IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
Feature
23 Dec 2020
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
News
22 Dec 2020
Ministry of Justice in the dock for catalogue of serious data breaches
Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading
-
News
18 Dec 2020
Finnish government tables laws to protect data from cyber criminals
Government is strengthening its legal framework to protect data from hackers in the wake of a massive breach at a psychotherapy centre Continue Reading
-
News
17 Dec 2020
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading
-
News
17 Dec 2020
NHS Scotland taps Check Point to secure Covid-19 data
NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus Continue Reading
-
News
17 Dec 2020
FireEye and partners release SolarWinds kill-switch
A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue Continue Reading
-
News
17 Dec 2020
Danske Bank fights money laundering with AI
Danske Bank is using artificial intelligence to help it prevent a repeat of the huge money laundering scandal that hit one of its operations in Estonia Continue Reading
-
News
17 Dec 2020
AWS brings disaster recovery programme to Australia
Project Resilience will offer up to $5,000 worth of credits to public sector and community organisations to offset the cost of storing data on Amazon Web Services Continue Reading
-
News
15 Dec 2020
SolarWinds cyber attack: How worried should I be, and what do I do now?
Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next? Continue Reading
-
News
15 Dec 2020
Cyber crime victims in the Netherlands not reporting offences
Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied Continue Reading
-
E-Zine
15 Dec 2020
How security will be different after Covid-19
In this week’s Computer Weekly, the world of cyber security will probably never return to its pre-pandemic state – we look ahead. The combination of remote working and streaming video is putting extra strain on networks. And we look at how digital transformation is changing the way contact centres are run. Read the issue now. Continue Reading
-
News
14 Dec 2020
FireEye identifies flaw in networking monitoring software as US agencies attacked
Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software Continue Reading
-
News
13 Dec 2020
Singapore trials beacons to bolster police operations
Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial Continue Reading
-
News
11 Dec 2020
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months Continue Reading
-
News
11 Dec 2020
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL Continue Reading
-
News
11 Dec 2020
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure Continue Reading
-
Opinion
11 Dec 2020
Security Think Tank: Integration between SIEM/SOAR is critical
SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
Feature
11 Dec 2020
Post-pandemic approaches to IAM for cloud security
Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading
-
News
10 Dec 2020
After critical year, Vodafone trains security sights on CNI market
Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets Continue Reading
-
E-Zine
10 Dec 2020
CW Europe: Tour de France fans get a virtual experience
The organisers of this year's Tour de France worked with technology services company NTT in partnership with Amaury Sport Organisation to provide what they described as an “enhanced experience” for race fans who could not be at the roadside because of Covid restrictions. Also read why Deutsche Bank has agreed to sell its retail banking IT operation to one of its main IT suppliers for a token €1. Read the issue now. Continue Reading
-
Opinion
09 Dec 2020
Security Think Tank: SOAR to the next level with automation
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
09 Dec 2020
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users Continue Reading
-
News
09 Dec 2020
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance Continue Reading
-
News
09 Dec 2020
There’s no going back to pre-pandemic security approaches
The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021 Continue Reading
-
News
09 Dec 2020
Top IT predictions in APAC in 2021
The Asia-Pacific region will continue to be a cradle for technology innovation in the new year, whether it is 5G services, artificial intelligence, cloud computing or cyber security Continue Reading
-
News
08 Dec 2020
Multiple D-Link routers found vulnerable to attack
Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices Continue Reading
-
News
08 Dec 2020
Russian state actors exploiting VMware bug to hijack data, users warned
Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings Continue Reading
-
News
07 Dec 2020
HMRC referred 11 data security incidents to ICO in 2019-20
HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report Continue Reading
-
News
07 Dec 2020
Grindr and others patch critical Android bug
Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability Continue Reading
-
News
07 Dec 2020
Singapore government to boost blockchain adoption
Singapore government unveils S$12m programme to promote development and adoption of blockchain applications beyond financial services Continue Reading
-
News
07 Dec 2020
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime Continue Reading
-
News
04 Dec 2020
Opportunistic Egregor ransomware is an emerging and active threat
Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it Continue Reading
-
News
03 Dec 2020
Cyber Aware campaign to help safeguard Christmas shoppers
New government campaign sets out to raise awareness of online shopping fraud in the run-up to Christmas Continue Reading
-
News
03 Dec 2020
Covid-19 vaccine supply chain attacked by unknown nation state
An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines Continue Reading
-
Opinion
03 Dec 2020
SIEM or SOAR or both? Consider your business complexity first
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
03 Dec 2020
Lax Android app developers putting millions of users at risk
Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk Continue Reading
-
News
03 Dec 2020
Dangerous Trickbot evolves to target UEFI/BIOS firmware
Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware Continue Reading
-
News
02 Dec 2020
Covid-19: Cyber criminals will target vaccine programmes
Interpol issues a global alert to law enforcement as the UK becomes one of the first countries to approve the Pfizer/BioNTech Covid-19 vaccine for use Continue Reading
-
News
02 Dec 2020
Double extortion ransomware will be a big theme in 2021
Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration Continue Reading
-
Opinion
02 Dec 2020
Security Think Tank: SIEM and SOAR are far from mutually exclusive
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
02 Dec 2020
Singapore government remains ‘juicy target’ for cyber attackers
The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats Continue Reading
-
News
01 Dec 2020
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020 Continue Reading
-
News
01 Dec 2020
22,000 malicious .uk domains suspended in past year
Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected Continue Reading
-
Opinion
01 Dec 2020
Security Think Tank: Alerts are great, it’s what you do with them that counts
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
01 Dec 2020
Government covers its ears as complaint by victims of Post Office abuse heads to ombudsman
Government denies responsibility for the abuse inflicted on subpostmasters by the Post Office over faulty IT system Continue Reading
-
News
30 Nov 2020
MI5 accused of withholding surveillance compliance failures from cabinet minister
MI5 withheld high-risk concerns about its ability to comply with legislation from the home secretary when it submitted applications for surveillance warrants, NGOs Privacy International and Liberty claimed last week Continue Reading
-
News
30 Nov 2020
IT Priorities: APAC enterprises readying recovery budget
Enterprises in Asia-Pacific are investing in cloud and other key technologies to not only survive but thrive in the post-pandemic world Continue Reading
-
News
27 Nov 2020
NI police unable to delete data seized unlawfully from journalists for 10 years
The Police Service of Northern Ireland is unable to delete terabytes of unlawfully seized data taken from journalists who exposed police failings in the investigation of the Loughinisland sectarian murders Continue Reading
-
Opinion
27 Nov 2020
How to modernise identity governance and administration
Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure Continue Reading
-
News
27 Nov 2020
How Grab is using technology to improve trust and safety
Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay Continue Reading
-
Feature
27 Nov 2020
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
News
26 Nov 2020
Data safes will give users control over their data
Belgian computer scientist tells Computer Weekly how people can regain control of their online personal information Continue Reading
-
E-Zine
26 Nov 2020
CW Nordics: Bank branch closures continue as digital banking grows
Sweden’s Handelsbanken is cutting its branch network by nearly half, which means more money will be invested in IT. But it’s not just Sweden and the Nordics – banks across the world are watching the fintech industry demonstrate to consumers what banking can be like if the right technology is in place. Also in this issue, read about the Norwegian government’s decision not to implement an outright ban on the use of 5G equipment supplied by China's Huawei. Continue Reading
-
News
26 Nov 2020
APAC plagued by APT, ransomware attacks
The Asia-Pacific region was a primary target of advanced persistent threat groups, mostly from China, Iran, North Korea and Russia, that carried out 34 campaigns between June 2019 to June 2020 Continue Reading
-
Tip
25 Nov 2020
8 benefits of a security operations center
A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
-
News
25 Nov 2020
Merger of national policing systems over budget and behind schedule
UK government effort to replace legacy IT systems suffers further delays, and will not be fully completed until 2025 at the earliest Continue Reading
-
Opinion
25 Nov 2020
From front line to back office – how supporting the cyber community keeps the NHS safe
NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care Continue Reading
-
News
25 Nov 2020
Securing UK’s critical national infrastructure is a 2021 priority
Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority Continue Reading
-
E-Zine
24 Nov 2020
How Covid-19 has accelerated tech innovation in the NHS
Of all the terrible things that Covid is, what it has done is accelerate the digital journey. In this issue of Computer Weekly, we look at the track and trace app, which was redeveloped and enhanced at breakneck speed, and explore how the pandemic has accelerated the roll-out of new technology such as artificial intelligence and video conferencing tools at NHS trusts. We also present some research into how Covid has affected IT spending. Read the issue now. Continue Reading
-
News
24 Nov 2020
Nominet introduces new resources for cyber scam victims
Domain name registrar is working with law enforcement to provide new information, guidance and resources for potential victims of online scams Continue Reading
-
News
23 Nov 2020
Telcos could face huge fines under new security laws
Government boasts of unprecedented powers to boost the security standards of the UK’s critical national infrastructure Continue Reading
-
News
23 Nov 2020
NCSC issues retail security alert ahead of Black Friday sales
National Cyber Security Centre issues refreshed guidance as cyber criminals turn their eyes to the holiday shopping season Continue Reading
-
News
23 Nov 2020
MPs subjected to over 22 million malicious email attacks in 2020
Members of Parliament are targeted by millions of spam and phishing emails every month, according to a Freedom of Information disclosure Continue Reading
-
News
20 Nov 2020
Security pros fear prosecution under outdated UK laws
CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs Continue Reading
-
19 Nov 2020
Making sense of zero-trust security
Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint Continue Reading
-
E-Zine
19 Nov 2020
CW APAC: Expert advice on zero-trust security
Zero trust is a security model that eliminates the traditional perimeter and assumes that no user or device can be trusted until proven otherwise. In this handbook, Computer Weekly looks at how enterprises can take a zero-trust approach to securing their network, devices and workforce. Continue Reading
-
News
19 Nov 2020
Covid-19 shift to remote working adds to Earth’s growing e-waste problem
The shift to remote working has forced firms to purchase new IT equipment, but many are still lacking sustainable end-of-life processes for their devices Continue Reading
-
News
19 Nov 2020
Security sector broadly backs Boris Johnson’s Cyber Force
Security community says the presence of a robust cyber defence force alongside a robust physical one will be vital to the UK’s national security Continue Reading
-
News
18 Nov 2020
2021 the year of commodity ransomware, says Sophos
Sophos researchers anticipate a trickle-down effect in the cyber criminal underground Continue Reading
-
News
18 Nov 2020
US cyber security chief fired for contradicting Trump
CISA chief Chris Krebs ousted for doing his job fighting disinformation in an apparent purge of officials deemed disloyal to president Donald Trump Continue Reading
-
News
18 Nov 2020
How Aarogya Setu is addressing scale and security challenges
India’s contact-tracing platform leverages microservices, encryption techniques and cloud-based visibility tools to address scale and security requirements Continue Reading
-
News
17 Nov 2020
Kaspersky shuts down data-processing activities in Russia
Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland Continue Reading
-
News
17 Nov 2020
HMRC warns over uptick in Self Assessment tax scams
HMRC issues updated warnings as 2021 Self Assessment deadlines loom Continue Reading
-
News
17 Nov 2020
Financial services data volumes heighten risk of insider breach
Financial services organisations hold so much data that it is becoming virtually impossible to safeguard properly against data breaches caused by malicious or careless employees Continue Reading
-
Opinion
17 Nov 2020
Brexit and risks to data privacy and governance
EY privacy specialists assess the risks to data privacy, protection and governance on the table for businesses, with less than two months until Brexit Continue Reading
-
Feature
17 Nov 2020
How to build an effective vulnerability management programme
As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat Continue Reading
-
News
16 Nov 2020
How Standard Chartered approaches cyber security
Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches Continue Reading
-
News
13 Nov 2020
Ticketmaster fined £1.25m by ICO for failing to protect customer data
Ticket website’s customer data was exposed through an attack on a third-party chatbot Continue Reading
-
Feature
12 Nov 2020
DDoS mitigation strategies needed to maintain availability during pandemic
The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions of the risks and best practice for mitigation Continue Reading
-
News
12 Nov 2020
IT Priorities 2020: Budgets rejigged to support 2021 recovery
IT has been essential in helping organisations remain operational. IT chiefs are now considering the IT to drive a sustained business recovery Continue Reading
-
News
12 Nov 2020
Company accused of spying on Assange acted for Ecuadorian Intelligence, says ex UC Global manager
Former operations chief of UC Global told Spanish Court the company accused of spying on Assange at the Ecuadorian Embassy in London was acting on the orders of Ecuadorian Intelligence Continue Reading
-
E-Zine
12 Nov 2020
CW Benelux: Dutch Alzheimer’s app helps dementia patients
An app aimed at helping dementia patients and their families has been developed by the Alzheimer Society in the Netherlands. Also in this issue, read about a Belgian startup's app based on blockchain technology to help container handling at ports, and why Rabobank ditched its legacy backup. Continue Reading
-
News
11 Nov 2020
Security pros coped admirably with remote working transition
Despite facing tight timescales at the onset of the pandemic, security professionals have come through the transition to remote working remarkably well, according to a report Continue Reading
-
News
11 Nov 2020
Microsoft drops fix for serious zero-day among 112 Patch Tuesday updates
November’s Patch Tuesday contains fixes for 112 bugs, including a potentially serious zero-day exploit that malicious actors are already taking advantage of Continue Reading
-
News
11 Nov 2020
EU aid funds used to train ‘unaccountable intelligence agencies’ in high-tech surveillance
Hundreds of documents obtained by campaign group Privacy International show how the EU is supporting surveillance programmes in the Balkans, the Middle East and Africa Continue Reading
-
News
10 Nov 2020
Intel and AMD processors affected by another side-channel exploit
Two years after Spectre and Meltdown, the x86 processor faces another side-channel exploit – only this time, it is based on sensing temperature Continue Reading
-
News
10 Nov 2020
Leaky AWS S3 bucket once again at centre of data breach
Prestige Software exposed millions of records after failing to pay attention to the security of its cloud instances Continue Reading
-
News
10 Nov 2020
IT Priorities 2020: After Covid-19, security goes back to basics
This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals Continue Reading
-
E-Zine
10 Nov 2020
Using digital twins to cut costs and improve safety at Shell
In this week’s Computer Weekly, we look at Shell’s digital twin strategy, which combines AI, internet of things and big data to improve safety and cut costs. Our latest buyer’s guide examines the best practices and technologies in business process automation. And we find out why securing DNS is critical to fighting cyber crime. Read the issue now. Continue Reading
-
News
09 Nov 2020
EU moves closer to encryption ban after Austria, France attacks
Draft resolution document setting up an EU-wide ban on end-to-end encryption is set to be waved through this week Continue Reading
-
News
06 Nov 2020
NHS warned over Ryuk spreading through Trickbot replacements
NHS Digital tells healthcare organisations to be mindful of a marked rise in usage of the Bazar and Buer loaders Continue Reading
-
News
06 Nov 2020
ICO sued over ‘failure’ to address ad industry practices
Privacy campaigner the Open Rights Group claims the advertising technology industry is systematically breaching the GDPR, and the ICO is doing nothing about it Continue Reading
-
News
05 Nov 2020
Consumer rights organisation warns of computer takeover scams
Consumers warned to be on guard against criminals pretending to be IT support staff to gain access to personal banking information Continue Reading
-
News
05 Nov 2020
Singapore government rolls out digital signature service
Individuals and businesses will soon be able to sign documents digitally using a new service on the Singapore government’s SingPass digital identity platform Continue Reading
-
News
04 Nov 2020
India and Japan report stronger concern over cyber threats
Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic Continue Reading
-
News
02 Nov 2020
NHS weathers cyber crime storm during pandemic, says NCSC
The NCSC dealt with over 700 incidents in the 12 months to August 2020, with over 200 specifically related to Covid-19, and the NHS a critical area of focus Continue Reading
-
News
02 Nov 2020
Maze ransomware shuts down with bizarre announcement
The operators of Maze announce they are shutting down, and claim their crime spree was merely intended to demonstrate lax security at their targets Continue Reading
-
News
30 Oct 2020
Accidental heroes: How one scaleup pivoted to cyber
Simeon Quarrie designed his business using virtual reality and interactivity as a tool to tell stories that effect cultural change in enterprise environments – then a cyber criminal emptied his bank account Continue Reading
-
News
30 Oct 2020
CISOs more confident in identity practice after pandemic shock
Identity practice and management has become a critical element of cyber security strategies to support remote workers Continue Reading
-
News
29 Oct 2020
Zero-trust investment seen accelerating through pandemic
New analyst report details some of the main indicators for success in zero-trust implementation Continue Reading