IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
News
01 Mar 2019
Teen becomes first millionaire through HackerOne bug bounties
A self-taught teen hacker from Argentina has become the first bug bounty hacker to become a millionaire by hacking to create a safer internet Continue Reading
-
News
28 Feb 2019
Supplier consolidation tops infosec goals for 2019
Supplier consolidation, collaboration between networking and security teams, and security awareness are the top priorities for information security professionals trying to prepare for the unknown, annual benchmark study shows Continue Reading
-
News
28 Feb 2019
Sextortion accounts for one in 10 spear-phishing emails
Email sextortion scams have increased in frequency and scope in the past four months, as well as evolving to bypass spam filters and trick recipients into reading the messages, research shows Continue Reading
-
News
27 Feb 2019
Icann calls for community collaboration to protect the internet
The domain name system watchdog Icann has reaffirmed its commitment to engage in collaborative efforts to ensure the security, stability and resiliency of the internet’s global identifier systems Continue Reading
-
News
27 Feb 2019
Chinese cyber attack group Bronze Union targeting weapons tech
Weapons technology is among the latest targets of a highly adaptable cyber espionage group that uses a wide range of publicly available and custom attack tools, presenting a challenge to network defenders Continue Reading
-
News
26 Feb 2019
Security is battling to keep pace with cloud adoption
Cloud-based business initiatives are accelerating more rapidly than security teams can secure them, a survey reveals Continue Reading
-
News
26 Feb 2019
Cyber criminals earn $3bn a year exploiting social platforms
Businesses urged to respond to research findings that the ready availability of hacking tools, wildfire spread of malware and proliferation of cryptocurrency mining has seen a 300-fold increase in social media-enabled cyber crimes in two years Continue Reading
-
News
25 Feb 2019
EU gathers momentum in cyber security legislation and cooperation
The past two years have seen a step-change in the rate at which the European Union is putting legislation in place to support improved cyber security standards, collaboration and sharing of resources, says digital commissioner’s representative Continue Reading
-
News
25 Feb 2019
Cyber power needs wider discussion, says GCHQ director
The topic of cyber power needs wider discussion, says GCHQ head in a speech about the opportunities of digital innovation such as 5G, as well as the accompanying complexity and risk, with particular mention of China and Huawei Continue Reading
-
News
25 Feb 2019
Android now Fido2 certified
Mobile operating system’s certification accelerates global migration beyond passwords, says Fido Alliance, which seeks to eliminate the world’s dependence on password-based security Continue Reading
-
News
22 Feb 2019
Facebook planned to spy on Android phone users, internal emails reveal
Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show Continue Reading
-
News
21 Feb 2019
Businesses urged to prepare for extortion campaigns
C-level executives, lawyers and doctors are the top extortion targets of cyber criminals, a report by researchers tracking thousands of sextortion attempts reveals Continue Reading
-
E-Zine
21 Feb 2019
CW Nordics: Sweden to test e-krona and plans cashless society
Sweden’s vision of a cashless society has gained traction after the Riksbank (central bank) rolled out plans to test a digital currency, the e-krona. Also read how the Nordic region’s longer-established companies are playing a forceful role to advance digital transformation, and how Finland’s IT sector has rebounded strongly after Microsoft’s takeover of Nokia’s mobile phones and smart devices business units in 2014. Continue Reading
-
News
21 Feb 2019
Toyota Australia under cyber attack
The company has confirmed the attempted attack that took out its email system, forcing employees to turn to other forms of communication to continue working Continue Reading
-
Opinion
20 Feb 2019
Breaking the chains: How FUD is holding the cyber sector hostage
The cyber security industry must move past fear tactics and get back to the basics of good cyber security practice Continue Reading
-
News
20 Feb 2019
Huawei faces battle to win Nordic trust
Nordic countries are investigating the spying allegations made against Chinese networking supplier Huiawei Continue Reading
-
News
19 Feb 2019
No More Ransom releases GandCrab decryption tool
Another free decryption tool is available that allows anyone infected with the latest versions of the GandCrab ransomware to regain control of their files and avoid paying the fee Continue Reading
-
News
19 Feb 2019
IT Priorities 2019: Cyber security and risk management among top priorities for 2019
This year’s Computer Weekly/TechTarget IT Priorities research shows that cyber security and risk management are among the top investment priorities Continue Reading
-
News
19 Feb 2019
Healthcare providers should press on with digital transformation
Healthcare providers should continue digitisation efforts with security in mind amid looming cyber threats, says a top T-Systems executive Continue Reading
-
News
19 Feb 2019
Finding security in the cloud
When choosing a cloud security provider, enterprises will need to consider the level of data privacy and data security risk involved Continue Reading
-
Feature
18 Feb 2019
Collaborative security approaches underpin container success
Containers are helping organisations to accelerate age-old software development approaches, but success is underpinned by a constant and team-wide attention to security Continue Reading
-
News
15 Feb 2019
CISOs under increasing pressure, study shows
Cyber security professionals are under growing pressure from workloads and budget deficits, a study has revealed Continue Reading
-
Opinion
13 Feb 2019
Security Think Tank: UTM a key part of a well-rounded security strategy
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
News
13 Feb 2019
Australian government warns of blockchain gaps
Digital Transformation Agency dispels some myths around blockchain, calling for government agencies to be cautious about using the technology Continue Reading
-
News
12 Feb 2019
Dutch developer offers businesses nuclear security option for communications
Startup that created the secure platform for communication between world leaders at the 2014 Nuclear Security Summit in the Netherlands seeks to revolutionise business mail Continue Reading
-
Opinion
12 Feb 2019
Security Think Tank: No tech will ever counter-balance poorly implemented processes
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
News
12 Feb 2019
APAC healthcare providers losing $23m to cyber attacks
Healthcare organisations in the Asia-Pacific region could lose an average of $23.3m to cyber attacks, including losses from productivity and customer churn, a study finds Continue Reading
-
News
11 Feb 2019
Lauri Love takes legal action against NCA for return of seized computers
Lauri Love, a former engineering student who won a battle with the US Department of Justice against extradition to the US to face hacking charges, is suing the UK's intelligence agency, the NCA, for the return of his seized computers Continue Reading
-
Opinion
11 Feb 2019
Security Think Tank: Know strengths and weaknesses of UTM systems
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
News
10 Feb 2019
Australia’s defence department keeps old PCs out of landfills
Department has securely wiped data from used devices and kept 1,300 tonnes of e-waste out of landfills Continue Reading
-
Feature
08 Feb 2019
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
Opinion
08 Feb 2019
Security Think Tank: Approach UTM with caution
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
E-Zine
07 Feb 2019
CW Benelux: Google helps Dutch schools to teach computer skills
A programme in the Netherlands to help primary schools provide computational thinking and programming, developed with financial support from Google, is well on schedule. Also read about four Russians’ attempted hack into the networks of the Organisation for the Prohibition of Chemical Weapons in The Hague, and how Dutch delivery company PostNL is making savings by using robotic technology to automate administrative tasks. Continue Reading
-
Opinion
07 Feb 2019
Security Think Tank: UTM attractive to SMEs, but beware potential pitfalls
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Opinion
06 Feb 2019
Security Think Tank: Focus UTM capabilities on security and business needs
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Opinion
05 Feb 2019
Security Think Tank: Many routes to UTM to boost security capabilities
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Opinion
04 Feb 2019
Security Think Tank: Arguments for and against unified threat management
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
News
01 Feb 2019
Innocent people arrested following surveillance blunders, IPCO reveals
Interception of communications commissioner Adrian Fulford warns of “grave” repercussions for people wrongly identified as suspects due to errors made when government bodies access email, phone and telephone data Continue Reading
-
News
01 Feb 2019
New stolen credentials cache puts spotlight on authentication
The discovery of billions more stolen usernames and passwords in Collections #2 to #5 have prompted fresh calls for the implementation of better authentication methods across industry Continue Reading
-
News
31 Jan 2019
Cyber insurance uptake growing, but not all firms convinced
The adoption of cyber insurance is expected to grow, but one in three companies still are not sold on the benefits, a survey shows Continue Reading
-
News
30 Jan 2019
Unconfigured IoT is a security risk, warns researcher
Internet of things researcher says unconfigured internet-connected devices are a largely unrecognised cyber security risk to businesses and consumers, and welcomes the increased likelihood of UK IoT legislation Continue Reading
-
News
30 Jan 2019
How traffic scrubbing can guard against DDoS attacks
Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed Continue Reading
-
News
29 Jan 2019
Global cyber attack could cost up to $193bn, study shows
A coordinated global cyber attack could have an economic impact of up to $193bn, an insurance industry-backed report claims Continue Reading
-
News
29 Jan 2019
New tech putting sensitive data at risk, report confirms
Deployments of new technologies are putting sensitive corporate data at risk because organisations are struggling to secure these new IT environments, a report confirms Continue Reading
-
News
28 Jan 2019
Personal records of HIV-positive individuals in Singapore leaked online
The personal information of 14,200 people with the human immunodeficiency virus was leaked by an American who lived in Singapore Continue Reading
-
News
28 Jan 2019
Security alert for vulnerabilities in Siemens PLCs
Industries that use Siemens Simatic controllers to automate manufacturing processes have been urged to update software without delay Continue Reading
-
News
28 Jan 2019
Government to pump £70m into ‘designing out’ cyber threats
Industrial Strategy Challenge Fund cash to be used for designing and developing more secure hardware in a bid to eradicate cyber threats Continue Reading
-
News
25 Jan 2019
Vodafone suspends use of Huawei hardware
Vodafone’s UK CEO has said the operator will ‘pause’ its use of Huawei hardware for the foreseeable future Continue Reading
-
News
24 Jan 2019
Poor practices expose 24 million financial records
Failure to maintain appropriate security controls has again led to the exposure of millions of sensitive data records, this time from the banking world Continue Reading
-
News
24 Jan 2019
IoT application vulnerabilities leave devices open to attack
Barracuda Networks calls for internet of things devices to be subject to regular security review after researchers detail the application vulnerabilities of an internet-connected security camera Continue Reading
-
News
24 Jan 2019
Business failing to see strategic value of cyber security
UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed Continue Reading
-
News
24 Jan 2019
AWS now accredited to run protected workloads in Australia
Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region Continue Reading
-
News
23 Jan 2019
Facebook’s objections to court concerns over privacy more about ‘optics’ than facts
Facebook’s challenge to a High Court ruling that raises serious concerns about data transfers between Europe and the US is more about appearance than facts, lawyers for the Irish Data Protection Commission told Dublin's Supreme Court Continue Reading
-
News
23 Jan 2019
MPs challenge Huawei over spying allegations
The chair of the cross-bench Science and Technology Committee has written to Huawei seeking answers over its activities in the UK Continue Reading
-
News
23 Jan 2019
Time to deploy strong authentication, says Fido
The time has come for organisations to deploy cryptographically backed strong authentication, according to the Fido Alliance, which seeks to eliminate the world’s dependence on password-based security Continue Reading
-
News
23 Jan 2019
US issues emergency directive to halt DNS hijacking
US government agencies have been given 10 days to complete a four-step action plan to stop DNS hijacking attacks Continue Reading
-
News
22 Jan 2019
IBM mobile cyber range starts European tour in London
IBM’s mobile cyber range is kicking of a tour in London to raise awareness around the need for tried and tested cyber attack responses among organisations in Europe Continue Reading
-
News
22 Jan 2019
Young Dutch cyber criminals get re-education rather than jail time
Young hackers in the Netherlands are being rehabilitated through punishments that educate rather than incarcerate Continue Reading
-
News
22 Jan 2019
Facebook: US government does not engage in mass and indiscriminate surveillance
Social media giant challenges a ruling by Dublin’s High Court over a judgment that it says made ‘extraordinary and incorrect’ findings about the US legal system Continue Reading
-
News
21 Jan 2019
Name and shame firms with poor cyber security, government told
The government should name and shame companies whose cyber security measures fail to protect consumers’ data and firms should implement Active Cyber Defence, an academic report urges Continue Reading
-
News
21 Jan 2019
Public procurement key to cyber security
Using public procurement as a means of boosting cyber security is the top recommendation for 2019, according to a report based on expert views Continue Reading
-
News
21 Jan 2019
Home Office vetoes privacy campaigner from senior post in surveillance watchdog
The Home Office refuses academic and privacy campaigner, Eric King, security clearance for a senior role at the intelligence services watchdog, despite high-level backing from officials Continue Reading
-
News
17 Jan 2019
Breach of nearly 2.7 billion records underlines password flaws
Potentially the biggest personal data breach to date from thousands of sources, some possibly breached as far back as 2008, illustrates the deeply flawed nature of password-based authentication, say industry commentators Continue Reading
-
News
17 Jan 2019
CenturyLink opens Singapore SOC amid security services boom
US telco’s second Asia-Pacific security operations centre in Singapore is one of eight globally as it bids to carve a slice of the security services market Continue Reading
-
News
16 Jan 2019
New Zealand faces more state-sponsored attacks
Nearly four in 10 cyber security incidents recorded by the National Cyber Security Centre were the work of state-sponsored threat actors Continue Reading
-
Opinion
16 Jan 2019
Facebook’s high-stakes privacy gamble goes to Dublin court
A high-wire gamble with billions in compensation at stake for European internet users – part of a complex case between Facebook and the Irish information commissioner – hides challenge to the unlawfulness of US state internet surveillance Continue Reading
-
Opinion
16 Jan 2019
Security Think Tank: Walk before you run
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
15 Jan 2019
Millions of industrial remote controllers open to attack
Millions of industrial remote controllers are open to cyber attack because of vulnerabilities in the radio frequency technology used, a study has revealed Continue Reading
-
Feature
15 Jan 2019
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
News
15 Jan 2019
Businesses fail to apply encryption technology effectively
Most businesses are not applying common encryption tools effectively to contain the fallout and costs of data breaches, research shows Continue Reading
-
Opinion
15 Jan 2019
Security Think Tank: Apply different techniques to safeguard against rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
15 Jan 2019
Less than half of firms able to detect IoT breaches, study shows
UK firms have one of the lowest internet-of-things device breach detection capabilities in Europe, a study reveals Continue Reading
-
News
15 Jan 2019
SingHealth and IT supplier fined S$1m for data breach
Singapore’s data protection commission considered the fact that both SingHealth and its IT supplier fell prey to sophisticated threat actors, among other factors, when meting out the fine Continue Reading
-
Opinion
14 Jan 2019
Security Think Tank: Combine SDN, containerisation and encryption to halt rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
11 Jan 2019
AI application overlooked in cyber security research
Despite the proliferation of cyber security products and services claiming to be driven by artificial intelligence, the application of the technology is being overlooked by research, a study shows Continue Reading
-
Opinion
11 Jan 2019
Security Think Tank: How to use SDN, containers and encryption – and some warnings
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Opinion
10 Jan 2019
Security Think Tank: Creative thinking key to meeting emerging security challenges
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
10 Jan 2019
UK firms say £6.6bn annual security testing cost too high
Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high Continue Reading
-
Podcast
10 Jan 2019
Podcast: Storage and compliance priorities in 2019
Mathieu Gorge, CEO of Vigitrust, looks ahead to key areas in compliance in 2019, including mushrooming data volumes, GDPR fines and the California Consumer Privacy Act Continue Reading
-
E-Zine
10 Jan 2019
CW Middle East: Bahrain aims to be fintech hub
Bahrain’s government wants to make the country the go-to place in the Middle East for financial technology companies. It hopes to capitalise on its banking know-how to establish an ambitious fintech “ecosystem”. Also read about Dubai’s plans for the Smart Data platform and the UAE Pass, a digital ID and signature, and how Shell is using AI to amplify the human impact of its workforce. Continue Reading
-
News
09 Jan 2019
FireEye gears up email security for emerging threats
Email continues to be a top means of initiating cyber attacks with new detection bypass techniques and executive impersonation capabilities continually emerging, research shows Continue Reading
-
Opinion
09 Jan 2019
Security Think Tank: The security role of SDN, containers, encryption and SDP
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Opinion
08 Jan 2019
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
-
News
08 Jan 2019
Protego Labs launches serverless app security tool
Security professionals and developers now have a way to assess the security of their serverless applications with a new open source testing tool donated to Owasp Continue Reading
-
Opinion
08 Jan 2019
Security Think Tank: Meeting the security challenge of multiple IT environments
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
07 Jan 2019
Boards need to be active partners in cyber defence
Board members must be active governance partners in collaborative cyber defence, says US regional information sharing and analysis organisation Continue Reading
-
News
07 Jan 2019
BlackBerry licenses security tech to IoT device makers
BlackBerry is to license its secure software development technology to the makers of internet-connected devices to boost IoT security Continue Reading
-
Opinion
07 Jan 2019
Security Think Tank: Use SDN, containerisation and encryption tools to boost security
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
News
07 Jan 2019
Almost half of containers in production have vulnerabilities, study finds
More containers are being deployed in production, but many businesses are unaware if they are secure Continue Reading
-
News
06 Jan 2019
Singapore Airlines’ software glitch exposed customer data
More than 280 members of the Krisflyer frequent flyer programme had their personal information compromised by a one-off software bug Continue Reading
-
News
04 Jan 2019
Modern IT underlines need for zero-trust security
The increasing complexity of supply chains and interconnectivity of IT systems means the attack surface is widening and security has to evolve accordingly, warns British computer scientist Continue Reading
-
News
04 Jan 2019
Data breaches affected more than a billion people in 2018
The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe Continue Reading
-
News
04 Jan 2019
German politicians’ data leak shows need for global action
Hacked data includes contacts’ email addresses, private chats, mobile numbers, photographs and credit card details, which were published on Twitter Continue Reading
-
News
04 Jan 2019
Phishing attacks hidden by custom fonts
Security researchers have uncovered a new way in which phishing attacks are evading detection. Continue Reading
-
Opinion
31 Dec 2018
Can we live without passwords?
Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve Continue Reading
-
Opinion
31 Dec 2018
Security Think Tank: Pay attention to attribute-based system access permissions
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not Continue Reading
-
Opinion
28 Dec 2018
Security Think Tank: Focus on malicious use of AI in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Opinion
27 Dec 2018
Security Think Tank: Strong 2FA should be a goal in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
News
24 Dec 2018
Top 10 IT security stories of 2018
Here are Computer Weekly’s top 10 IT security stories of 2018 Continue Reading
-
Opinion
24 Dec 2018
Security Think Tank: Let’s hope for treaty on online norms
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading