IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
19 Jun 2019
IoT Security Foundation publishes smart building whitepaper
The IoT Security Foundation has published a guide on security for smart buildings to highlight key issues and gather feedback to inform future guidance for industry stakeholders Continue Reading
-
News
19 Jun 2019
Converged security takes centre stage at IFSEC
The importance and benefits of combining physical and cyber security was underlined in the opening session of the 2019 IFSEC security conference Continue Reading
-
News
19 Jun 2019
UK government pushes data-driven agenda
A smart data report has been published with consultations under way, while an open call for evidence has been launched to help shape the national data plan Continue Reading
-
News
18 Jun 2019
Singapore faced fewer cyber threats in 2018
Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns Continue Reading
-
Opinion
18 Jun 2019
Security Think Tank: Business needs to see infosec pros as trusted advisers
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
17 Jun 2019
DevSecOps is key to uniting opposing forces
Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer Continue Reading
-
Opinion
17 Jun 2019
Security Think Tank: Top infosec task is getting on board agenda
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
17 Jun 2019
Asco breaks silence on ransomware attack
A week after reportedly being hit by a ransomware attack, Belgium-based mechanical equipment manufacturer Asco has finally provided some details Continue Reading
-
News
17 Jun 2019
Inside F5’s cyber security playbook
F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading
-
Opinion
14 Jun 2019
Building a cyber-physical immune system
Shantanu Rane, researcher in cyber-physical systems security at the Palo Alto Research Center, explains how our own immune systems can inspire the design of modern cyber-physical systems Continue Reading
-
Opinion
14 Jun 2019
Security Think Tank: Infosec needs to avoid FUD and keep it real
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
E-Zine
14 Jun 2019
CW Europe: Why are Dutch companies slow to take advantage of the IoT?
Many organisations in the Netherlands are missing out on the benefits of the internet of things because they lack awareness of its potential. Also read why construction of Apple's first non-US datacentre has halted in Denmark, and why some scientists have raised questions about the effects of 5G mobile phone radiation on public health. Continue Reading
-
News
13 Jun 2019
UK firms need to address risky user habits
McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers Continue Reading
-
Opinion
13 Jun 2019
Security Think Tank: Security risk ratings key to security/business understanding
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
13 Jun 2019
AI-enabled cyber attacks a reality soon, warns Mikko Hypponen
Technology continues to shape human conflict and artificial intelligence will be no exception, so business needs to up its ability to detect attacks and respond, says security expert Continue Reading
-
News
12 Jun 2019
Operational technology security improving, but attack surface continues to grow
Critical national infrastructure providers and others are improving cyber security capabilities around industrial control systems, but the cyber threat remains high and continues to evolve, a study shows Continue Reading
-
Opinion
12 Jun 2019
Security Think Tank: Focus on business impact and likelihood of cyber attacks
How can cyber security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Opinion
11 Jun 2019
Why the rise of IT managed by the business is driving creative thinking
Organisations that encourage business units to implement and run their own IT systems have an edge over competitors that rely entirely on the IT department, research from Harvey Nash and KPMG reveals Continue Reading
-
News
11 Jun 2019
In a cyber data breach, preparation is key
The importance of preparation was strongly emphasised at a breach response workshop hosted by DAC Beachcroft as part of London Tech Week Continue Reading
-
News
11 Jun 2019
Most code-signing processes insecure, study shows
The majority of organisations are failing to enforce security for code-signing processes, providing opportunities for cyber criminals, a survey reveals Continue Reading
-
Opinion
11 Jun 2019
Security Think Tank: Frame cyber security impacts in business contexts
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
11 Jun 2019
Implementing Dmarc a top priority for UK
Basic email security should be a top priority for UK firms, followed by reducing third-party web exposure and monitoring data flows leaving the enterprise, a Rapid7 study reveals Continue Reading
-
Opinion
10 Jun 2019
Security Think Tank: Infosec letter to the board
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
10 Jun 2019
Large firms look to zero-trust security to reduce cyber risk
In the face of increasing cyber breach risk as organisations move to hybrid multi-cloud IT environments, just over half of large firms in Europe are planning a zero-trust approach to security Continue Reading
-
News
07 Jun 2019
NotPetya offers industry-wide lessons, says Maersk’s tech chief
There are several key industry-wide lessons to be learned from the NotPetya attack in 2017, according to the information chief at one of the companies most heavily impacted Continue Reading
-
News
07 Jun 2019
Misconfigured container services are a security risk
Researchers at Palo Alto Networks have released details of the scale of misconfigured and exposed container services putting organisations at risk of cyber attack Continue Reading
-
News
07 Jun 2019
How ASEAN firms are using AI to combat cyber threats
Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike Continue Reading
-
News
06 Jun 2019
Weak cyber security top challenge, says NCSC chief Ciaran Martin
UK cyber security agency NCSC is focusing on practical support and making the internet and technology safer to use, but says the area that needs most attention is improving basic cyber security in firms, says agency chief Continue Reading
-
News
06 Jun 2019
TNMOC showcases role of Wren Colossus operators in D-Day
Colossus was used to decypher German Lorenz encrypted messages, one of which appears to have given the Allies the green light Continue Reading
-
News
06 Jun 2019
Firms face targeted bespoke cyber attacks, dark web study reveals
Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard Continue Reading
-
News
06 Jun 2019
Legacy IT systems a significant security challenge
Information security professionals need to work closely with the business to identify critical legacy IT systems to ensure security risks are managed effectively, CISO tells Infosecurity Europe Continue Reading
-
News
06 Jun 2019
Digital transformation an opportunity for security
Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe Continue Reading
-
News
05 Jun 2019
London could be world cyber risk leader, says ex-Lloyd’s chief
Collaboration across the cyber insurance, technology and security organisations in London could make the capital a leading world centre on these topics, says former Lloyd’s of London boss Continue Reading
-
News
05 Jun 2019
DNS – a security opportunity not to be overlooked, says Nominet
Domain name system data is the best-kept secret for eliminating network cyber threats, Nominet tells Infosecurity Europe attendees Continue Reading
-
News
05 Jun 2019
Nearly two-thirds of businesses hit by credential abuse
Most businesses admit to breaches relating to abuse of user credentials, according to a report that highlights cyber hygiene failings in the UK and the importance of greater visibility and integration to cyber defence capability Continue Reading
-
News
04 Jun 2019
Businesses investing blindly in cyber security
Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker Continue Reading
-
News
04 Jun 2019
Deterministic data-based AI key for security
AI-based cyber security systems have enormous potential, but under specific conditions that are essential for success, AI expert tells Infosecurity Europe Continue Reading
-
News
04 Jun 2019
Cyber crime widely under-reported, Isaca study shows
Cyber crime, which is the top cyber threat to business, remains widely under-reported, and only a third of organisations are confident in their ability to detect and respond to threats, a study reveals Continue Reading
-
News
04 Jun 2019
Beware of security blind spots in encrypted traffic
The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption Continue Reading
-
News
03 Jun 2019
Australia’s Notifiable Data Breaches scheme drives compliance but issues remain
Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms Continue Reading
-
News
03 Jun 2019
Business leaders failing to address cyber threats
Businesses are failing to address growing cyber threats as business leaders admit to knowledge gaps, a lack of resources and confusion about who is responsible for data breaches, a report reveals Continue Reading
-
Feature
31 May 2019
Data governance: The importance of getting it right
With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed Continue Reading
-
News
31 May 2019
Facebook loses bid to halt European court decision on EU-US data sharing
Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk Continue Reading
-
News
30 May 2019
A lack of skills and ownership are top challenges to OT security
A lack of skills, visibility and clarity on which business function is responsible for securing operational technology are the biggest challenges to managing the risk, a study shows Continue Reading
-
News
30 May 2019
2.3 billion business and consumer data files exposed online
In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals Continue Reading
-
News
29 May 2019
Hackers targeting UK universities a threat to national security
Poorly defended UK university research that is mainly commissioned by government is a top target for hackers, putting national security at risk, a study reveals, underlining the need for better cyber security Continue Reading
-
News
29 May 2019
Turla APT group beefs up cyber attack tool
An advanced persistent threat cyber espionage group has improved its tools to attack diplomatic targets, making their activities more difficult to detect and block Continue Reading
-
News
29 May 2019
Cyber weapons readily available to criminals, researchers warn
Security researchers have discovered an attack campaign infrastructure designed to scan, brute-force and infect tens of thousands of MS-SQL and PHPMyAdmin servers Continue Reading
-
News
28 May 2019
Dutch IT security firm dumps corporate structure
Boss of Netherlands-based Computest turns to self-management model to make company more nimble Continue Reading
-
News
24 May 2019
Just over half of UK firms don’t have a cyber resilience plan
Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection Continue Reading
-
News
23 May 2019
Arm China seeks solutions to US export controls with Huawei
Chip design firm in communication with Huawei-owned semiconductor firm HiSilicon following US move to halt exports of US technology to Chinese tech giant Continue Reading
-
News
23 May 2019
Lapse in LinkedIn security certificate update
A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right Continue Reading
-
E-Zine
23 May 2019
CW Nordics: Nordea links up with IBM to meet fintech challenge
IBM’s €473m managed services contract with Nordea reflects an increasing trend among Nordic banks to outsource more of their IT to help meet the challenge of fintechs. Also read how a shortage of women in the boardroom is a problem in the Nordics but the tech sector points to a more promising future, and find out why the Norwegian government has launched a regulatory sandbox for the fintech sector. Continue Reading
-
News
22 May 2019
TalkTalk admits new failings in 2015 data breach notification
TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR Continue Reading
-
Opinion
22 May 2019
Security Think Tank: Effective IT segregation must involve the business
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
21 May 2019
Dutch lecturer researches the person behind the cyber criminal
Dutch academic is trying to get inside the mind of cyber criminals by understanding what makes them tick Continue Reading
-
Opinion
21 May 2019
Security Think Tank: In-app segregation more intelligent and permissive
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Opinion
20 May 2019
Security Think Tank: IT asset separation is a risk-based decision
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
20 May 2019
Danske Bank launches initiative to help SME customers with cyber security
Danske Bank launches initiative to support the cyber security efforts of its SME customers Continue Reading
-
Opinion
17 May 2019
Security Think Tank: Challenges of segregation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
17 May 2019
GozNym bust underlines cyber crime threat
A criminal network using GozNym malware has been shut down in an international law enforcement operation, but others are still operating, underlining the need for vigilance, warns a security expert Continue Reading
-
Feature
16 May 2019
Vulnerability assessment done. Now what?
Vulnerability assessment establishes the current state of an organisation’s cyber security, but to meet industry best practices, companies should go beyond that to achieve continuous improvement Continue Reading
-
News
16 May 2019
Norwegian industry and state must combine to counter cyber threats
Norway has been targeted by two large ransomware attacks in recent months – and public and private organisations must react in a coordinated way Continue Reading
-
News
16 May 2019
Fujitsu sets out to restore trust in technology
Trust in technology, how to recapture it, and how to ensure AI doesn’t overstep its bounds were the big messages on the opening day of Fujitsu Forum in Tokyo Continue Reading
-
Opinion
16 May 2019
Security Think Tank: Proper segregation is more important than ever
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
15 May 2019
Microsoft working to support decentralised identity
Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk Continue Reading
-
News
15 May 2019
Implement multifactor authentication, urges expert panel
Multifactor authentication should be a top priority for organisations to defend users from cyber attacks, coupled with zero-trust architecture and artificial intelligence-based technologies, says expert panel Continue Reading
-
Opinion
15 May 2019
Security Think Tank: Understanding tech is key to effective data segregation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
14 May 2019
APAC firms on the back foot in cyber security
Most Asia-Pacific organisations did not consider cyber security until after their digital transformation projects had begun, new survey finds Continue Reading
-
Opinion
14 May 2019
Security Think Tank: How to realise the benefits of security zoning
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
13 May 2019
National Crime Agency calls for additional funding to tackle 21st century crime
Organised criminal gangs represent the biggest cyber threat to the UK, and law enforcement has identified rogue servers hosted in the UK Continue Reading
-
Opinion
13 May 2019
Security Think Tank: Benefits and challenges of security segmentation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Feature
10 May 2019
Debugging bug bounty programmes
Bug bounty programmes have recently become a popular method of vulnerability management, but poor programme management can lead to development teams becoming overwhelmed and bugs being missed Continue Reading
-
Opinion
10 May 2019
Security Think Tank: Surviving the existential cyber punch, part 3
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
News
10 May 2019
Key lessons from an ethical hacker
Understanding hacker techniques and processes is the best way to defend against cyber attacks, and focusing on business risks is the best way to get security budget, according to an ethical hacker Continue Reading
-
News
10 May 2019
Dutch businesses not yet implementing NIS Directive
Little urgency to comply with the Network and Information Systems Security Act, which seeks to protect the Netherlands’ vital infrastructure and digital services from cyber attack Continue Reading
-
News
09 May 2019
Northern Ireland generating cyber security knowledge and jobs
Northern Ireland is establishing itself as an international hub of cyber security research and innovation, providing growing employment opportunities Continue Reading
- 08 May 2019
-
News
08 May 2019
Time to start thinking about AI regulation, says KuppingerCole
Organisations and individuals should think about regulating artificial intelligence to avoid sleepwalking into a future regulated by these technologies, says analyst Continue Reading
-
News
08 May 2019
Cyber criminals targeting C-suite, DBIR shows
Executives and cloud-based services are gaining popularity as targets for cyber criminals, according to the latest data breach investigations report Continue Reading
-
News
07 May 2019
Privileged access management moving to cloud
Survey shows nearly half of information security professionals are either planning to move privileged access management to the cloud or are exploring the possibility Continue Reading
-
News
06 May 2019
AWS to power Australia’s 2021 online census
PwC Australia, one of two firms appointed by the government to run the next Census, will build and operate an online form and a website on Amazon Web Services Continue Reading
-
News
03 May 2019
Zero trust: A 21st century security model
Traditional corporate security models date back to a time when there were fewer, lower-level threats, but a zero trust model is better suited to the 21st century, according to the originator of the idea Continue Reading
-
News
03 May 2019
Norsk Hydro urges caution as it counts cost of cyber attack
Norwegian aluminium giant Norsk Hydro is urging partners to be cautious in the wake of a damaging ransomware attack in March as financial impact estimates come in above initial estimates Continue Reading
-
News
02 May 2019
Firms urged to embrace positive security trends to win cyber war
Modern cyber security challenges overshadow the information security successes of the past, but several positive trends are emerging as defenders come to grips with new threats, says Deloitte Continue Reading
-
News
02 May 2019
Microservices introduce hidden security complexity, analyst warns
Microservice architecture – an approach to application development in which applications are built as a suite of modular services – simplifies development but complicates security, says KuppingerCole Continue Reading
-
News
02 May 2019
Businesses unprepared for cyber breaches
Study shows many organisations lack IT security and operations basics, including visibility across their IT operations Continue Reading
-
News
01 May 2019
BSA releases framework for secure software
Software industry advocacy group releases framework to facilitate flexible and comprehensive software security assessments Continue Reading
-
News
01 May 2019
Get more proactive on cyber security, says ex Europol chief
Business needs to get more proactive, collaborative, resilient and analytical to manage cyber risks posed by cyber criminals down to acceptable levels, says former Europol chief Continue Reading
-
Feature
01 May 2019
Protecting your digital assets: Why it pays to invest in cyber insurance
Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without Continue Reading
-
News
30 Apr 2019
UK gears up for new laws on IoT security
The UK plans to introduce measures to require that basic cyber security features are built into internet-connected devices Continue Reading
-
News
30 Apr 2019
Cyber criminals increase use of fileless attacks
Fileless attacks are increasingly popular with cyber criminals, while Russia and China top the league of nation state data exfiltrators, threat data shows Continue Reading
-
News
30 Apr 2019
Most businesses vulnerable to supply chain cyber attacks
UK firms trail the leaders US and Germany in knowing the most about their partners’ cyber security practices, but most companies globally are in the dark about this growing source of vulnerabilities Continue Reading
-
News
30 Apr 2019
Nearly half of UK IT pros report serious data breaches
Integration of security systems and employee training recognised as key ways to reduce the growing severity of data breaches Continue Reading
-
News
29 Apr 2019
Fix the basics first, then worry about AI, advise experts
The freedom of the internet is at risk, with the cyber arms race and the industrialisation of hacking are set to continue as attackers move up the value chain to target trust mechanisms, threat experts predict Continue Reading
-
News
29 Apr 2019
Australians lost half a billion dollars to scams in 2018
Most of the losses went to investment scams as tricksters found innovative ways to dupe victims into parting with their money Continue Reading
-
News
26 Apr 2019
Facebook faces fresh privacy actions from regulators
Facebook faces legal action from Canada after it dismissed regulators’ findings that it failed to protect customer privacy. The firm has set aside $5bn to settle a privacy action in the US and faces a new investigation in Ireland Continue Reading
-
Opinion
26 Apr 2019
Security Think Tank: Surviving the existential cyber punch part 2
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
News
26 Apr 2019
Top lessons from cyber attacks
Cyber security experts weigh in on lessons learned from cyber attack experiences, underlining that recovery capability is as important as defence Continue Reading
-
News
26 Apr 2019
GDPR cases drive bigger budgets for Nordic regulators
High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding Continue Reading
