IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
20 Nov 2024
ORG urges ICO to revise public sector enforcement approach
The Open Rights Group is urging the Information Commissioner’s Office to revise its light touch approach to public sector data protection issues, arguing that its experimental policy of limiting its enforcement actions to reprimands and notices, rather issuing fines, is allowing bad practices to continue largely unabated Continue Reading
-
News
20 Nov 2024
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks Continue Reading
-
Opinion
22 Mar 2021
Security Think Tank: Back to square one – ground-up CNI protection
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
22 Mar 2021
CIO interview: Juliette Atkinson, IT director, Bradford University
Bradford University’s IT director took a different route than most to get into IT leadership Continue Reading
-
News
18 Mar 2021
Vaccine passports cannot put basic rights at risk, warns BCS
BCS warns of challenges to come as the government presses on with its plans for Covid-19 vaccine passports Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Average ransomware cost triples, says report
The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report Continue Reading
-
News
17 Mar 2021
Digital Green Certificate proposed for travel in Europe
Digital Green Certificates will supposedly help re-establish freedom of movement within the European Union Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
News
16 Mar 2021
MoD partners playing fast and loose with confidential data
Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD Continue Reading
-
News
16 Mar 2021
Banks still lack tech skills at the top
Banks have made progress in adding IT knowledge in their boardrooms, but they need more as digital transformation accelerates Continue Reading
-
News
16 Mar 2021
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
-
News
16 Mar 2021
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
-
News
16 Mar 2021
Government calls for input into Covid-19 vaccine passports
Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme Continue Reading
-
News
15 Mar 2021
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
-
Opinion
15 Mar 2021
Security Think Tank: CNI operators are in an unenviable position
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
12 Mar 2021
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading
-
News
12 Mar 2021
IR35 private sector reforms: IT contractors ‘growing reluctant’ to work for ‘blanket banning’ firms
IT-focused staffing company Ellis Recruitment Group shares its take on how the contracting market is responding to the private sector firms enforcing blanket bans Continue Reading
-
Feature
12 Mar 2021
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on Continue Reading
-
News
12 Mar 2021
Web founder calls for ubiquitous, safe internet access for young people
Internet access has a direct correlation to GDP. On the 32nd birthday of the world wide web, its founder calls for improvements to safe access Continue Reading
-
News
12 Mar 2021
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading
-
News
12 Mar 2021
Brewer Molson Coors targeted in cyber attack
Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers Continue Reading
-
Opinion
12 Mar 2021
Security Think Tank: US security efforts may centre on collaboration
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
11 Mar 2021
UK digital regulators set out plans to strengthen cooperation
Digital Regulation Cooperation Forum outlines plans for the coming year, marking a shift towards a more collaborative regulatory approach Continue Reading
-
News
11 Mar 2021
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading
-
Opinion
11 Mar 2021
Data-driven innovation needs trustworthy governance
The pandemic has given us a glimpse of what data-driven technology can do for society – and we cannot go back to the status quo Continue Reading
-
News
11 Mar 2021
Norwegian government falls victim to Microsoft attacks
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers Continue Reading
-
E-Zine
11 Mar 2021
CW Europe: Nordic tech startups create blueprint for post-Covid working environment
Business can learn lessons from Nordic tech startups to prepare employees to return to the office after Covid restrictions end. Also read why Netherlands police need a training ‘roadmap’ to get them up to speed to tackle cyber crime. Continue Reading
-
News
10 Mar 2021
Met Police chooses Capgemini as strategic IT infrastructure services provider
Capgemini has a history of providing the force with day-to-day technology services, and will now deliver its infrastructure services under the Pegasus programme Continue Reading
-
News
10 Mar 2021
Patch Tuesday overshadowed by Microsoft Exchange attacks
Microsoft’s March Patch Tuesday update drops amid ongoing fall-out from widespread Exchange attacks Continue Reading
-
News
10 Mar 2021
Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC
Belgian and Dutch police have breached the encryption of users of Sky ECC, the world’s largest cryptophone network. There are significant parallels with the international police operation against the EncroChat cryptophone network which led to hundreds of arrests Continue Reading
-
Opinion
09 Mar 2021
Why your business needs SOC as a service
Security in the digital era demands that businesses monitor their entire IT estate and resolve all alerts, but for many organisations the most effective way of doing that is SOCaaS Continue Reading
-
Opinion
09 Mar 2021
Gartner: Three tips to avoid cloud service suspension
As recent events have shown, public cloud providers have the power to terminate cloud contracts, and seemingly legitimate businesses may be at risk Continue Reading
-
News
09 Mar 2021
EBA restores services after Microsoft Exchange attack
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online Continue Reading
-
News
09 Mar 2021
Private equity house buys McAfee enterprise business
Deal to sell off enterprise unit will see McAfee become a pure-play consumer organisation Continue Reading
-
News
08 Mar 2021
US teases retaliation over state-backed cyber attacks
Consequences for alleged perpetrators of the SolarWinds attack are expected within the next few weeks Continue Reading
-
News
05 Mar 2021
Williams F1 car launch disrupted by data leak
Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack Continue Reading
-
News
05 Mar 2021
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago Continue Reading
-
News
05 Mar 2021
Clarification needed on IT ‘super-deduction’ allowance
Chancellor announces that companies investing in qualifying new plant and machinery assets will be able to claim a ‘super-deduction’ allowance Continue Reading
-
Feature
05 Mar 2021
Dealing with the challenge of beg bounties
The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
-
News
05 Mar 2021
Innovation underpinned by trustworthy governance, says CDEI
Public support for greater use of digital technologies such as AI depends on how much trust people have in its governance, says report Continue Reading
-
News
04 Mar 2021
Okta picks up Auth0 for $6.5bn
Multibillion-dollar acquisition a vote of confidence in future of identity and access management services Continue Reading
-
News
04 Mar 2021
Microsoft Exchange CVEs more widely exploited than thought
US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer Continue Reading
-
News
04 Mar 2021
IR35 private sector reforms: HMRC under fire over ‘omission’ of employers’ NI from webinar guidance
HM Revenue & Customs confirms it has corrected a calculation error in a recent educational IR35 webinar that saw it fail to factor in employers’ NI in examples of how payments should be made between end-clients, agencies and PSCs post-April 2021 Continue Reading
-
News
04 Mar 2021
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product Continue Reading
-
News
03 Mar 2021
Emergency patch addresses MS Exchange Server zero-days
Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server Continue Reading
-
News
02 Mar 2021
EU seeking pan-European Covid-19 passport solution
The European Union’s proposal could see the creation of a Covid-19 vaccine passport to enable travel across the EU Continue Reading
-
News
02 Mar 2021
Goldman Sachs CEO comments highlight need for home working balance
The remote working revolution has been prominent in the banking sector and organisations have a balancing act to perform once the pandemic passes Continue Reading
-
News
01 Mar 2021
Digital secretary Dowden outlines UK post-Brexit data approach
The UK government is searching for a new information commissioner with an updated remit to use data to support growth and innovation, and plans on reaching new international data partnerships Continue Reading
-
News
01 Mar 2021
Covid accelerates Bradford University remote working project
Pandemic injected fuel into university’s existing project to introduce remote working Continue Reading
-
News
25 Feb 2021
NCSC Cyber Action Plan emphasises SME security
NCSC self-assessment tool launched to help sole traders and micro-businesses tackle their cyber security challenges Continue Reading
-
News
25 Feb 2021
GCHQ sets out rules of the road for AI in cyber
A paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security Continue Reading
-
News
25 Feb 2021
Tech-enabled hybrid working enables HSBC to cut 40% of its global office space
Bank is making huge reductions in the amount of office space it uses through a global hybrid-working policy Continue Reading
-
News
25 Feb 2021
MHRA and other agencies to offer new resources for scam victims
New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance Continue Reading
-
News
25 Feb 2021
IR35 private sector reforms: What IT contractors need to know
Computer Weekly asks contracting experts to answer questions about PSC bans, compliant umbrella companies and challenging status determinations, with the latest IR35 reforms coming into place Continue Reading
-
News
24 Feb 2021
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design Continue Reading
-
News
24 Feb 2021
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it Continue Reading
-
News
24 Feb 2021
Internet companies should provide real-time data on disinformation, Lords told
Fact-checking experts tell House of Lords inquiry that upcoming Online Safety Bill should force internet companies to provide real-time information on suspected disinformation, and warn against over-reliance on AI-powered algorithms to moderate content Continue Reading
-
News
24 Feb 2021
Businesses forced to ask IT service providers for help during pandemic
IT service providers have been approached by long-time enterprise customers asking for price cuts due to the impact of the pandemic Continue Reading
-
News
24 Feb 2021
Bombardier is latest victim of Accellion supply chain attack
Canadian aviation company joins the growing list of Accellion breach victims Continue Reading
-
News
24 Feb 2021
Warning on security risk from virtual events platforms
Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack Continue Reading
-
News
23 Feb 2021
XDR makes cyber a Stroll in the park for Aston Martin F1
Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet Continue Reading
-
News
23 Feb 2021
AI powers reputational damage insurance policy
Reputational damage has an immediate impact on a company’s share price, and brand loyalty built over many years can be lost in an instant Continue Reading
-
News
23 Feb 2021
CyberScotland offers centralised security resource hub
Newly launched partnership brings together security resources for individuals and organisations across Scotland Continue Reading
-
News
22 Feb 2021
Microphones, smartphones, laptops among items stolen from BBC
A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers Continue Reading
-
News
22 Feb 2021
Pandemic has exposed fractures in cyber fraud strategy
RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem Continue Reading
-
Opinion
19 Feb 2021
Fixing government digital transformation – lessons from the early days of GDS
As a new organisation is formed to lead UK digital government, three former government digital leaders share the lessons they learned from the early days of the Government Digital Service Continue Reading
-
News
19 Feb 2021
European Commission proposes UK data adequacy agreement
The publication of two draft data adequacy decisions brings the UK closer to a final positive decision, which will enable the continued free flow of data between the EU and the UK if green-lit by member states Continue Reading
-
News
19 Feb 2021
NCSC cyber defence scheme blocked thousands of scams in 2019
The NCSC has reported another productive year for its Active Cyber Defence programme Continue Reading
-
News
19 Feb 2021
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger Continue Reading
-
News
18 Feb 2021
Swedish police fined for unlawful use of facial-recognition app
Sweden’s data watchdog has found that Swedish police failed to conduct the data protection checks required by law before using controversial facial-recognition tool Continue Reading
-
News
18 Feb 2021
HMRC accused of 'utter hypocrisy' over use of IT contractors enrolled in tax avoidance schemes
Campaign group calls for HMRC to face an investigation, while accusing the department of ‘utter hypocrisy’ for using IT contractors enrolled in disguised remuneration schemes Continue Reading
-
News
18 Feb 2021
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy Continue Reading
-
News
18 Feb 2021
Assessing UK law enforcement data adequacy
Data protection experts discuss the consequences of achieving data adequacy between the UK and EU for the UK’s intelligence services and criminal justice sector Continue Reading
-
News
17 Feb 2021
North Korean Lazarus Group hackers indicted in US
Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures Continue Reading
-
Opinion
17 Feb 2021
Vaccine passports highlight social impact of systems design
Vaccine or immunity passports are an opportunity to advance the design of trustworthy digital systems, but much more work still needs to be done Continue Reading
-
News
17 Feb 2021
Egregor ransomware arrests confirmed
Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware Continue Reading
-
News
17 Feb 2021
Emotional intelligence, empathy increasingly valued in CISOs
The pandemic has highlighted the value of soft skills, rather than technical ones, in security Continue Reading
-
News
17 Feb 2021
Law firm and cyber criminals clash over source of stolen data
Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees Continue Reading
-
News
16 Feb 2021
North Korea accused of Pfizer Covid vaccine cyber attack
South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour Continue Reading
-
News
16 Feb 2021
RDP, SSH exposures off the charts thanks to remote working
The Covid-19 pandemic has had an impact on the prevalence of certain vulnerabilities in the wild, according to a report Continue Reading
-
News
16 Feb 2021
Egregor ransomware associates arrested amid disruption
Undisclosed number of arrests made in Ukraine after investigators tracked bitcoin ransom payments Continue Reading
-
Opinion
16 Feb 2021
Security Think Tank: Towards a united state of security
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
15 Feb 2021
Post Office to offer digital ID services to customers
Post Office partnership with Yoti is intended to expand customer choice as to how people prove their identity when accessing services Continue Reading
-
Opinion
15 Feb 2021
Security Think Tank: Renewed US stability may ease cyber tensions
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
12 Feb 2021
UK border surveillance regime highly privatised, says Privacy International
Research from Privacy International raises concerns about the deep involvement of technology companies in the development and deployment of various technologies throughout the UK’s border regime, along with the lack of scrutiny they receive Continue Reading
-
Opinion
12 Feb 2021
Security Think Tank: Biden must address insider security threat first
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
11 Feb 2021
Hacked Finnish therapy business collapses
Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy Continue Reading
-
News
11 Feb 2021
Low-complexity CVEs a growing concern
Analysis of thousands of CVEs logged with NIST in 2020 reveals some unwelcome developments Continue Reading
-
Feature
11 Feb 2021
Is it time to ban ransomware insurance payments?
The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track? Continue Reading
-
E-Zine
11 Feb 2021
CW Benelux: Is reluctance to report cyber crimes in the Netherlands helping the criminals get away?
According to an academic study in the Netherlands, only one in seven Dutch people report a cyber crime to the police when it happens - feeling it is better to sort the problem out themselves because they don’t think the police will do anything. This is storing up trouble as cyber crime is an increasing problem in the country. Also in this issue, read why Dutch bank ABN Amro is selling its head office. Continue Reading
-
Opinion
11 Feb 2021
Security Think Tank: Biden’s team can make a difference on security
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
10 Feb 2021
HelloKitty almost certainly behind CD Projekt ransomware attack
Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis Continue Reading
-
News
10 Feb 2021
Windows 10, Server 2019 users must patch serious zero-day
Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update Continue Reading
-
News
10 Feb 2021
Sim-swapping crooks targeted celebrities, influencers
Eight arrests have been made in England and Scotland in connection with a series of Sim-swapping attacks targeting high-profile victims Continue Reading
-
News
10 Feb 2021
Tech sector calls for renewed cooperation in global digital tax talks
Industry groups want renewed multilateral negotiations between countries about taxation of the digital economy in the wake of Joe Biden’s election as US president Continue Reading
-
Opinion
10 Feb 2021
Security Think Tank: UK well-placed to work with Biden on cyber
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
09 Feb 2021
Oracle claims major win in Australian public sector
Australian Data Centres will deploy Oracle’s Dedicated Region Cloud@Customer to host cloud services for the federal government Continue Reading
-
News
09 Feb 2021
Data breaches are a ticking timebomb for consumers
Damage from data breaches goes far beyond the impact to the target organisation – an obvious fact that is too often overlooked, says F-Secure Continue Reading
-
News
09 Feb 2021
Cyberpunk 2077 developer refuses to pay up after ransomware attack
Polish video game developer CD Projekt has released details of a ransomware attack on its systems Continue Reading
-
News
09 Feb 2021
‘Batman Begins’ cyber attack is a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services Continue Reading