jun 2021
Cops seize criminal VPN used by ransomware gangs
A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity Continue Reading
-
Opinion
30 Jun 2021
Ethical hacking: What, why, and overcoming concerns
We find out why and how hitting your own business with a cyber attack can help improve security Continue Reading
-
News
29 Jun 2021
New Nobelium attacks a reminder to attend to cyber basics
A new campaign from the same threat group that broke into SolarWinds serves as a reminder that cyber crime gangs will try to exploit any avenue they can, even if technically unsophisticated Continue Reading
-
News
29 Jun 2021
UK Cyber Security Council launches inaugural initiatives
Security association seeks to determine terms of reference for committees to oversee standards and ethics, and qualifications and careers in the cyber sector Continue Reading
-
Opinion
29 Jun 2021
Banking tech fraud: How to trace and recover your money
Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost Continue Reading
-
News
28 Jun 2021
Insurers unprepared for challenges of underwriting ransomware
RUSI think tank calls for an industry-wide reset amid intense challenges for providers of cyber security insurance Continue Reading
-
News
28 Jun 2021
UK’s FCA bans crypto exchange Binance as crackdown spreads
Ban on Binance Markets comes amid a wider global crackdown on the largely unregulated global market for cryptocurrencies and related assets. Continue Reading
-
News
28 Jun 2021
HMRC-branded phishing scams surge despite protections
The number of HMRC-branded phishing scams surged 87% in the past 12 months, according to latest revealed figures Continue Reading
-
Opinion
25 Jun 2021
Universal Credit: What went wrong, and what we learned
The architect of one of the biggest and most controversial government policies – and IT failures – of the past decade gives his inside view of the project, and how Computer Weekly was a thorn in their side Continue Reading
-
News
25 Jun 2021
NCSC CEO: UK-Ireland collaboration crucial to stop cyber threats
Speaking at a conference in Dublin, NCSC Lindy Cameron is highlighting the importance of continued collaboration between the UK and Ireland to protect shared interests and counter security threats Continue Reading
-
News
25 Jun 2021
Anglesey schools offline after cyber attack
Isle of Anglesey County Council is investigating a cyber attack that has forced it to shut down systems at all five secondary schools on the island Continue Reading
-
News
25 Jun 2021
CMA to probe Amazon and Google over fake reviews
The CMA has opened an investigation into Amazon and Google over possible breaches of consumer protection law Continue Reading
-
News
24 Jun 2021
Google hands third-party cookies a stay of execution
Google’s proposed Privacy Sandbox initiative – which will see third-party cookies phased out in the Chrome web browser – has been pushed back to 2023 Continue Reading
-
News
24 Jun 2021
Revealed: Crypto platform’s role in Cl0p ransomware raid
Crypto infrastructure provider Binance provided assistance to law enforcement after finding its exchange was being used by cyber criminals to launder their ransomware profits Continue Reading
-
News
24 Jun 2021
Online Safety Bill unfit for purpose, says new campaign group
Campaign group set up to oppose Online Safety Bill says the duty of care is too simplistic, cedes too much power to US corporations and will, in practice, privilege the speech of journalists or politicians Continue Reading
-
News
24 Jun 2021
(ISC)² makes ransomware education course free through 31 July
Cyber security association is making its Professional Development Institute course on ransomware free to the general public until the end of July Continue Reading
-
News
24 Jun 2021
Vodafone confirms European datacentres will be powered by 100% green energy by July 2021
Telco giant claims it is on course to hit an important milestone in its latest sustainability push, with its entire European operations set to be 100% renewably powered by 1 July Continue Reading
-
News
24 Jun 2021
Make ransomware payments illegal, say 79% of cyber pros
Report produced for MSSP Talion claims overwhelming support for the criminalisation of ransomware payments Continue Reading
-
News
23 Jun 2021
City of York picks Barracuda Networks for data protection
York Council needed to refresh its backup service to bring new security protections after it went ‘all-in’ on Microsoft Office 365 Continue Reading
-
News
23 Jun 2021
European Union to set up new cyber response unit
Proposed Joint Cyber Unit will tackle a rising number of serious incidents impacting public services, businesses and citizens of the EU Continue Reading
-
News
23 Jun 2021
Time to patch increases significantly during pandemic
New data from US-based endpoint management specialist Automox reveals some of the challenges security teams face in keeping up with endpoint security Continue Reading
-
News
23 Jun 2021
UK councils reported over 700 data breaches to ICO in 2020
Data disclosed under the Freedom of Information Act reveals an estimated 700 data breaches were reported to the Information Commissioner’s Office by local councils last year Continue Reading
-
News
22 Jun 2021
SonicWall sees 226.3 million ransomware attack attempts this year
SonicWall detected 226.3 million attempted ransomware attacks between January and May 2021, more than double the number seen in the same period last year Continue Reading
-
News
22 Jun 2021
EU regulators call for ban on biometrics in public spaces
European Union’s data protection regulators say facial recognition and other biometric identification technologies present too great a risk to fundamental human rights to be allowed in public spaces Continue Reading
-
News
22 Jun 2021
CDEI: UK public wants clear algorithmic transparency policies
A research exercise by the Centre for Data Ethics and Innovation has found the UK public wants clear, easy-to-understand information about algorithms in use by the public sector Continue Reading
-
News
22 Jun 2021
Cloudflare announces new integrations with Microsoft, others
New security integrations with Microsoft Azure Sentinel, Splunk, Datadog and Sumo Logic will supposedly make it easier for users to analyse network security data Continue Reading
-
Opinion
22 Jun 2021
European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption
Proposals by European Commission to search for illegal material could mean the end of private messaging and emails Continue Reading
-
News
22 Jun 2021
NSPCC, IWF help under-18s scrub their nude photos from the web
Report Remove tool is designed to be used by under-18s to report nude images or videos of themselves that have appeared online Continue Reading
-
News
22 Jun 2021
Boris Johnson unveils plans for National Science and Technology Council
Prime minister Boris Johnson has announced plans to set up a National Science and Technology Council, which will help the UK realise and maximise the opportunities of scientific and technological breakthroughs Continue Reading
-
22 Jun 2021
Europe’s proposed AI regulation falls short on protecting rights
The EC’s proposal for artificial intelligence regulation focuses on creating a risk-based, market-led approach replete with self-assessments, transparency procedures and technical standards, but critics warn it falls short of being able to protect people’s fundamental rights and mitigating the technology’s worst abuses Continue Reading
-
News
22 Jun 2021
UK SMEs lack capacity to fend off cyber attacks
Three-quarters of UK SME leaders would not have sufficient capacity or expertise to deal with a cyber attack, according to a report Continue Reading
-
News
21 Jun 2021
Parliamentary devices left in taxis, buses, trains and pubs
Nearly 100 devices belonging to parliamentary staffers, including MPs and peers, were lost or stolen over the course of 2019 and 2020 Continue Reading
-
Feature
21 Jun 2021
Best practices for secure printing
The reality of a paperless office remains some way off, so printers are here to stay for a while. But their increasingly connected status means securing them should be a priority Continue Reading
-
News
18 Jun 2021
NHS App reaches six million users, thanks to Covid vaccine feature
More than two million new users have downloaded the NHS App since it was updated in May to include Covid-19 vaccination status Continue Reading
-
News
18 Jun 2021
ICO issues guidance on facial recognition in public spaces
Information commissioner’s concern over the problematic use of facial recognition in public spaces has prompted her to publish official guidance on its deployment, while civil society calls for an outright ban Continue Reading
-
News
18 Jun 2021
Druva helps Thirteen Group get round Azure data retention limits
Social housing business has migrated to Microsoft Office 365 on Azure, but needed long-term data retention to comply with General Data Protection Regulation Continue Reading
-
News
18 Jun 2021
Carnival Cruises hit by fourth cyber incident in a year
Latest data breach at Covid-hit cruise line comes hot on the heels of two recent ransomware attacks and a spring 2020 breach Continue Reading
-
News
18 Jun 2021
UK taskforce calls for cutting GDPR protections
The UK’s Taskforce on Innovation, Growth and Regulatory Reform has recommended scrapping safeguards against automated decision-making contained in the General Data Protection Regulation Continue Reading
-
News
17 Jun 2021
Cyber crooks target Amazon Prime users ahead of retail bonanza
A surge in malicious domain registrations ahead of Amazon Prime Day indicates cyber criminals have set their sights on exploiting vulnerable shoppers Continue Reading
-
News
17 Jun 2021
Biden tackles Putin on ransomware at Geneva summit
Discussions between Joe Biden and Vladimir Putin on cyber crime appear to have been somewhat positive, but the path ahead remains unclear Continue Reading
-
News
16 Jun 2021
Tech sector trade union campaigns to protect workers’ privacy
A UK-based trade union for technology workers and others employed by tech companies is organising around the issue of worker’s privacy and workplace monitoring Continue Reading
-
News
16 Jun 2021
Lack of clarity hinders UK gigabit broadband roll-out
UK’s ability to capitalise on solid current momentum in roll-out of next-generation gigabit broadband is at risk because too few consumers are aware of the technology and its benefits, study warns Continue Reading
-
News
16 Jun 2021
Organisations cannot rely on cyber insurance to cover losses
Ransomware attacks have become a big driver of cyber insurance claims, but insurance must not be relied upon as a failsafe, says a report Continue Reading
-
News
15 Jun 2021
NHS Test and Trace picks Risk Ledger to secure supply chain
Risk Ledger’s technology promises ‘unparalleled’ visibility into NHS Test and Trace’s supply chain Continue Reading
-
News
15 Jun 2021
Privacy pro salaries rise throughout pandemic, but at a cost
Data from the IAPP’s latest salary survey reveals some insight into how the pandemic impacted the privacy profession Continue Reading
-
Opinion
15 Jun 2021
Why a data-driven world should consider an oath of ethics
The Hippocratic Oath is perhaps the most widely known of Greek medical texts – and such an oath is needed in data science Continue Reading
-
News
15 Jun 2021
Ransomware most insidious cyber threat facing UK
NCSC CEO urges organisations to do more to prepare for ransomware attacks Continue Reading
-
News
15 Jun 2021
The Security Interviews: How to build a government model to ‘hack for good’
Kyle Hanslovan started Huntress to give back after a career in the intelligence sector. After US authorities took action to help people hit by the Microsoft Exchange attacks, we discussed how governments can ‘hack for good’ Continue Reading
-
Feature
14 Jun 2021
Europe’s proposed AI regulation falls short on protecting rights
The European Commission’s proposal for artificial intelligence regulation focuses on creating a risk-based, market-led approach replete with self-assessments, transparency procedures and technical standards, but critics warn it falls short of being able to protect people’s fundamental rights and mitigating the technology’s worst abuses Continue Reading
-
News
11 Jun 2021
CMA secures commitments from Google on future of cookies
The Competition and Markets Authority is opening a consultation on commitments offered to it by Google to ensure its Privacy Sandbox proposals do not harm digital advertising markets Continue Reading
-
Opinion
11 Jun 2021
Security Think Tank: To secure printers think process, technology and people
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
11 Jun 2021
UK promises tougher line on cyber crime
Speaking ahead of the G7 Summit, foreign secretary Dominic Raab says the UK is ready to take on cyber criminals and other malicious actors wherever they may be Continue Reading
-
Feature
10 Jun 2021
How the pandemic changed backup
The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading
-
News
10 Jun 2021
Risk data shows UK energy sector most vulnerable to cyber attack
New report compiled by insurance firm Hiscox reveals the state of cyber preparedness in the UK and beyond Continue Reading
-
Opinion
10 Jun 2021
Security Think Tank: Time to accept printers will leak data
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
09 Jun 2021
FBI arrests distributors accused of selling An0m encrypted phones to crime groups
Working with overseas law enforcement, the FBI has arrested eight people and named a further 13 accused of distributing An0m phones to organised crime groups Continue Reading
-
News
09 Jun 2021
RSA spins out fraud and risk unit as Outseer
RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer Continue Reading
-
Opinion
09 Jun 2021
Why agility is the key to secure software
Continuous delivery of software product releases demands continuous security. Businesses and regulators are right to wonder whether organisations are valuing cyber security by the design of their products Continue Reading
-
News
09 Jun 2021
Microsoft fixes seven zero-days on its Patch Tuesday rounds
Fixes for six actively-exploited – and one yet-to-be-exploited – zero-day bugs are released in the June 2021 Patch Tuesday update Continue Reading
-
News
09 Jun 2021
Colonial Pipeline ransom seizure is a win, but don’t relax yet
The security community is enthusiastic about the US authorities’ recovery of a significant part of the Colonial Pipeline ransomware payment, but this positivity should perhaps be somewhat tempered Continue Reading
-
News
08 Jun 2021
NHS Digital delays data collection plans until September
NHS Digital has postponed its proposed collection of GP data for two months, to allow more time for the public to understand the process and opt out if wanted Continue Reading
-
News
08 Jun 2021
National data guardian calls for dialogue on NHS Digital GP plans
The UK’s national data guardian says it is important the public has clarity on how their confidential medical information will be used and kept secure under NHS data-sharing plans Continue Reading
-
Opinion
07 Jun 2021
Security Think Tank: What must a secure print strategy take into account?
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
07 Jun 2021
EU privacy chief investigates use of US cloud services
Use of Amazon and Microsoft’s cloud services by public sector bodies in the European Union is being scrutinised by the bloc’s privacy watchdog Continue Reading
-
News
07 Jun 2021
Siloscape malware a risk to Windows containers, Kubernetes
Palo Alto’s Unit 42 reports on what appears to be the first-recorded malware targeting Kubernetes clusters through Windows containers Continue Reading
-
News
07 Jun 2021
NCSC updates schools ransomware guidance amid surge
The National Cyber Security Centre says it is dealing with a renewed surge of ransomware attacks targeting schools, colleges and universities Continue Reading
-
News
07 Jun 2021
IBM pushes back against US government data requests
Technology giant IBM says the US government has ‘no jurisdiction’ to request data from its European entities Continue Reading
-
News
07 Jun 2021
Campaigners plan legal action over NHS data sharing
Privacy coalition aims to force NHS Digital to push back its plans to scrape medical information on millions of patients into a central database Continue Reading
-
Opinion
07 Jun 2021
NHS Digital’s GP data-scraping plan must be publicised and delayed
The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman Continue Reading
-
News
04 Jun 2021
UK immigration exemption in Data Protection Act found unlawful
Court of Appeal rules immigration exemption unlawful, but further hearings will follow to decide what remedies must be put in place Continue Reading
-
Opinion
04 Jun 2021
Security Think Tank: Printers can’t be an ‘add-on’ in your cyber strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
04 Jun 2021
BCS: Lack of communication over NHS GPDPR ‘astonishing’
The Chartered Institute for IT has warned that millions of people are not being properly informed of NHS Digital plans to harvest their data Continue Reading
-
News
04 Jun 2021
Government action on ransomware epidemic gathers pace
The US government steps up action against ransomware operators, while the UK’s NCSC publishes guidance on preparing to deal with a ransomware attack Continue Reading
-
News
03 Jun 2021
Tories fined over email data protection breaches
The Conservative Party broke the law by failing to properly keep records of who had unsubscribed from its mailing list Continue Reading
-
News
03 Jun 2021
Pandemic a ‘once-in-a-lifetime’ chance to reshape security
The volume of remote working has made it hard to paint an accurate picture of the true state of enterprise cyber security, but it presents an opportunity to change things up Continue Reading
-
News
02 Jun 2021
Scottish businesses missing out on Cyber Essentials benefits
More than a third of Scottish businesses do not believe they are adequately prepared to deal with a cyber security incident Continue Reading
-
Opinion
02 Jun 2021
Security Think Tank: Steps to a coherent print security strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Feature
02 Jun 2021
What the Telecommunications (Security) Bill means for UK industry
The Telecommunications (Security) Bill is intended to reinforce the security of the UK telecommunications infrastructure, but what are the implications for industry? Continue Reading
-
Opinion
02 Jun 2021
Security Think Tank: Printer risks go deep into IT history
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Opinion
01 Jun 2021
Long-term thinking is vital to secure UK’s critical infrastructure
To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie Continue Reading
-
News
01 Jun 2021
Ex-IT manager stole over £800,000 from NHS trust
A former senior IT manager at an Essex NHS trust has pleaded guilty to defrauding his employer out of more than £800,000 Continue Reading
-
News
28 May 2021
Privacy experts concerned over NHS data collection plans
Security and data privacy experts warn NHS Digital that its data collection plans could increase risk and cause a public backlash Continue Reading
-
News
27 May 2021
Loss of 150,000 police records made worse by management failures
The loss of 150,000 records from a number of national policing systems was caused by a human coding error, but made worse by process and management failures Continue Reading
-
News
27 May 2021
MP-backed push to stop tech giants claiming super-deduction tax relief thwarted
Move to prevent the likes of Amazon using the government's new super-deduction policy to minimise their UK tax liabilities even further fails to win support in the House of Commons Continue Reading
-
News
27 May 2021
NGOs file complaints against Clearview AI in five countries
Privacy and human rights organisations have asked data protection regulators in the UK, France, Austria, Italy and Greece to investigate controversial facial recognition company Clearview AI Continue Reading
-
News
26 May 2021
More data stolen in January 2021 than in all of 2017, says report
The volume of data being stolen through breaches is growing steadily and shows no sign of slowing, according to a report from Imperva Continue Reading
-
News
26 May 2021
Millions of pounds lost to crypto fraud on social media
More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud Continue Reading
-
News
26 May 2021
Nordic CIO interview: Tommi Tuovila, Neste
Former Olympian talks to Computer Weekly about the challenges facing CIOs in a rapidly changing world Continue Reading
-
Opinion
25 May 2021
Policies key to revolutionising Identity Governance and Administration
The proliferation of digital identities, applications, data, security threats and compliance requirements means that Identity Governance and Administration (IGA) has never been more important, but not all organisations are approaching it in an effective and efficient way Continue Reading
-
News
25 May 2021
Threat of group GDPR legal action haunts CISOs
The vast majority of security leaders questioned for a new report say they are concerned about the possibility of group legal settlements against them following a serious data breach Continue Reading
-
News
25 May 2021
McAfee to change terms of auto-renewing consumer plans
Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back Continue Reading
-
News
25 May 2021
Industry reflects on three years of GDPR
Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection Continue Reading
-
News
25 May 2021
Legacy vulnerabilities may be biggest enterprise cyber risk
While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats Continue Reading
-
News
24 May 2021
Air India is latest victim of Sita hack
Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack Continue Reading
-
Feature
24 May 2021
How Bureau Veritas migrated 85% of its applications to the AWS cloud
In six years, France-based services giant BV has migrated 115 applications to the AWS cloud, mostly using in-house expertise. We talk to the company’s IT director Continue Reading
-
News
21 May 2021
Lack of developer attention to cloud security prompts alerts
The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations Continue Reading
-
News
20 May 2021
UK regulators commit to closer cooperation on digital economy
Two UK regulators have issued a joint statement and signed a memorandum of understanding on the need for closer collaboration on digital markets Continue Reading