IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
Opinion
04 Sep 2020
Security Think Tank: Beware security blind spots at the edge
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
03 Sep 2020
UK businesses hardest hit financially by fallout from cyber attacks, research shows
Latest edition of Hiscox’s annual cyber readiness report suggests UK businesses are among those worst affected by the financial fallout from cyber attacks Continue Reading
-
Opinion
03 Sep 2020
Security Think Tank: Datacentre security is a business imperative
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
02 Sep 2020
Northumbria University suffers major disruption after cyber attack
Some exams cancelled as university appoints external specialists to investigate incident Continue Reading
-
Opinion
02 Sep 2020
Sharing responsibility: Why we need to work together to keep the cloud secure
The education sector has been fundamentally altered by months of lockdown, with cloud services topping must-have lists for academic staff, but now it’s time to consider security Continue Reading
-
Opinion
02 Sep 2020
Security Think Tank: Seven steps to edge security
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
01 Sep 2020
Norway’s corporates want government to support ‘herd immunity’ to cyber attack
Leading business organisations in Norway call on government to play a more active role in improving and coordinating the country’s cyber defences Continue Reading
-
Opinion
01 Sep 2020
Security Think Tank: Security at the distributed edge
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
28 Aug 2020
New Zealand activates security services as DDoS outage enters fourth day
New Zealand government calls in its national cyber security agencies to help investigate a continuing cyber attack on the country’s financial systems Continue Reading
-
News
28 Aug 2020
Machine learning wards off threats at TV studio Bunim Murray
TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats Continue Reading
-
News
28 Aug 2020
Benefit fraud: Underground trade in stolen identities revealed
A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds Continue Reading
-
News
27 Aug 2020
DDoS downs New Zealand stock exchange for third day
Distributed denial of service attack from overseas has left stock exchange offline for days Continue Reading
-
Feature
27 Aug 2020
Double extortion ransomware attacks and how to stop them
As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks Continue Reading
-
News
27 Aug 2020
TikTok CEO clocks off
TikTok CEO Kevin Mayer has resigned from the firm after just three months Continue Reading
-
E-Zine
27 Aug 2020
CW Nordics: Bergen’s tech hub seeks global success
Norway’s second-largest city, Bergen, is building a tech ecosystem that is beginning its development with a focus on the city’s industrial heritage. Also in this issue, read why now might be the time for businesses to consider how they will invest in outsourcing IT once the Covid-19 pandemic wanes. And read how Norway’s government has had to backtrack on a law that removed tax relief on energy consumption at datacentres that process cryptocurrency mining. Continue Reading
-
News
26 Aug 2020
Avaddon ransomware operators having a go at double extortion
The operators of the Avaddon ransomware seem to be tooling up to leak the data of their victims in addition to holding it to ransom, Cofense researchers confirm Continue Reading
-
News
25 Aug 2020
North Korea’s Lazarus targets cryptocurrency vertical
APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research Continue Reading
-
News
25 Aug 2020
TikTok takes Trump to court
Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US Continue Reading
-
E-Zine
25 Aug 2020
When algorithms don’t play fair
In this week’s Computer Weekly, we report on the auditing of algorithms to countervail bias. We examine what CISOs can learn from Covid-19. And in our buyer’s guide to modern software development, we assess how competent artificial intelligence is at building applications that deliver the best possible customer experience. Read the issue now. Continue Reading
-
Feature
24 Aug 2020
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
News
21 Aug 2020
MPs accuse ICO of failing to do its job on contact-tracing data
Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme Continue Reading
-
News
21 Aug 2020
Australian regulator sues RI Advice for cyber security lapses
The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives Continue Reading
-
News
20 Aug 2020
UKAS rejects ISO certification concerns
UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications Continue Reading
-
News
20 Aug 2020
Social media data leak highlights murky world of data scraping
A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it Continue Reading
-
News
19 Aug 2020
HMRC investigates over 10,000 Covid-19 phishing reports
HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June Continue Reading
-
News
19 Aug 2020
Coronavirus: Thousands of ISO certifications set to lapse
Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing Continue Reading
-
News
17 Aug 2020
The Security Interviews: How Crest is remaking the future of consultancy
Crest president Ian Glover taught himself cyber security while working on government computing systems in the 1970s and 1980s. Now he is on a decade-spanning mission to change security consultancy models Continue Reading
-
News
14 Aug 2020
Russia’s Fancy Bear targets Linux environments with Drovorub malware
The Russian intelligence-linked Fancy Bear group is deploying a new malware called Drovorub against Linux environments as part of a cyber espionage operation, according to US warnings Continue Reading
-
News
14 Aug 2020
Executive interview: Sri Shivananda, chief technology officer, PayPal
Computer Weekly talks to PayPal’s tech head about the payment provider’s SOA, security, open source and the lockdown Continue Reading
-
Opinion
13 Aug 2020
A CIO’s journey through the Covid-19 crisis
FDM’s IT chief takes us through the challenges of responding to the coronavirus pandemic, and the future opportunities that the changes introduced now present Continue Reading
-
Opinion
13 Aug 2020
How to tackle the IAM challenges of multinational companies
The rapidly changing business, regulatory and IT environment makes identity and access management a tough nut to crack for large multinationals Continue Reading
-
E-Zine
13 Aug 2020
CW Benelux: Security system concerns at Schiphol Airport
A report has revealed problems with critical security systems at Amsterdam’s Schiphol Airport. Also read why the Netherlands’ digital sector is yearning for attention from the government, and how data weaknesses persist despite Dutch companies investing heavily to comply with GDPR. Continue Reading
-
News
13 Aug 2020
APAC consumers do not feel responsible for data security
Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on Continue Reading
-
News
12 Aug 2020
EU and US start discussions on ‘enhanced’ Privacy Shield data-sharing agreement
Talks begin on a successor to the Privacy Shield EU-US data-sharing agreement declared unlawful in July 2020 – a decision by the European Court of Justice that left thousands of businesses facing legal uncertainty Continue Reading
-
News
12 Aug 2020
How Dharma ransomware became an effective services business
New research looks under the bonnet of a Dharma ransomware attack, with the ransomware's ease of use being particularly dangerous for small to medium-sized enterprises Continue Reading
-
News
12 Aug 2020
Microsoft patches two zero-days with active exploits
Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals Continue Reading
-
News
11 Aug 2020
NHS hit by thousands of malicious emails at height of pandemic
The NHS received nearly 30,000 malicious emails at the height of the Covid-19 pandemic in March and April Continue Reading
-
News
11 Aug 2020
Citrix users urged to patch five XenMobile CVEs
Patches are available for CVEs 2020-8208 through 8212 and should be installed as soon as possible Continue Reading
-
Opinion
11 Aug 2020
Why data exports from the EU will be challenging without Privacy Shield
Organisations exporting data to the US under Privacy Shield or overseas generally, whether under standard contractual clauses or binding corporate rules, need to urgently review the legal basis of these transfers Continue Reading
-
News
11 Aug 2020
Coronavirus: Phishing lures pivot to exploit vaccine hopes
Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19 Continue Reading
-
News
11 Aug 2020
French data protection authorities to probe TikTok as suitors circle
France’s CNIL has confirmed a new investigation into TikTok’s data protection practices Continue Reading
-
News
11 Aug 2020
Hospitality sector is failing on contact-tracing obligations
Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices Continue Reading
-
News
10 Aug 2020
Retailer Monsoon allegedly exposing data via Pulse Connect server
A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures Continue Reading
-
News
10 Aug 2020
Security teams struggle to keep pace with cloud threats
Security professionals face challenges in keeping pace with cloud deployments and migrations, and the additional security threats they open up Continue Reading
-
News
07 Aug 2020
Virgin Media customers targeted in Twitter phish
Customers seeking help from the ISP are being targeted by a scam Twitter account Continue Reading
-
News
07 Aug 2020
TikTok to be banned in US in 45 days
Trump says his Executive Orders against Chinese mobile apps are in the interests of dealing with a national emergency Continue Reading
-
Opinion
07 Aug 2020
Don’t believe the hype: AI is no silver bullet
We want to believe AI will revolutionise cyber security, and we’re not necessarily wrong, but it’s time for a reality check Continue Reading
-
Feature
07 Aug 2020
How to achieve resilience – the modern uptime trinity
IT leaders can take responsibility for ensuring their organisations are resilient during times of crisis. There are no quick fixes, but if you think it is expensive to ensure resilience in your IT systems, try frequent failure instead Continue Reading
-
News
06 Aug 2020
Australia updates cyber security strategy but offers little new
The nation’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas Continue Reading
-
News
06 Aug 2020
Qualcomm chip vulnerability puts millions of phones at risk
Qualcomm has patched multiple vulnerabilities in its chip hardware that left hundreds of millions of smartphones open to compromise by malicious actors Continue Reading
-
News
06 Aug 2020
GCHQ seeks researchers to tackle deep fakes and misinformation
A GCHQ research fellowship based at its Manchester office will explore various national security priorities such as deep fakes, fake news and the impact of AI Continue Reading
-
News
05 Aug 2020
Seven questions you need to ask when buying security insurance
Find out what you need to ask to make an informed decision on cyber security insurance with new help from the UK’s NCSC Continue Reading
-
Opinion
05 Aug 2020
The countdown is on for TikTok after Schrems II
Given the US’ threatened actions against TikTok and the outcome of Schrems II, it is clear that the spotlight is now firmly on international data transfers Continue Reading
-
News
05 Aug 2020
Second wave of Covid-19 cyber attacks locked in
More cyber attacks exploiting the pandemic seem likely, says Interpol Continue Reading
-
News
04 Aug 2020
Five signs you’re about to get hit with ransomware
A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens Continue Reading
-
News
04 Aug 2020
Liam Fox hack raises questions over government security
The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government Continue Reading
-
E-Zine
04 Aug 2020
The UK’s $500m space technology gamble
In this week’s Computer Weekly we ask why the UK government is spending $500m on a bankrupt satellite technology company. After a European court quashes the EU-US data sharing agreement, we examine the implications for a UK-EU data protection deal after Brexit. And how have small cloud suppliers coped in the pandemic? Read the issue now. Continue Reading
-
News
04 Aug 2020
New foundation to bolster security of open source software
The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software Continue Reading
-
News
03 Aug 2020
Estonian police and border services need better IT to block criminals from becoming e-residents
Police and Border Guard Board of Estonia needs to improve its IT systems to stop criminals from becoming e-residents, says report Continue Reading
-
News
03 Aug 2020
Microsoft offers way out of TikTok impasse
Microsoft offers to buy TikTok from its Chinese parent to ease security fears in the US Continue Reading
-
News
02 Aug 2020
More data breaches from ransomware attacks in Australia
The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner Continue Reading
-
News
31 Jul 2020
EU sanctions China and Russia over cyber attacks
The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU Continue Reading
-
News
30 Jul 2020
Former UC Global staff confirm Embassy surveillance operation against Julian Assange
Spanish court investigates claims that security company illegally recorded meetings between Julian Assange, politicians, lawyers and celebrities at the Ecuadorian Embassy in London Continue Reading
-
News
30 Jul 2020
Diversity in cyber improving but inclusion needs work, says NCSC
Study into diversity and inclusion in the cyber security sector has found that diversity is off to a good start, but inclusion is lacking Continue Reading
-
News
29 Jul 2020
Serious BootHole vulnerability puts millions of systems at risk
BootHole is a GRUB2 bootloader vulnerability and puts millions of PCs, servers and other devices at risk of compromise Continue Reading
-
News
29 Jul 2020
Majority of organisations at risk of cloud data exposure
Report casts doubt on the effectiveness of the shared responsibility model of cloud security Continue Reading
-
News
29 Jul 2020
Bank of Ireland fined for six-year-old IT breach
Bank of Ireland fined by regulator for its failings to prevent fraud six years ago Continue Reading
-
News
28 Jul 2020
De Montfort, KCL, Newcastle universities join list of Blackbaud victims
Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities Continue Reading
-
News
28 Jul 2020
Digital bank customer data breached through third party
FBI is investigating digital bank customer data breach that occurred via a former third-party supplier Continue Reading
-
News
28 Jul 2020
NCSC names national security expert Lindy Cameron as new CEO
New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad Continue Reading
-
News
28 Jul 2020
Scotland’s security resilience centre concept goes national
Based on the success of the Scottish Business Resilience Centre, a series of regional Cyber Resilience Centres are now launching across the rest of the UK Continue Reading
-
E-Zine
28 Jul 2020
Meet the CIO connecting IT in the most inhospitable environments
In this week’s Computer Weekly, we discuss the challenges of running global IT in the world of copper mining. We look at how tech suppliers are adapting their products to meet the lockdown demands of working from home. And we exam-ine how zero-trust methods can help secure container tech-nology. Read the issue now. Continue Reading
-
Feature
27 Jul 2020
Intelligent ways to tackle cyber attack
Artificial intelligence-powered security tools should enable IT security teams to achieve more with less Continue Reading
-
News
26 Jul 2020
Australia issues new cloud computing guidelines
The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience Continue Reading
-
News
24 Jul 2020
A question of trust: University and supplier on the hook for data breach
Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions Continue Reading
-
News
23 Jul 2020
Post-Privacy Shield, what chance for a Brexit data adequacy deal?
The striking down of Privacy Shield has been hailed as a victory for digital rights and privacy campaign groups, but it will have consequences that go beyond transatlantic data transfers Continue Reading
-
News
22 Jul 2020
No let-up in cyber attacks as lockdown eases
Cyber attacks are up by one-third as the coalescence of cyber activity and nation state-linked threats around the pandemic bears fruit for bad actors Continue Reading
-
News
21 Jul 2020
Coronavirus: Government drags its feet on online misinformation
Online misinformation about Covid-19 continues to spread unchecked, according to a DCMS committee report which has accused the government of dragging its feet over online harms Continue Reading
-
News
21 Jul 2020
Russia Report reveals long-running cyber warfare campaign against UK
Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report Continue Reading
-
E-Zine
21 Jul 2020
Avon calling: what happens when lockdown eliminates your business model?
In this week’s Computer Weekly, we talk to global beauty brand Avon, to find out how it coped with a huge lockdown dilemma – how to adapt its door-to-door sales model when its reps couldn’t leave home. Our latest buyer’s guide examines the use of artificial intelligence in IT security. And we analyse the government’s decision to strip Huawei from the UK’s 5G network. Read the issue now. Continue Reading
-
News
21 Jul 2020
Australian industry panel calls for ‘clear consequences’ of cyber attacks
A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy Continue Reading
-
News
20 Jul 2020
ICO hails transformative year as average fine trebles
Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR Continue Reading
-
News
20 Jul 2020
Businesses underestimate negative impact of bot traffic
Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact Continue Reading
-
News
20 Jul 2020
Test and Trace programme unlawful, admits government
The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment Continue Reading
-
News
17 Jul 2020
Twitter hack fallout: Investigators on trail of cyber criminals
Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come Continue Reading
-
17 Jul 2020
Developed APAC states most exposed to cyber risks
Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds. Continue Reading
-
E-Zine
17 Jul 2020
CW APAC: Trend Watch – security
It wasn’t that long ago when DevSecOps was little more than a mispronunciation of DevOps. Fast forward to today, the notion of embedding security into the development process is not only accepted, but increasingly championed. In this handbook, Computer Weekly looks at what organisations in the Asia-Pacific region are doing to secure their systems, from adopting a DevSecOps approach, to preparing for cyber attacks and ensuring the privacy of Covid-19 contact-tracing app users. Continue Reading
-
17 Jul 2020
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm. Continue Reading
-
E-Zine
17 Jul 2020
CW ANZ: Expert advice on security
Supply chain risks are invisible to many organisations, which means they are often not prioritised from an IT security perspective, partly because supply chain risk management is often seen as a procurement issue. In this handbook, Computer Weekly looks at how organisations in Australia and New Zealand can better protect themselves against supply chain attacks and other evolving cyber threats. Continue Reading
-
News
16 Jul 2020
Bazar malware may be new tool in Trickbot arsenal
Cybereason’s Nocturnus research team uncovers new Bazar malware, which shares some similarities with other varieties Continue Reading
-
News
16 Jul 2020
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic Continue Reading
-
News
15 Jul 2020
Government proposes IoT security enforcement body
The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals Continue Reading
-
News
15 Jul 2020
Warning over security holes in fake Cisco kit
Two counterfeit Cisco Catalyst 2960-X switches were only found after a software update caused them to stop working Continue Reading
-
News
15 Jul 2020
Patch Tuesday: Microsoft fixes 123 bugs in July 2020 update
The bugs start coming and they don’t stop coming; Microsoft has issued yet another bumper Patch Tuesday update Continue Reading
-
Opinion
15 Jul 2020
11 obscure questions, Facebook, Max Schrems and the European Court of Justice
Eleven obscure questions will be the first step towards explaining why we in the UK and Europe have experienced 13 years of what has been described as ‘mass and indiscriminate surveillance’ by the US Continue Reading
-
News
14 Jul 2020
Check Point unearths critical SigRed bug in Windows DNS
SigRed vulnerability is highly dangerous, but is being fixed as part of the July 2020 Patch Tuesday update Continue Reading
-
News
14 Jul 2020
European court to decide legality of EU-US data sharing in dispute between Schrems and Facebook
A ruling by the European Court of Justice will have ramifications for hundreds of thousands of companies that share data with the US. The case aims to balance US surveillance laws with the rights of EU citizens to keep their data private Continue Reading
-
News
14 Jul 2020
Standard Chartered latest bank to explore quantum computing
Standard Chartered is working with researchers to establish use cases for quantum computing in the banking sector Continue Reading
-
News
14 Jul 2020
CISOs undervalued, overworked, burning out, warns CIISec
The vast majority of security professionals say they are under immense pressure, according to a report Continue Reading
-
News
14 Jul 2020
Recon vulnerability puts thousands of SAP customers at risk
Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems Continue Reading