IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
06 Apr 2020
Two-factor authentication is broken: What comes next?
Two-factor authentication is seen by many as a robust authentication method, but is it really as impervious as it seems? Continue Reading
-
News
06 Apr 2020
BA and Marriott get GDPR fine reprieve
Both British Airways and Marriott International have had their General Data Protection Regulation fines deferred until later in 2020 Continue Reading
-
News
06 Apr 2020
Zero-day exploits increasingly commodified, say researchers
The exploitation of zero-day vulnerabilities increasingly demonstrates access to cash, rather than skills Continue Reading
-
Opinion
06 Apr 2020
Security Think Tank: Why and how cyber criminals exploit world events
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
05 Apr 2020
Interpol warns of more ransomware attacks against healthcare sector
Purple notice issued to alert police forces around the world of ransomware attacks against hospitals and other healthcare institutions Continue Reading
-
News
05 Apr 2020
Google data shows high interest in security and remote working
An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis Continue Reading
-
Opinion
03 Apr 2020
JavaScript skimmers: An evolving and dangerous threat
Cyber attacks exploiting Magecart JavaScript skimmers are spiking during the coronavirus pandemic, and like biological viruses, they just keep evolving Continue Reading
-
Opinion
03 Apr 2020
Security Think Tank: Continuity planning doesn’t have to be complex
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
02 Apr 2020
Coronavirus: Magecart attacks on online retailers jump 20%
RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic Continue Reading
-
News
02 Apr 2020
Morrisons appeal success is cold comfort for enterprises
The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them Continue Reading
-
News
02 Apr 2020
Coronavirus: Is Zoom safe and should security teams ban it?
Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright? Continue Reading
-
Podcast
02 Apr 2020
Podcast: Covid-19, compliance risk, remote assessment and training
We talk to Mathieu Gorge, CEO of Vigitrust, about why organisations cannot drop their guard on compliance during the increased risks faced as a result of the coronavirus crisis Continue Reading
-
News
01 Apr 2020
What we can learn from Marriott’s new data breach embarrassment
Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences Continue Reading
-
News
01 Apr 2020
Morrisons not liable for 2014 data breach, says Supreme Court
Court allows supermarket chain’s appeal against judgments holding it liable for a 2014 insider data breach, saying previous rulings misunderstood the concept of vicarious liability Continue Reading
-
Feature
01 Apr 2020
Malaysia’s business continuity planning readiness a mixed bag
Larger Malaysian enterprises have BCP in place, but SMEs lag behind and will find it harder to weather the Covid-19 storm Continue Reading
-
News
01 Apr 2020
Coronavirus: WHO, Rakuten collaborate on anti-disinformation chatbot
The World Health Organisation and Rakuten Viber have built an interactive, multi-language chatbot to try to get on top of the growing problem of disinformation during the coronavirus pandemic Continue Reading
-
News
31 Mar 2020
Nigerian email attacks evolving into credible, dangerous threat
Palo Alto’s Unit 42 reports on Nigeria’s SilverTerrier cyber crime group, which is becoming a highly dangerous threat to businesses worldwide Continue Reading
-
News
31 Mar 2020
Too late to protect online privacy, say Brits
Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report Continue Reading
-
Feature
31 Mar 2020
Why security validation matters
FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape Continue Reading
-
News
30 Mar 2020
Coronavirus: Don’t fall for fake cures, warns UK government
Government urges people to be more vigilant about what they read and share online as it relaunches its Don’t Feed the Beast campaign to counter coronavirus disinformation Continue Reading
-
News
27 Mar 2020
Lorca calls on security scaleups to tackle coronavirus challenge
Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges Continue Reading
-
News
26 Mar 2020
Coronavirus: What are the latest free cyber security offers?
We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis Continue Reading
-
News
26 Mar 2020
Coronavirus: Be alert to rogue mobile apps exploiting outbreak
Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them Continue Reading
-
News
26 Mar 2020
Developed APAC states most exposed to cyber risks
Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds Continue Reading
-
News
25 Mar 2020
Almost half of UK businesses suffered a cyber attack in past year
Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism Continue Reading
-
News
24 Mar 2020
Fake antivirus site promises coronavirus protection, delivers trojan
Researchers at Malwarebytes have warned of an increasing volume of scam sites exploiting the Covid-19 coronavirus Continue Reading
-
Opinion
24 Mar 2020
Coronavirus and privacy – finding the middle ground
Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used Continue Reading
-
News
24 Mar 2020
Legacy AV defenceless against onslaught of evasive malware
More than two-thirds of malware detected by WatchGuard in the last three months of 2019 was able to evade signature-based antivirus products, rendering them effectively useless in most instances Continue Reading
-
Feature
23 Mar 2020
The AWS bucket list: Keep your cloud secure
Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter Continue Reading
-
News
23 Mar 2020
Coronavirus: Kaspersky, Bitdefender make products free to NHS
Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies Continue Reading
-
News
23 Mar 2020
Thousands of Netflix, Disney+ streaming accounts being stolen
Proofpoint has urged users of streaming services to be alert to cyber criminals hijacking their accounts Continue Reading
-
Opinion
23 Mar 2020
Why zero trust may not be all it’s cracked up to be
While they are discussed ad nauseam in the security industry, zero-trust architectures may not be all they’re cracked up to be, according to analyst Sam Bocetta Continue Reading
-
News
22 Mar 2020
Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack
The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems Continue Reading
-
News
20 Mar 2020
Coronavirus: Sans Institute issues cyber security advice for parents
With schools now shut across the UK, parents will bear more responsibility for keeping children safe online and educating them about online harms Continue Reading
-
News
20 Mar 2020
Unpatched Zyxel storage devices co-opted into IoT botnet
Owners of Zyxel network-attached storage devices are in danger of being hijacked by Mukashi, a descendant of the infamous Mirai botnet, if they don’t patch a critical vulnerability Continue Reading
-
News
19 Mar 2020
IT Priorities 2020: ANZ firms to spend more on cyber security
Over half of respondents in Australia and New Zealand plan to invest more in cyber security, especially in key areas such as data loss prevention Continue Reading
-
19 Mar 2020
Inside the security operations centre: The nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
Feature
19 Mar 2020
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
News
18 Mar 2020
Ocado pulls website amid coronavirus shopping frenzy
Ocado has closed its website and will not take any new orders for several days thanks to sheer volume of traffic Continue Reading
-
News
18 Mar 2020
Coronavirus now possibly largest-ever cyber security threat
The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever Continue Reading
-
News
18 Mar 2020
Prudential turns to AI to secure computer networks against cyber attacks
Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats Continue Reading
-
News
18 Mar 2020
Push for digitisation in Malaysia amid coronavirus crisis
Event cancellations and travel bans are spurring more companies to embrace digital tools to support remote and flexible working arrangements Continue Reading
-
Opinion
18 Mar 2020
Security Think Tank: Amid panic, how to find a sound level of security
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
17 Mar 2020
Covid-19: NCSC issues secure remote working guidance
With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them Continue Reading
-
News
17 Mar 2020
Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll
Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency Continue Reading
-
News
17 Mar 2020
SentinelOne makes security platform free to support remote workers
Endpoint protection platform service will be made free until 16 May 2020 to help protect remote workers during the Covid-19 coronavirus crisis Continue Reading
-
Opinion
17 Mar 2020
Security Think Tank: To tackle Covid-19, be prepared, flexible and resilient
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
17 Mar 2020
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel. Continue Reading
-
News
17 Mar 2020
UK makes its case for post-Brexit data adequacy decision
Government sets out an explanatory framework as it seeks adequacy decisions from the European Commission to maintain the free flow of personal data between the European Union, the UK and Gibraltar Continue Reading
-
News
16 Mar 2020
NCSC issues coronavirus cyber security alert
The UK’s National Cyber Security Centre has issued a public alert and fresh guidance as more cyber criminals get wise to the lucrative potential of Covid-19 Continue Reading
-
News
13 Mar 2020
Coronavirus-linked hacks likely as Czech hospital comes under attack
The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe Continue Reading
-
Opinion
13 Mar 2020
Security Think Tank: A guide to security best practice for pandemics
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
13 Mar 2020
UK’s security sector failing on most diversity measures
A DCMS report on the state of the UK’s cyber security workforce highlights a huge lack of diversity and a substantial skills gap Continue Reading
-
News
12 Mar 2020
Turla’s use of Iranian infrastructure probably opportunistic
Turla, the Kremlin-linked APT group that last year hijacked an Iranian group’s infrastructure, was likely to have been operating opportunistically, according to researchers Continue Reading
-
News
12 Mar 2020
Security pros just want to be loved, report finds
Being valued by the business for their role in keeping the organisation safe and upholding ethical standards is a primary motivator for CISOs and other security professionals Continue Reading
-
News
12 Mar 2020
Failings in open source disclosure put users at risk
As more projects rely on open source components, IT departments need to keep on top of critical vulnerabilities to ensure they are secure Continue Reading
-
E-Zine
12 Mar 2020
CW Europe: Experts examine Dutch government’s IT problems
Technology experts discuss the challenges and potential solutions to the Netherlands government’s IT problems. Also read how Russia’s VTB and Rostelecom are creating a platform to utilise big data technology, and how Spain’s CaixaBank is using AI to help its staff training. Continue Reading
-
Opinion
12 Mar 2020
Security Think Tank: Coronavirus crisis helps put security in context
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
12 Mar 2020
APAC remains hotbed for digital transformation
Nearly half of organisations in the Asia-Pacific region see digital transformation as their top priority, followed by cloud infrastructure deployment and artificial intelligence, survey finds Continue Reading
-
News
11 Mar 2020
Security pros test positive for Covid-19 after RSA Conference
Two employees of security firm Exabeam have been diagnosed with the Covid-19 coronavirus after attending RSA Conference 2020 Continue Reading
-
News
11 Mar 2020
Microsoft locks down new vulnerability with EternalBlue echoes
Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update Continue Reading
-
News
11 Mar 2020
Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday
March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical Continue Reading
-
Opinion
11 Mar 2020
Security Think Tank: ID-driven security helps safeguard the workforce
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
10 Mar 2020
Schoolgirl security experts prepare to do battle
The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent Continue Reading
-
News
10 Mar 2020
Hacking community targeted by cyber criminals in new trojan campaign
Cybereason’s Nocturnus threat research team has uncovered a cyber criminal campaign that weaponises popular hacking tools Continue Reading
-
Opinion
10 Mar 2020
Security Think Tank: Covid-19 highlights need for embedded security
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
09 Mar 2020
Bill Gates backs Crest fintech security scheme for Africa and Asia
UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia Continue Reading
-
News
06 Mar 2020
MI5 slammed by watchdog for failing to delete intercepted phone and internet data
The Investigatory Powers Commissioner (IPCO) has criticised MI5 for failing to report serious errors in the way it handles intercepted phone and internet data Continue Reading
-
News
06 Mar 2020
Virgin Media confirms 'misconfigured database' left personal data of 900,000 people exposed
Telco provider Virgin Media confirms 'data incident' that left personal details of 900,000 people exposed, but denies its systems were hacked or that it suffered a data breach Continue Reading
-
News
06 Mar 2020
CIO interview: Sarah Wilkinson, NHS Digital
NHS Digital has been racing to ensure the systems and protocols are in place to prepare the health service for the coronavirus. We speak to its CEO about the preparations Continue Reading
-
News
05 Mar 2020
Boots and Tesco loyalty card schemes plagued by security issues
High-street retailers deal with fraudulent attempts to access the accounts of thousands of customers Continue Reading
-
News
04 Mar 2020
Australian government pulls plug on cloud certification programme
The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers Continue Reading
-
News
04 Mar 2020
5G security is a concern for most companies
A study has found that decision-makers fear that 5G technology will make organisations more vulnerable to cyber attacks and will raise security-related costs Continue Reading
-
News
03 Mar 2020
Horangi and Tokio Marine team up on cyber security services
Singapore-based Horangi will provide penetration testing, among other cyber security services, to Tokio Marine Insurance Singapore’s cyber risk insurance clients Continue Reading
-
E-Zine
03 Mar 2020
What will points-based immigration mean for IT recruitment?
In this week’s Computer Weekly, we look at the government’s new points-based immigration rules and assess the implications for the tech sector. IR35 tax rules change in April – we find out how IT contractors need to prepare. And we examine whether the rise of cloud is really displacing the datacentre. Read the issue now. Continue Reading
-
News
03 Mar 2020
Singapore among world’s top sources of online threats
Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state Continue Reading
-
Opinion
02 Mar 2020
Why ‘no breach’ is bad news for your compliance
You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case Continue Reading
-
News
02 Mar 2020
The Security Interviews: Inside the world of bug bounties
You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow Continue Reading
-
News
01 Mar 2020
Data breaches in Australia showing no signs of abating
Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019 Continue Reading
-
News
28 Feb 2020
NCSC makes ransomware attack guidance more accessible
Following a swathe of high-profile ransomware attacks, the UK’s National Cyber Security Centre has made changes to its guidance, emphasising the importance of offline backups Continue Reading
-
News
27 Feb 2020
Redcar & Cleveland Council confirms ransomware attack
Local authority’s systems are still offline nearly three weeks after being attacked Continue Reading
-
E-Zine
27 Feb 2020
CW Nordics: Swedes lose faith in social media as data security fears increase
Swedish citizens are becoming more concerned about the activities of social media companies and are reducing their online interaction with them as a result. Also read about new mobility-as-a-service projects gaining traction across Denmark, Finland, Norway and Sweden, and why the Finnish government has committed resources to a cyber security project aimed at local authorities. Continue Reading
-
News
27 Feb 2020
Kr00k vulnerability compromises billions of Wi-Fi devices
Billions of Wi-Fi chips used in IoT devices, laptops, smartphones and tablets are vulnerable to a serious vulnerability Continue Reading
-
News
26 Feb 2020
Fake CDNs obscuring credit card fraudsters
Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities Continue Reading
-
News
26 Feb 2020
Cloud Snooper firewall bypass may be work of nation state
Cloud Snooper deploys a combination of specialised techniques to sneak past enterprise firewalls, warns Sophos Continue Reading
-
News
26 Feb 2020
WikiLeaks founder Julian Assange cannot be legally extradited for ‘political offences’, say lawyers
Lawyers for WikiLeaks founder Julian Assange argue that he has been charged with political offences and cannot be legally extradited to the US under the US-UK extradition treaty Continue Reading
-
News
26 Feb 2020
FCA data breach could happen to anybody, but easy to avoid
Minor data breach at the Financial Conduct Authority was the result of simple human error, and highlights the need for organisations to consider a wide range of potential threats Continue Reading
-
News
25 Feb 2020
Google warns users not to mess with Huawei devices
Google tells users of Huawei devices to try to avoid bypassing controls preventing them from loading its apps Continue Reading
-
News
25 Feb 2020
Sports retailer Decathlon left employee data exposed
More than 123 million records were accidentally exposed on an unsecured ElasticSearch server Continue Reading
-
News
25 Feb 2020
The Security Interviews: Gil Shwed’s 10-year vision for security
Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years Continue Reading
-
News
25 Feb 2020
Cloud data leaks compounded by lack of automation tools
Data leaks caused by misconfigured clouds are being compounded because security teams lack appropriate automation and integration tools, according to a report Continue Reading
-
News
25 Feb 2020
Cyber criminals targeting UK motorists, warns DVLA
Cyber criminals are offering various services and tax refunds that purport to be from the DVLA Continue Reading
-
E-Zine
25 Feb 2020
Using meteorological data to prepare for the worst
In this week’s Computer Weekly, after the storms that swept across the UK, we look at the technology behind Weather Source’s meteorological data service. Oracle and SAP are battling over customers to upgrade their ERP systems to the cloud. And we report from the world’s biggest retail tech show. Read the issue now. Continue Reading
-
News
24 Feb 2020
Assange extradition is a politically motivated ‘abuse of power’, court hears
US government’s attempt to extradite WikiLeaks founder Julian Assange to face espionage charges in the US is politically motivated and an abuse of process, court told Continue Reading
-
News
24 Feb 2020
WikiLeaks founder Assange ‘put lives at risk’ by disclosing names in leaked documents, court hears
WikiLeaks founder Julian Assange ‘put lives of US informants at risk’ by publishing unredacted documents, lawyers for the US argued at the first day of a week-long extradition hearing Continue Reading
-
News
24 Feb 2020
Open security group unveils common OpenDXL language
Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework Continue Reading
-
News
24 Feb 2020
Cisco goes all-in on security integration with SecureX platform
CISOs are struggling to stitch together disparate cyber security products and services – Cisco believes its cloud-native SecureX platform will change their working lives for the better Continue Reading
-
News
21 Feb 2020
F-Secure’s AI reads mean tweets to fight abuse and trolls
Researchers working on F-Secure’s Project Blackfin have developed a model for clustering tweets to help pinpoint abuse and harassment Continue Reading
-
Opinion
21 Feb 2020
The greatest contest ever – privacy versus security
Examining the technical, legal and ethical challenges around the privacy versus security debate Continue Reading
-
Opinion
21 Feb 2020
Addressing the IoT security challenge
We consider how best to address some of the critical security challenges around the internet of things Continue Reading