IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
News
20 Feb 2020
UK and US accuse Russian spooks of Georgia cyber attacks
Foreign secretary describes 2019 campaign of cyber attacks as reckless, brazen and unacceptable Continue Reading
-
News
20 Feb 2020
Google plans to send Brits’ data to US after Brexit
Move puts British user data beyond the reach of the EU’s GDPR, makes it more accessible to UK and US law enforcement agencies, and has prompted anger Continue Reading
-
News
20 Feb 2020
Facilities firm ISS World crippled by ransomware attack
An apparent ransomware attack has compromised some IT and email systems at Danish facilities firm ISS World Continue Reading
-
News
19 Feb 2020
Cost of cloud misconfigurations set at $5tn
Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months Continue Reading
-
News
19 Feb 2020
Blasé directors put business data at risk
The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress Continue Reading
-
News
19 Feb 2020
Questions raised over Office 365 shared content policy
Buried 300 words into Microsoft’s standard service level agreement is a clause that affects intellectual property and privacy Continue Reading
-
News
18 Feb 2020
US ‘breached due process’ in spying operation against Julian Assange’s lawyers
Surveillance footage of Julian Assange’s meetings with lawyers and doctors in the Ecuadorian Embassy in London was an “abuse of process” Continue Reading
-
News
18 Feb 2020
Untrusted security teams being left out of business decisions
Only a third of organisations are involving their cyber security function at the planning stage of business initiatives Continue Reading
-
Feature
18 Feb 2020
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
Opinion
18 Feb 2020
Security Think Tank: Zero trust strategies must start small, then grow
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
E-Zine
18 Feb 2020
Trust no one – the benefits of zero-trust security
In this week’s Computer Weekly, we take an in-depth look at zero-trust security and examine how it changes traditional IT risk models. After SAP extended the support deadline for its ECC ERP system, we find out the options for users. And we analyse explainable AI and the ethical importance of understanding algorithms. Read the issue now. Continue Reading
-
News
17 Feb 2020
Australians more savvy about cyber security
More Australians look out for signs of security features such as SSL encryption even as they remain sceptical of the data protection capabilities of small businesses Continue Reading
-
News
17 Feb 2020
Mastercard opens European security resilience unit
Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience Continue Reading
-
Opinion
17 Feb 2020
Security Think Tank: Ask yourself if zero trust is right for you
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
14 Feb 2020
Security Think Tank: How zero trust lets you take back control
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust architecture? Continue Reading
-
News
13 Feb 2020
Cyber criminals spread coronavirus conspiracy theories
The latest email campaigns identified by Proofpoint are spreading conspiracy theories about the coronavirus outbreak Continue Reading
-
E-Zine
13 Feb 2020
CW Benelux: Ericsson helps driverless buses hit European streets
Ericsson has revealed its plans for new technologies including 5G, the internet of things and self-driving buses. Also read about the Dutch government lacking the knowledge and skills for its own IT strategy, and the Dutch government’s need to push for an electronic ID system for its citizens. Continue Reading
-
Opinion
13 Feb 2020
Security Think Tank: Practical steps to achieve zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
12 Feb 2020
Internet Explorer zero day among 99 Patch Tuesday problems
After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities Continue Reading
-
Feature
12 Feb 2020
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
News
11 Feb 2020
Mac-based security threats outpacing Windows
Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes Continue Reading
-
News
11 Feb 2020
Chinese military personnel accused of Equifax hack
A US federal grand jury has indicted four Chinese army personnel over the 2017 Equifax breach Continue Reading
-
News
10 Feb 2020
What should be in Australia’s next cyber security strategy
The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues? Continue Reading
-
News
10 Feb 2020
AI in public service must be accountable
Committee on Standards in Public Life recommends that government departments make ethics a top priority when tendering artificial intelligence systems Continue Reading
-
Feature
10 Feb 2020
Choosing the right disaster recovery for your business
We look at the various options available when implementing disaster recovery, and how much they’re worth Continue Reading
-
Opinion
10 Feb 2020
Security Think Tank: Zero trust is complex, but has rich rewards
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
07 Feb 2020
Joaquin Phoenix’s Joker is ‘most dangerous’ movie
Ahead of the 2020 Oscars, Kaspersky researchers say they found more than 300 files masquerading as the Joker movie Continue Reading
-
Opinion
07 Feb 2020
Security Think Tank: No trust in zero trust need not be a problem
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
06 Feb 2020
Stressed, overworked CISOs losing £23k a year in unpaid overtime
Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health Continue Reading
-
News
05 Feb 2020
Darktrace signs to McLaren for 2020 F1 season
McLaren Racing has enlisted Darktrace to become its official artificial intelligence cyber security partner Continue Reading
-
News
05 Feb 2020
Web app ubiquity gives cyber criminals new opportunities
The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals Continue Reading
-
News
05 Feb 2020
Check Point pledges end to security updates
Check Point’s Gil Shwed expands on a vision for the next 10 years of cyber security, which he calls Infinity Next Continue Reading
-
Opinion
05 Feb 2020
Security Think Tank: Zero trust is not the answer to all your problems
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
04 Feb 2020
The fight against cyber crime: Why cooperation matters
With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today Continue Reading
-
Opinion
04 Feb 2020
Security Think Tank: Facing the challenge of zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
03 Feb 2020
Brexit messes up IT project plans
With no firm plans for a managed departure from the Europe Union, the UK’s IT spending is set to be curbed, and CIOs will need to start cutting costs as IT budgets decline Continue Reading
-
News
03 Feb 2020
NHS adds supplier security audits to procurement platform
A new feature in the NHS’s Edge4Health procurement platform will help NHS suppliers improve their cyber security posture and NHS organisations make better buying decisions Continue Reading
-
Opinion
03 Feb 2020
Security Think Tank: Zero trust – just another name for the basics?
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
30 Jan 2020
NCSC launches study on cyber security diversity
The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector Continue Reading
-
Blog Post
30 Jan 2020
Technology is losing its battle to be a unifying force
The pioneers of the internet and the web saw themselves as liberators. They believed, passionately, they were creating a better world – one that was open, collaborative, broke down barriers, and ... Continue Reading
-
News
29 Jan 2020
UK cyber security sector worth more than £8bn
The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS Continue Reading
-
News
29 Jan 2020
NHS suffers fewer ransomware attacks, but threat persists
Ransomware attacks against the NHS have tapered off dramatically, according to statistics obtained under FoI legislation, but this does not mean the threat has diminished Continue Reading
-
News
29 Jan 2020
Apple posts record-breaking quarter, but prepares for Coronavirus impact
The Coronavirus outbreak is having a direct impact on Apple’s supply chain and its Chinese retail stores and channel partners Continue Reading
-
News
28 Jan 2020
Fintechs fear deepfake fraud
New research reveals the majority of CISOs working in the financial services sector are increasingly concerned about the potential use of deepfakes Continue Reading
-
News
28 Jan 2020
Organisations losing control of cloud data
Data is more widely dispersed in enterprise clouds than most organisations think, and as a result they are at risk of losing control of it, according to a report Continue Reading
-
E-Zine
28 Jan 2020
IT must play its part in tackling the climate crisis
In this week’s Computer Weekly, we look at this year’s World Economic Forum and find out how the IT sector is aiming to help tackle climate change. Our buyer’s guide assesses onsite, offsite and cloud-based disaster recovery. And IT contractors are up in arms about the government’s loan charge policy – we examine the issues. Read the issue now. Continue Reading
-
News
28 Jan 2020
Data privacy benefits outweigh spend, says Cisco
Cisco’s 2020 data privacy study shows organisations can generate substantial returns on their data privacy and protection spending Continue Reading
-
News
27 Jan 2020
Interpol uncovers cyber crime operation in Indonesia
An Interpol-coordinated cyber operation leads to the arrest of three people in Indonesia who allegedly used a JavaScript-sniffer malware to steal payment card details of online shoppers Continue Reading
-
Opinion
27 Jan 2020
Security Think Tank: Bug bounties are changing the image of hackers
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
27 Jan 2020
SANS Institute calls on Manchester security pros
Manchester will play host to a week-long cyber security training event during February Continue Reading
-
News
24 Jan 2020
NHS alerted to severe vulnerabilities in GE health equipment
A series of vulnerabilities in patient monitoring equipment manufactured by General Electric could have left patient data exposed in hospitals around the world, including the UK Continue Reading
-
News
24 Jan 2020
Milan hosts Cisco’s first European security innovation unit
Cisco has cut the ribbon on its first Cyber Security Co-Innovation Centre in Europe, at Milan’s Leonardo da Vinci Science and Technology Museum Continue Reading
-
News
23 Jan 2020
Seven projects funded to explore CAV security
The winners of the Cyber Securities Feasibility Studies contest, exploring cyber security for self-driving cars, have been revealed Continue Reading
-
News
23 Jan 2020
End-user security ignorance laid bare in new report
Proofpoint’s 2020 State of the Phish report highlights an urgent need for better user training and reporting Continue Reading
-
News
22 Jan 2020
Internal error left Microsoft customer service data exposed
Customer service and support records of nearly 250 million Microsoft customers left exposed after database misconfiguration Continue Reading
-
News
22 Jan 2020
Computer Misuse Act ‘crying out for reform’
Group of campaigners says the Computer Misuse Act of 1990 risks criminalising cyber security professionals and needs reforming Continue Reading
-
News
21 Jan 2020
Singapore updates model AI governance framework
Second edition of Singapore’s artificial intelligence governance framework includes new guidance, use cases and a self-assessment guide Continue Reading
-
News
21 Jan 2020
5G builders test vulnerabilities in Finnish hackathon
University hackathon puts 5G security to the test as new wireless technology’s roll-out nears Continue Reading
-
20 Jan 2020
Don’t become the next Travelex: Get ready for ransomware
With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident. Continue Reading
-
E-Zine
20 Jan 2020
How to avoid becoming the next Travelex
In this week’s Computer Weekly, we look at the lessons learned from the ransomware attack on Travelex and how other firms can avoid the same fate. As Microsoft ends support for Windows 7, we examine the issues for the many remaining users of the operating system. And healthcare CIOs explain the tech challenges facing the NHS. Read the issue now. Continue Reading
-
News
20 Jan 2020
Exposed AWS buckets again implicated in multiple data leaks
A series of data leaks in the past week have once again implicated poorly secured Amazon S3 buckets, which are supposed to be private by default Continue Reading
-
News
20 Jan 2020
GDPR nets more than €100m in fines, with more to come
Fines totalling €114m have already been collected under GDPR, and this figure will spike in 2020 if the UK regulator succeeds in imposing record fines on BA and Marriott Continue Reading
-
Opinion
20 Jan 2020
Security Think Tank: Teens in basements don’t represent a positive security culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
17 Jan 2020
App developers sue Facebook over ‘anti-competitive conduct’
Lawsuit is based on leaked internal Facebook documents obtained and published by Computer Weekly and NBC last year Continue Reading
-
News
17 Jan 2020
Emotet reinvigorated after Christmas break
The high-volume Emotet campaign is back in action after the Christmas holidays, and is just as dangerous as ever Continue Reading
-
News
17 Jan 2020
CAA debuts aviation cyber security assurance scheme
Civil Aviation Authority and Crest announce the first companies to be accredited under the CAA’s new cyber security oversight scheme, Assure Continue Reading
-
Opinion
16 Jan 2020
Security Think-Tank: Tackle insider threats to achieve data-centric security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
16 Jan 2020
Thailand gets ready for data protection law
Thailand’s personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals Continue Reading
-
News
15 Jan 2020
NSA Windows 10 security disclosure raises questions
In an unprecedented move, the NSA has got out in front of a critical cryptographic flaw in Windows 10, but in doing so has raised multiple questions Continue Reading
-
News
15 Jan 2020
Threat landscape grew in complexity in 2019, no respite in sight
Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020 Continue Reading
-
News
14 Jan 2020
Two-thirds of UK healthcare organisations breached last year
The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices Continue Reading
-
News
14 Jan 2020
Researchers find cryptojacker hiding in Wav audio file
Victim network was compromised by obfuscated malware hiding a Monero cryptominer, lurking inside a Wav audio file Continue Reading
-
News
14 Jan 2020
Cyber criminals spend three months lurking in target networks
Cyber criminals are spending longer hiding in target networks before launching their attacks, as more organised groups turn to business disruption to achieve their objectives Continue Reading
-
News
14 Jan 2020
Turn the end of Windows 7 support into a security advantage
CISOs can take advantage of the end of support for Microsoft Windows 7 by making the case for more investment in cyber security Continue Reading
-
News
14 Jan 2020
Citrix NetScaler vulnerabilities won’t be patched until end of January
Some vulnerabilities identified in Citrix products will not be fully patched until the end of January 2020 Continue Reading
-
News
13 Jan 2020
Travelex to begin restoring foreign exchange services two weeks after ‘Sodinokibi’ attack
Travelex says it is making “good progress” in its recovery and is to begin restoring electronic foreign exchange services, but is silent about whether it has agreed to pay hackers a $6m ransom to decrypt computer files Continue Reading
-
Opinion
10 Jan 2020
Security Think Tank: Hooded hackers? More like ruthless competitors
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
09 Jan 2020
Don’t become the next Travelex: Get ready for ransomware
With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident Continue Reading
-
Feature
09 Jan 2020
DRaaS decisions: Key choices in disaster recovery as a service
We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources Continue Reading
-
News
09 Jan 2020
PowerTrick backdoor used to target high-value businesses
Threat actors are exploiting a PowerShell-based backdoor called PowerTrick to go after high-value targets, warns SentinelLabs Continue Reading
-
Feature
09 Jan 2020
Whisper it… but could a cyber attack be good for your career?
All too often it’s the CISO who carries the can for an enterprise security failure, but this might not be a bad thing. There’s lots of evidence to suggest that falling victim to a cyber attack may actually enhance your CV Continue Reading
-
News
09 Jan 2020
New GDPR service aims to ease compliance challenges
Security consultants claim their software platform will address a pressing need for an effective and efficient means of complying with data protection rules Continue Reading
-
Opinion
09 Jan 2020
Security Think Tank: Changing attitudes to cyber is a team sport
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Opinion
08 Jan 2020
Why the banking industry needs an IT makeover
UK banks face huge challenges keeping their service availability levels at 99.99% Continue Reading
-
Opinion
08 Jan 2020
Security Think Tank: Hero or villain? Creating a no-blame culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
07 Jan 2020
Broadcom flogs Symantec enterprise security unit to Accenture
Acquisition is set to make Accenture a global leader in managed cyber security services Continue Reading
-
Opinion
07 Jan 2020
Security Think Tank: Get your users to take pride in security
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
06 Jan 2020
Cyber gangsters demand payment from Travelex after ‘Sodinokibi’ attack
Cyber criminals are demanding payment to decrypt Travelex’s computer files after a devastating malware attack. New questions have been raised about the security of Travelex’s computer network after it emerged the company waited eight months to patch vulnerable VPN servers Continue Reading
-
News
06 Jan 2020
Iran likely to hit back with cyber attacks, security experts warn
The possibility of cyber attack by threat groups acting on behalf of the Iranian government has dramatically increased following US actions in Iraq Continue Reading
-
Blog Post
03 Jan 2020
Y2.02K
So here we are in 2020, and almost everything is still working as normal. The apocalyptic Y2K bug that caused such a thrill 20 years ago found its sequel in Y2.02K, but rather than nuclear reactor ... Continue Reading
-
News
03 Jan 2020
Survey about Swedish people’s attitude to the internet reveals growing distrust of social media
Swedish citizens are becoming more concerned about the activities of social media companies and are reducing their online interaction with them as a result Continue Reading
-
Opinion
03 Jan 2020
Security Think Tank: Put information at the heart of security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
03 Jan 2020
How Darktrace is riding the AI boom
Cyber security firm known for its artificial intelligence smarts doubled its headcount across Asia-Pacific last year in key markets including Australia and South Korea Continue Reading
-
News
24 Dec 2019
Top 10 cyber crime stories of 2019
Here are Computer Weekly’s top 10 cyber crime stories of 2019 Continue Reading
-
News
23 Dec 2019
Top 10 cyber security stories of 2019
Here are Computer Weekly’s top 10 cyber security stories of 2019 Continue Reading
-
News
20 Dec 2019
Finnish government supports local authorities in cyber security initiative
The Finnish government has committed resources to a cyber security project aimed at local authorities Continue Reading
-
Feature
19 Dec 2019
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
News
18 Dec 2019
Top 10 Australia IT stories of 2019
Here are Computer Weekly’s top 10 Australia IT stories of 2019 Continue Reading
-
News
17 Dec 2019
Group-IB CEO talks up global threat landscape
Public attribution of cyber attacks could backfire while a global cyber norms framework won’t emerge until a catastrophic incident occurs, says the head of Singapore-based Group-IB Continue Reading
-
Opinion
16 Dec 2019
Security Think Tank: Data-centric security requires a holistic approach
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading