IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
News
26 Jun 2018
British Muslim challenges use of intelligence databases for repeated police stops
Muzaffar Abdullah is challenging police use of intelligence databases to repeatedly stop and question Muslims, after being arrested for refusing to answer questions under Schedule 7 of the Terrorism Act 2000. His lawyers say he had been stopped at least 10 times before and the police should have known he had no connection to terrorism Continue Reading
-
News
26 Jun 2018
High-Tech Bridge bets on machine learning capabilities
Machine learning has a great potential to drive the automation of some security tasks to free up information security professionals to do more strategic work, says High-Tech Bridge founder Continue Reading
-
News
26 Jun 2018
Hospitality industry under siege from botnets
The hospitality industry, including hotels, airlines and cruise lines, is the biggest target for cyber criminal botnet attacks that abuse credentials and overwhelm online systems, a report reveals Continue Reading
-
News
26 Jun 2018
Norway’s National Security Agency warns IT industry about security obligations
IT service providers serving organisations in Norway have received a timely reminder about their security obligations. Continue Reading
-
News
25 Jun 2018
Most infosec pros would trust hacker-tested products
Information security professionals are more likely to trust a product or company tested by hackers and most would respond to security reports from this community, a survey has revealed Continue Reading
-
News
25 Jun 2018
Apple rejects claim of iPhone brute force hack
Apple has rejected claims by a security researcher that he was able to bypass the iPhone defences against brute force passcode hacks Continue Reading
-
News
22 Jun 2018
UK cyber skills in demand, says Dorset firm C3IA Solutions
UK cyber security skills are in demand and there is a bright future in exporting them, according to Dorset-based firm C3IA Solutions Continue Reading
-
News
22 Jun 2018
Firms look to automation for cloud security
In the face of increasingly sophisticated and nation-state-sponsored cyber attacks, organisations are looking to managed security services and automation for security in the cloud and on-premise Continue Reading
-
News
22 Jun 2018
IBM early findings on disastrous TSB core banking system migration released
Report released by Treasury Committee criticises lack of rigour in preparation for core banking system migration, but TSB says report’s content is out of date Continue Reading
-
News
21 Jun 2018
Infosec pros expect increase in nation state cyber attacks
Most information security professionals expect a rise in nation state cyber attacks, with more than two-thirds preparing to defend against them Continue Reading
-
News
21 Jun 2018
CDO interview: Andrei Belevtsev, Gazprom Neft
Russian oil giant will harness the latest technologies right across its business, says chief digital officer Continue Reading
-
News
21 Jun 2018
Younger employees 'main culprits' for security breaches
UK senior decision makers believe younger workers are the biggest risk to cyber security, but are doing little to support them and reduce that risk, a report reveals Continue Reading
-
News
20 Jun 2018
Palo Alto Networks opens cyber range in Australia
The first of its kind in Asia-Pacific, the cyber range training facility will let Australian IT and security teams hone their skills through cyber security exercises Continue Reading
-
News
20 Jun 2018
CIO interview: Mike Young, Centrica
We speak to the CIO whose CEO recently met with the head of Microsoft to talk about strategy Continue Reading
-
News
20 Jun 2018
Most small businesses fail to act after a cyber attack
Nearly half of small businesses have suffered at least one cyber attack in the past year, yet most fail to take action afterwards, citing lack of budget at the biggest challenge Continue Reading
-
News
19 Jun 2018
Singapore remains hotbed for cyber threats
Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency Continue Reading
-
News
19 Jun 2018
MPs see risk to critical infrastructure as top threat
A majority of MPs are concerned about the cyber threat to critical national infrastructure, a survey has revealed Continue Reading
-
News
14 Jun 2018
Encryption is under attack, says Venafi CEO Jeff Hudson
Encryption is one of the fundamental principles on which the internet is built, but this vital technology is under threat from criminals and ill-advised government policies, says Venafi CEO Jeff Hudson Continue Reading
-
News
14 Jun 2018
Cyber attack warnings highlight need to be prepared
Fresh warnings about the vulnerability of national infrastructure to cyber attacks show the need for securing and monitoring associated control systems connected to the internet Continue Reading
-
E-Zine
14 Jun 2018
CW Europe: Lufthansa’s HR IT project takes off
Lufthansa says it is confident of landing a company-wide HR IT project after having to go back to the drawing board. Also in this issue, read about the ComputerWeekly/TechTarget IT Priorities survey’s findings that many European technology leaders are expecting to increase IT spending through 2018, and how a major report has reassured Swedish society that artificial intelligence will be a positive force for change despite fears of job losses. Continue Reading
-
News
14 Jun 2018
NCSC urges action after Dixons Carphone breach
The National Cyber Security Centre (NCSC) is urging UK business to improve data protection capabilities after Dixons Carphone revealed that millions of payment card and personal data records may have been compromised in a cyber breach Continue Reading
-
News
13 Jun 2018
Dixons Carphone admits 'falling short' on data protection
Dixons Carphone has warned that millions of credit card and personal data records may have been compromised in a cyber breach Continue Reading
-
News
12 Jun 2018
Insurer Beazley meets global challenge to secure mobile workforce
Beazley has stolen a march on other London-market insurers by implementing a versatile global digital workspace with improved security Continue Reading
-
Opinion
12 Jun 2018
Security Think Tank: GDPR requires unprecedented view of data flows
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
News
12 Jun 2018
BT announces “unhackable” quantum-secured network
In the face of the threat that quantum computers could crack many of the encryption methods used to protect highly sensitive data, BT has developed a “quantum-secured” network Continue Reading
-
News
12 Jun 2018
Email-based cyber attacks gathering momentum
Email-based cyber attacks are gathering momentum and the cost of these attacks are rising, with several hidden costs, a survey of IT professionals in Europe, Middle East and Africa reveals Continue Reading
-
Feature
11 Jun 2018
How Australia is keeping pace with ICS threats
Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading
-
News
11 Jun 2018
Coinrail cyber heist highlights need for exchange security
A cyber heist at South Korea’s Coinrail has prompted fresh calls for industry regulations to drive better cyber security at cryptocurrency exchanges Continue Reading
-
News
08 Jun 2018
Parliamentary computers at risk after staff targeted by phone phishing
Police are investigating phone phishing attacks targeted against Parliament. Staff warned not to disclose details of their computers to fraudulent callers. Continue Reading
-
News
08 Jun 2018
BYOD for mobile ‘a year away’ for Williams F1
Companies in the Williams Group – the Formula One racing operation Williams Grand Prix Engineering and its high-growth sister operation Williams Advanced Engineering – are investing with mobile security front-of-mind to enable more agile working practices within 12 months Continue Reading
-
Opinion
08 Jun 2018
Security Think Tank: Focus on data protection, but do not rely on DLP alone
Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this? Continue Reading
-
News
07 Jun 2018
Cyber security focus too much on tech, says Domino’s CISO
Many organisations are still focusing only on technology and compliance, which means their cyber defences are not as solid as they think, according to Domino’s Pizza chief information security officer Continue Reading
-
News
07 Jun 2018
Nation state cyber attacks affect all, says former GCHQ boss
Cyber attacks by nation states used to be a small part of the problem for state authorities to address, but now all organisations are potential targets of nation state attacks, according to former GCHQ head Continue Reading
-
News
07 Jun 2018
Business not learning from past cyber security incidents
Businesses are still not getting the basics right and they are not learning from past security incidents, according to world-renowned security blogger and trainer Continue Reading
-
Opinion
07 Jun 2018
Security Think Tank: Understand data for risk-based protection
Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
News
06 Jun 2018
Understanding is key to security awareness, says specialist
Only if people understand why cyber security matters will they change their behaviours as a result of awareness training, according to a human behaviour specialist and cyber security consultant Continue Reading
-
Opinion
06 Jun 2018
Security Think Tank: Ignorance about data is tantamount to negligence
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
News
06 Jun 2018
Cyber attacks not sophisticated, says Just Eat CISO
The chief information security officer of Just Eat has challenged the perception that all cyber attacks are sophisticated and that it is impossible to fill cyber security jobs Continue Reading
-
News
05 Jun 2018
Boards not asking right security questions, says Dido Harding
Former TalkTalk CEO says boards are still not asking the right cyber security questions, do not understand that they should be making cyber risk decisions, and are not communicating with engineers Continue Reading
-
Feature
05 Jun 2018
Application security more important than ever
Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge Continue Reading
-
Opinion
05 Jun 2018
Security Think Tank: Use data flow information to protect systems
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
News
04 Jun 2018
Technology key to new UK counter-terrorism strategy
Technologies such as machine learning and data analytics are key to the UK government’s updated counter-terrorism strategy Continue Reading
-
News
04 Jun 2018
One-third of firms would pay ransoms rather than invest in security
Report says businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness Continue Reading
-
Opinion
04 Jun 2018
Security Think Tank: Data governance is essential to data security
Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this? Continue Reading
-
Feature
01 Jun 2018
Cyber resilience key to securing industrial control systems
Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures Continue Reading
-
News
31 May 2018
VPN hacks can be lethal, warns security expert
Organisations should not overlook the need to secure VPN connections because failure to do so could be fatal, but 2FA alone is not enough, warns a security expert Continue Reading
-
Opinion
31 May 2018
Security Think Tank: Data governance is good for business and security
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
Opinion
30 May 2018
Security Think Tank: Information management means better security
Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this? Continue Reading
-
News
30 May 2018
Security community urged to prepare for quantum computing
A top European chief information security officer is urging the security community to prepare for quantum computing to ensure their encryption processes are ready in time Continue Reading
-
News
29 May 2018
Business still not addressing insider threat
Businesses are still not addressing inside threats when it comes to cyber security, leaving themselves wide open to data breaches as a result, according to a security analyst Continue Reading
-
News
29 May 2018
UK security spend low despite breaches
The UK is the most breached country in Europe, but IT security spend remains low compared with other countries in the region, a report reveals Continue Reading
-
News
25 May 2018
Commitment is the watchword on GDPR D-Day
New rules for protecting European citizens’ personal data are now enforceable by law, and organisations are being advised to focus broadly on commitment rather than narrowly on compliance Continue Reading
-
News
24 May 2018
Grab outlines its approach to cyber security
Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement Continue Reading
-
E-Zine
24 May 2018
CW Nordics: Finland delays e-voting plan
Security concerns have re-emerged to further frustrate the Finnish government’s plans to launch a national e-voting system. Also read about a study by the Stockholm School of Economics that looks at the likely impact of AI, machine learning and robotics on people’s lives. And find out why Norway has accelerated plans to scale up its national cyber security infrastructure. Continue Reading
-
News
23 May 2018
Mobile fraud up 680% since 2015, RSA reports
Fake profiles and throw-away devices are transforming social media into a cyber criminal marketplace, a fraud report reveals Continue Reading
-
Feature
23 May 2018
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, including legislative measures Continue Reading
-
News
22 May 2018
Legit tools exploited in bank heists
Cyber criminals attacking the finance and other industry sector are continuing to exploit legitimate administration tools to hide their activities, highlighting the need for threat hunting, a report reveals Continue Reading
-
News
22 May 2018
Security researchers find fourth CPU flaw
Security researchers have reported another flaw in common microprocessor chips related to the Meltdown and Spectre vulnerabilities Continue Reading
-
News
21 May 2018
Pen testers find weaknesses in banks’ cyber security
Humans are the biggest weakness in banks’ cyber defences, but there are several others that also need attention, penetration testers have revealed Continue Reading
-
News
21 May 2018
APAC organisations could lose $1.75tn from cyber attacks
A study by Frost and Sullivan has found that losses from cyber security incidents could account for 7% of the region’s GDP in 2017 Continue Reading
-
News
18 May 2018
NCSC calls for greater interaction with UK business
The UK’s cyber security agency has called for greater interaction with business, particularly when it comes to cyber security incidents Continue Reading
-
News
18 May 2018
BYOD in UK SMEs linked to security incidents
Bring your own device practices have been identified as a cyber security risk for six in 10 SMEs in research published a week ahead of the GDPR compliance deadline Continue Reading
-
News
18 May 2018
GDS seeks advice on migration from Public Services Network
The Government Digital Service has started the process of moving public sector organisations away from the Public Services Network Continue Reading
-
Tip
17 May 2018
How security operations centers work to benefit enterprises
One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve. Continue Reading
-
News
17 May 2018
Report highlights security risk of open source code to business
Increased adoption of open source code is introducing vulnerabilities into commercial software, with many audited codebases containing the Apache Struts flaw that enabled the Equifax breach, a report shows Continue Reading
-
News
17 May 2018
European cyber attacks up nearly a third in first quarter 2018
The volume of cyber attacks hitting digital transactions in Europe was up by almost a third in the first quarter of 2018 compared with same period a year ago, a report reveals Continue Reading
-
News
16 May 2018
US considers UK-style cyber defence model
The US is considering adopting a similar cyber defence model to the UK’s in recognition of the growing threat to all levels of society Continue Reading
-
News
15 May 2018
SMEs more worried about GDPR’s threat to reputation than fines
SMEs are more worried about the damage GDPR non compliance will do to their reputations than their wallets Continue Reading
-
News
15 May 2018
Credential theft a top priority, Rapid 7 report shows
Credential theft is still a top priority for organisations to address in terms of making it more difficult for cyber attackers to gain unauthorised access to their networks, report reveals Continue Reading
-
News
15 May 2018
Cross-site scripting a top vulnerability, hackers find
Despite the much-publicised advances in cyber attack techniques, a well-known, well-documented and avoidable vulnerability is still the most popular for attackers to exploit – along with others like it that are often overlooked, white hat hackers reveal Continue Reading
-
News
15 May 2018
Cage director Rabbani heads for Supreme Court after appeals court rules password demands lawful
Muhammad Rabbani, director of campaigning group Cage, will appeal to the Supreme Court after Court of Appeal rules that police did not act unlawfully by demanding his computer and mobile phone passwords under Section 7 of the Terrorism Act Continue Reading
-
News
15 May 2018
Enterprise cyber threat remediation ineffective, study shows
Enterprise cyber threat remediation needs to improve in several key areas, according to an analysis of common remediation strategies Continue Reading
-
News
15 May 2018
BSI launches kitemark for internet of things devices
The British Standards Institution has launched a new kitemark for IoT devices, designed to improve consumer trust in the technology Continue Reading
-
News
15 May 2018
No need to panic about Efail attacks
Initial reports about vulnerabilities in email encryption technologies have urged organisations to disable encryption tools, but some security experts are taking a more balanced approach Continue Reading
-
News
14 May 2018
Technology continues to transform crime, warns NCA
The UK’s National Crime Agency warns that developments in technology will continue to transform the future crime landscape, in its latest report on serious and organised crime Continue Reading
-
News
14 May 2018
IoT and personal devices pose huge security risk to enterprises
After years of speculation about the risk IoT and personal devices pose to enterprise security, research has revealed the threat is “immense” and probably greater than most firms realise Continue Reading
-
News
11 May 2018
Police Scotland did not inform public of mobile phone searches
Members of the Scottish Parliament heard that Police Scotland did not conduct impact assessments or give explanations to the public when they were accessing private data on their mobile phones Continue Reading
-
News
11 May 2018
WannaCry’s EternalBlue exploit still a threat
A year after the global WannaCry attacks, the EternalBlue exploit that was a key enabler for the malware is still a threat to many organisations, and many UK firms have not taken action, security researchers warn Continue Reading
-
Opinion
10 May 2018
Hacking the internet of things just got easier – it’s time to look at your security
Are you taking security for internet-connected devices seriously enough? Continue Reading
-
E-Zine
10 May 2018
CW Benelux: Rotterdam charts course to become world’s smartest port
The Port of Rotterdam in the Netherlands is using internet of things and artificial intelligence technology from IBM in a bid to become the world’s smartest port. Also read how companies in the Netherlands are only partly ready for the country’s version of the EU’s General Data Protection Regulation (GDPR), and why the European Central Bank thinks cash will remain in use in the Eurozone for a very long time. Continue Reading
-
News
09 May 2018
CNI providers face hefty fines for cyber security failings
UK providers of critical national infrastructure face hefty fines for cyber security failings from 10 May 2018 Continue Reading
-
News
09 May 2018
Equifax breach lessons not learned
Businesses are still downloading vulnerable versions of the software that was at the heart of the Equifax data breach and failing to update to safe versions, a security firm has revealed Continue Reading
-
News
09 May 2018
Dutch Tax Authority not fully GDPR-compliant as deadline approaches
The Netherlands’ Department of Finance warns that not all aspects of the EU privacy law will be implemented by the 25 May deadline Continue Reading
-
News
09 May 2018
Breach disclosure time still high, report shows
Companies are getting faster at disclosing breaches, but the average is still too high in the light of the GDPR and other breach disclosure regulations, a report shows Continue Reading
-
Opinion
08 May 2018
Security Think Tank: Five tips for killing the campers on your network
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
News
08 May 2018
Nigerian cyber attackers up their game
Nigerian cyber attackers have modernised their approach to cyber crime, security researchers warn Continue Reading
-
News
08 May 2018
Financial sector cyber-related laws are a bellwether, says Deloitte
As the regulatory landscape becomes more complex, organisations should look to the financial sector to see what else is coming, as well as focus on three key areas of GDPR compliance, according to Deloitte Continue Reading
-
Opinion
04 May 2018
Security Think Tank: More time equals more opportunity for cyber attackers
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
News
03 May 2018
City Police use Lego simulation to teach businesses cyber security
City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life Continue Reading
-
Opinion
03 May 2018
Security Think Tank: Prevention and detection are key to limit dwell time
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
Opinion
02 May 2018
Security Think Tank: Containment should be top priority in cyber breaches
Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading
-
News
02 May 2018
Fresh blow for Facebook as court refuses stay in Max Schrems legal action
Facebook has lost a legal attempt to delay the Irish High Court from seeking answers from the European Court of Justice over the legality of EU-US data transfers Continue Reading
-
News
02 May 2018
Critical infrastructure firms urged to patch Schneider Electric flaws
Critical infrastructure suppliers and manufacturing firms are being urged to ensure that their systems are patched up to date, after researchers discover Schneider Electric remote code execution vulnerability Continue Reading
-
News
02 May 2018
Ransomware still a threat to business, F-Secure warns
Ransomware attacks tapered off towards the end of 2017 after an explosion in such attacks earlier in the year, but ransomware remains a threat to big business, a report reveals Continue Reading
-
News
01 May 2018
Google Chrome helps clean up certificate authority industry
The security industry has welcomed the introduction of measures by the Google Chrome browser aimed at achieving certificate transparency Continue Reading
-
Opinion
01 May 2018
Security Think Tank: Reducing cyber attacker dwell time is critical
Why is reducing cyber attacker dwell time important, and how should it be tackled? Continue Reading
-
News
01 May 2018
Password practices still poor despite increased threats
Despite growing cyber threats and heightened global awareness of hacking and data breaches, password behaviours remain poor and UK users are in denial, a study has revealed Continue Reading
-
News
01 May 2018
Microsoft’s latest Windows 10 focuses on IT admins
While it will stop those annoying taskbar InBox and social media messages, at the heart of the April 2018 Windows 10 update is an effort to simplify management Continue Reading
-
E-Zine
01 May 2018
Making music with AI
In this week’s Computer Weekly, we look at how artificial intelligence is being used in the creative industries such as music and books, and ask whether AI can ever replace human creativity. TSB’s IT meltdown is symptomatic of the tech challenges facing UK banks – we examine the issues. And our latest buyer’s guide analyses the trends in big data. Read the issue now. Continue Reading
-
News
01 May 2018
UK critical services need to up cyber defences to avoid fines
UK critical infrastructure providers could be liable for fines of millions of pounds if they do not improve their cyber defences and resilience of their IT infrastructure, a study reveals Continue Reading