IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Dec 2024
Top 10 data and ethics stories of 2024
Here are Computer Weekly’s top 10 data and ethics stories of 2024 Continue Reading
-
News
19 Dec 2024
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee Continue Reading
-
News
23 Jun 2020
Concern over digital risk falls dramatically during pandemic
Brits are understandably more worried about the NHS than personal cyber security Continue Reading
-
News
21 Jun 2020
APAC still hotbed for cyber attacks
Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds Continue Reading
-
E-Zine
18 Jun 2020
CW APAC: Trend Watch – data protection
Asia-Pacific organisations see the importance of having good data protection practices, even as they are still grappling with organisational and operational challenges. In this handbook, Computer Weekly looks at the different levels of preparedness across the region and what firms can do to plug any gaps. Continue Reading
-
News
18 Jun 2020
Data protection watchdog calls for controls on police mobile phone stop-and-searches
Information commissioner wants new safeguards on the use of police powers to download sensitive personal data from the mobile phones of suspects and crime victims Continue Reading
-
News
18 Jun 2020
Cisco patches dangerous Webex vulnerability
CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service Continue Reading
-
News
17 Jun 2020
Coronavirus: Cyber security spend to slow in 2020
Analysts revise down previous growth targets for security technology as the Covid-19 pandemic bites Continue Reading
-
News
17 Jun 2020
Coronavirus: 50% of security pros had no pandemic contingency plan
A survey of security professionals conducted on behalf of Bitdefender reveals the lack of forward planning for events such as the Covid-19 coronavirus pandemic Continue Reading
-
News
17 Jun 2020
Macquarie eyes government contracts with new Canberra datacentre
New Macquarie datacentre in the Australian capital designed to achieve Tier 4 datacentre standards will deliver 1.5MW of capacity by December 2020 Continue Reading
-
News
16 Jun 2020
UK-US data deal puts Brexit data adequacy pact at risk
European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note Continue Reading
-
News
16 Jun 2020
Activists call on Zoom to implement encryption for all
A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users Continue Reading
-
News
15 Jun 2020
Banking trojans roar back to prominence in May
Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants Continue Reading
-
Opinion
15 Jun 2020
Why UK needs independent oversight body for contact-tracing app
The public needs and deserves clarity, and not just assurances, over the UK’s Covid-19 contact-tracing app Continue Reading
-
News
15 Jun 2020
NatWest develops behavioural biometrics as additional authentication
Bank is working with Visa to develop behavioural biometrics technology as an extra layer of invisible authentication Continue Reading
-
News
14 Jun 2020
Coronavirus: Enterprise VPN adoption in India set to rise
Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData Continue Reading
-
News
12 Jun 2020
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed Continue Reading
-
News
12 Jun 2020
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors Continue Reading
-
News
11 Jun 2020
CISOs buying into unified security proposition
The time is right for all-in-one security solutions, according to a report Continue Reading
-
E-Zine
11 Jun 2020
CW Europe: 5G rush in Russia
Russian mobile operators are pooling their resources to help them overcome the technical challenges of creating 5G networks. Also read why Swedbank is rebuilding its anti-money laundering systems, and how a public-private partnership in the Netherlands is combating business email compromise fraud. Continue Reading
-
News
10 Jun 2020
Decade-old vulnerability among 129 Patch Tuesday fixes
A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks Continue Reading
-
Opinion
10 Jun 2020
Security Think Tank: Container security is evolving, so must CISOs
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Feature
10 Jun 2020
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
News
10 Jun 2020
Nasty surprises lurking in furloughed employees’ inboxes
Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work Continue Reading
-
News
10 Jun 2020
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm Continue Reading
-
News
09 Jun 2020
Honda investigates suspected Snake ransomware attack
Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended Continue Reading
-
News
09 Jun 2020
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data Continue Reading
-
News
08 Jun 2020
What it takes to get DevSecOps right
DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024, but getting it right will require change management, a collaborative mindset and the right automation tools Continue Reading
-
News
05 Jun 2020
Police chiefs working with Public Health England on contact-tracing security
Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme Continue Reading
-
News
05 Jun 2020
Ministry of Defence forms new cyber security regiment
The 13th Signal Regiment brings together personnel from across the armed forces to provide specialist security services Continue Reading
-
News
04 Jun 2020
Dutch organisations invest heavily in compliance – but in vain
Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment Continue Reading
-
News
04 Jun 2020
Small businesses failing on remote worker protection
Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up Continue Reading
-
News
04 Jun 2020
Data privacy groups pile in on UK contact-tracing app
UK-based digital privacy and free speech campaigning organisation files complaint with the Information Commissioner’s Office about contact-tracing app Continue Reading
-
News
04 Jun 2020
The Security Interviews: How the BSI protects the IoT from itself
David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely Continue Reading
-
News
04 Jun 2020
Coronavirus: Cyber criminals target laid-off workers
Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic Continue Reading
-
Opinion
04 Jun 2020
Security Think Tank: Four steps to container security best practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Opinion
04 Jun 2020
Why trust is the new currency
Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy Continue Reading
-
News
03 Jun 2020
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic? Continue Reading
-
News
03 Jun 2020
Security procurement framework goes live for NHS and public sector
Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched Continue Reading
-
News
03 Jun 2020
Infosec 2020: Covid-19 an opportunity to change security thinking
The annual Infosecurity Europe is being held virtually this year, and speakers at an online panel session have been considering the impact of the pandemic on security awareness Continue Reading
-
News
03 Jun 2020
Aston Martin swaps out legacy antivirus for AI-driven service
Luxury car manufacturer says the advent of artificial intelligence-powered services will revolutionise its security posture Continue Reading
-
Opinion
02 Jun 2020
A view from the SOC: Maintaining security capabilities during the pandemic
What are the challenges of maintaining security event and incident detection capabilities in these challenging times? Continue Reading
-
News
02 Jun 2020
NIS security regulations proving effective, but more work to do
The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report Continue Reading
-
News
01 Jun 2020
How managed threat hunting helps bust malicious insiders
Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending Continue Reading
-
News
29 May 2020
Government launches IoT security funding round
A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security Continue Reading
-
News
29 May 2020
Test and Trace has not passed data protection impact assessment
Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme Continue Reading
-
News
29 May 2020
How Sega Europe slashed incident response times using cloud SIEM
Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service Continue Reading
-
Opinion
29 May 2020
Security Think Tank: CISO stress – moving from recognition to action
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
28 May 2020
Public Health England to keep contact-tracing data for 20 years
PHE will retain the data it collects via the NHS Test and Trace programme for 20 years Continue Reading
-
Video
28 May 2020
How Zoom is keeping pace with demand for conferencing tools
Magnus Falk, CIO advisor at Zoom, offers insights on how the company is scaling up its resources to meet the growing usage of its service Continue Reading
-
News
28 May 2020
IoT buyers eye private network deployments for added security
Fully private, segregated networks for IoT deployments are becoming increasingly attractive to many organisations, according to a report Continue Reading
-
Opinion
27 May 2020
Australia is painting a big red cyber target on its critical infrastructure
Australia’s critical infrastructure is particularly vulnerable to cyber attacks right now because of years of under-investment in cyber security and ageing legacy systems Continue Reading
-
Feature
27 May 2020
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
News
27 May 2020
Enterprise clouds hammered by cyber attacks during pandemic
Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee Continue Reading
-
News
27 May 2020
Fears contact-tracing app will open the floodgates for cyber criminals
Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government Continue Reading
-
News
26 May 2020
StrandHogg mobile vulnerability has evil twin
Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device Continue Reading
-
News
26 May 2020
The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?
On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance Continue Reading
-
News
25 May 2020
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector Continue Reading
-
News
22 May 2020
EasyJet to be sued over customer data breach
If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn Continue Reading
-
Opinion
22 May 2020
How effective security training goes deeper than ‘awareness’
Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same Continue Reading
-
News
22 May 2020
Covid-19 will leave organisations exposed to higher cyber risks
Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum Continue Reading
-
Opinion
22 May 2020
Identification and access management: some possible futures
Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future Continue Reading
-
News
22 May 2020
Hancock to Harman: No contact-tracing privacy law
Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data Continue Reading
-
News
22 May 2020
Coronavirus: How MyIX is keeping Malaysians connected
Malaysia’s MyIX internet exchange has been classed as critical national infrastructure, with member telcos adding more capacity to meet the surge in demand for internet services Continue Reading
-
News
20 May 2020
NCSC discloses multiple vulnerabilities in contact-tracing app
National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures Continue Reading
-
News
20 May 2020
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message Continue Reading
-
News
20 May 2020
Personal devices putting Singapore employers at risk
More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats Continue Reading
-
News
20 May 2020
Responsible Cyber acquires Secucial in S$7m deal
Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint Continue Reading
-
News
19 May 2020
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales Continue Reading
-
News
19 May 2020
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline Continue Reading
-
News
19 May 2020
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it Continue Reading
-
Feature
18 May 2020
Malaysia’s data protection practices still have some way to go
Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach Continue Reading
-
News
18 May 2020
Why a pandemic-specific BCP matters
Many organisations still do not have scenario-specific business continuity plans, which are helpful when the situation requires a customised response, such as a pandemic, according to Forrester Continue Reading
-
News
14 May 2020
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China Continue Reading
-
News
13 May 2020
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport Continue Reading
-
Podcast
13 May 2020
Podcast: UK SME planning and compliance for ‘the new normal’
We look at how UK SMEs face a “new normal” following the coronavirus lockdowns and how they can plan for compliance with more remote working and a new data landscape Continue Reading
-
Opinion
13 May 2020
Security Think Tank: Burnt out CISOs are a huge cyber risk
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
13 May 2020
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list Continue Reading
-
News
13 May 2020
Microsoft fixes 16 critical vulnerabilities on Patch Tuesday
The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities Continue Reading
-
News
12 May 2020
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app Continue Reading
-
News
12 May 2020
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos Continue Reading
-
Opinion
12 May 2020
Security Think Tank: Create healthy habits to avoid burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
12 May 2020
Maze ransomware attack will cost Cognizant at least $50m to $70m
Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold Continue Reading
-
News
12 May 2020
How Australian firms can plug data protection gaps
Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene Continue Reading
-
Feature
11 May 2020
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
News
11 May 2020
Micro Focus sees growth in mainframe migration business
Lifting and shifting Cobol code from mainframes to public cloud has been a growth driver for Micro Focus in the Asia-Pacific region, even as the software supplier continues to diversify its business Continue Reading
-
News
07 May 2020
Zoom buys secure messaging service Keybase
Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table Continue Reading
-
News
07 May 2020
SilverTerrier cyber crime group targets Covid-19 key workers
Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang Continue Reading
-
News
07 May 2020
Contact-tracing app fails to protect privacy and human rights
Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee Continue Reading
-
News
07 May 2020
FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange
FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign Continue Reading
-
News
06 May 2020
Criminal justice system is failing cyber crime victims
Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study Continue Reading
-
News
06 May 2020
HMRC tackles almost 300 coronavirus phishing websites
Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public Continue Reading
-
News
06 May 2020
End-users failing to protect themselves online
Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report Continue Reading
-
Opinion
06 May 2020
Security Think Tank: Security teams are key workers and need support
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
Feature
05 May 2020
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
News
05 May 2020
Coronavirus: NCSC issues urgent alert for healthcare sector
UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading
-
Opinion
05 May 2020
Security Think Tank: Caring for the IT security caretakers
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
05 May 2020
Building security and privacy into contact-tracing apps
Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA Continue Reading
-
News
04 May 2020
NHSX contact-tracing app needs legislative oversight
Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app Continue Reading
-
News
04 May 2020
Assange extradition hearing to take place in September following coronavirus lockdown
An extradition hearing against WikiLeaks founder Julian Assange has been delayed by four months, after defence and prosecution lawyers said the Covid-19 lockdown would make it impractical to hold a fair hearing in May Continue Reading
-
News
04 May 2020
Blogging platform Ghost hacked through Salt vulnerability
Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability Continue Reading
-
Podcast
04 May 2020
Podcast: How to get cyber accountability on the board agenda
We look at how boards should carry out strategic and operational risk profile assessments and plan for compliance on an ongoing basis to avoid fines and damage to the business Continue Reading