IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
Opinion
13 Mar 2018
Security Think Tank: Patch, scan and lock down to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Feature
13 Mar 2018
Businesses need to take cryptojacking seriously
Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading
-
News
13 Mar 2018
Public sector organisations ill-prepared for GDPR
Public sector organisations in the UK need to do much more to comply with the General Data Protection Regulation rule on providing information to citizens about details held about them Continue Reading
-
News
13 Mar 2018
Slingshot router malware: a warning for businesses
A stealthy malware that has been used to carry out cyber espionage undetected for six years should raise a red flag to businesses, say security commentators Continue Reading
-
Opinion
12 Mar 2018
Security Think Tank: Human, procedural and technical response to fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
12 Mar 2018
Eight new cyber threats a second in Q4 2017, McAfee report reveals
There was an increase in cyber attacks on healthcare organisations, the use of fileless malware and cryptocurrency mining in the last three months of 2017, with eight new threats a second Continue Reading
-
News
12 Mar 2018
Regulator takes tougher line than expected on surveillance warrants
The Investigatory Powers Commissioner’s Office has signalled to government that it will take a tough line when scrutinising surveillance warrants under the controversial Investigatory Powers Act Continue Reading
-
News
12 Mar 2018
UK leads global upward trend in SOC maturity
The UK is leading the way towards more efficient security operations centres, but many still continue to operate with serious gaps in security, a report reveals Continue Reading
-
News
09 Mar 2018
Security researchers demonstrate ransomware attack on robots
Researchers have carried out a ransomware attack on robots to show that such attacks are possible and should be guarded against Continue Reading
-
Opinion
09 Mar 2018
Security Think Tank: Use layered security and patch management to defeat fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
09 Mar 2018
Cryptojacking cyber criminals up their game
Cyber criminals hijacking computing resources to mine for cryptocurrencies are raising their efforts to bypass enterprise security controls, researchers have found Continue Reading
-
Opinion
08 Mar 2018
Security Think Tank: Multi-layered security key to fileless malware defence
What should organisations do, at the very least, to ensure business computers are protected from fileless malware? Continue Reading
-
News
08 Mar 2018
Mac malware more than doubled in 2017
Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes Continue Reading
-
E-Zine
08 Mar 2018
CW Europe: Germany’s Lemoncat takes catering to the cloud
Business catering startup Lemoncat has taken advantage of the affordable cost of living in Berlin and is shaking up the catering sector by harnessing the Amazon and Salesforce clouds. Also in this issue, read how Moscow’s government is taking advantage of high penetration of broadband and mobile internet to expand innovative services under the Russian capital’s smart city programme, and how organisations in the Netherlands still have much to do to comply with the General Data Protection Regulation. Continue Reading
-
News
08 Mar 2018
Businesses warned not to ignore cryptojacking threat
Businesses should not ignore the threat of malware designed to carry out illicit cryptocurrency mining, warns NTT Security Continue Reading
-
News
07 Mar 2018
Only half of ransomware payments honoured
Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks Continue Reading
-
News
07 Mar 2018
Businesses under pressure to allow easier access to cloud
Businesses are under pressure from employees to use consumer-focused authentication methods for cloud applications, but that could have both positive and negative security implications, warns Gemalto Continue Reading
-
Opinion
07 Mar 2018
Security Think Tank: Aim to detect and contain fileless malware attacks quickly
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
07 Mar 2018
Cyber security is a team sport, says NCSC
The UK’s national cyber security agency aims to help organisations understand the need to act collaboratively and collectively against the cyber threat, urging them to raise the bar Continue Reading
-
News
07 Mar 2018
World Economic Forum creates fintech focus group for cyber security
WEF consortium of companies will focus on protecting financial technology firms from cyber threats Continue Reading
-
Opinion
06 Mar 2018
Security Think Tank: Social engineering at the heart of fileless malware attacks
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
06 Mar 2018
EC to boost cyber security support and collaboration
The European Commission is focused on boosting cyber security support and collaboration throughout the European Union Continue Reading
-
News
05 Mar 2018
Most healthcare organisations have been breached, report shows
Less than a third of global healthcare organisations remain untouched, as data breaches rise across the industry, a report reveals Continue Reading
-
News
02 Mar 2018
Cyber crime is a top threat to UK charities, says NCSC
Cyber crime poses the most serious threats to UK charities, the National Cyber Security Centre has warned Continue Reading
-
News
02 Mar 2018
Cyber threat to industrial control systems highest yet
The cyber threat to industrial control systems has never been greater, according to a report analysing malicious activity aimed at such systems Continue Reading
-
News
02 Mar 2018
Memcached servers irresistible to DDoS attackers, expert warns
In the light of the biggest distributed denial of service attack to date against GitHub, organisations should ditch memcached servers or risk a blizzard of blistering attacks, says security researcher Continue Reading
-
News
02 Mar 2018
New privacy fears as IT challenges delay surveillance oversight body by a year
IT challenges have delayed government plans for an independent body to authorise requests to access the public’s internet and phone records by nearly a year, raising new legal and privacy concerns Continue Reading
-
News
01 Mar 2018
Imaging systems biggest security risk in healthcare
Imaging systems have been identified as the biggest cyber security risk in the healthcare sector, a report on internet of things security has revealed Continue Reading
-
News
01 Mar 2018
Security fears delay roll-out of national e-voting system in Finland
Project enters problem-solving phase to identify advanced, effective and best practice solutions to develop a secure internet-based voting system Continue Reading
-
News
01 Mar 2018
ANZ organisations grappling with cloud outages
A majority of organisations from Australia and New Zealand admitted in a survey that they had not fully evaluated the impact of cloud outages which were longer than they had expected Continue Reading
-
News
28 Feb 2018
Government must rewrite illegal sections of Snoopers’ Charter, court told
A court has been asked to give ministers until July 2018 to rewrite powers to require phone and internet companies to retain data on the population. The government acknowledges parts of surveillance regime are unlawful Continue Reading
-
News
28 Feb 2018
Businesses urged to patch Oracle WebLogic flaw
Security researchers are again urging businesses to patch an Oracle WebLogic flaw that continues to be exploited by cyber criminals to mine cryptocurrencies Continue Reading
-
News
27 Feb 2018
Understanding the cyber threat key to UK defence, says NCSC
Understanding cyber threats is key to defending the UK and ensuring it is a safe place to do business, says the National Cyber Security Centre Continue Reading
-
E-Zine
27 Feb 2018
How IT is taking UPS to new heights
In this week's Computer Weekly, we talk to UPS CIO Juan Perez to find out how making his IT department “business intimate” is driving innovation at the parcel shipping giant. We look at how cloud management platforms can help ease the adoption of multiple public cloud services. And we examine how UK local councils are struggling to deal with cyber attacks and data breaches. Read the issue now. Continue Reading
-
Opinion
26 Feb 2018
GDPR gotchas and how to handle them
We look at common problems organisations encounter when dealing with the EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018 Continue Reading
-
News
26 Feb 2018
Cryptomining is top attack type, says Malwarebytes
Malicious cryptomining has been the top cyber criminal activity detected since September 2017, a report reveals Continue Reading
-
News
26 Feb 2018
Cyber criminals catching up with nation state attacks
The trickle-down effect of advanced “military-grade” tools is seeing the gap between cyber criminal and nation state attack capabilities closing, outpacing many organisations’ defence capabilities Continue Reading
-
News
23 Feb 2018
Avast discovers Tempting Cedar Android spyware campaign
Security researchers have uncovered a three-year-old Android spyware campaign spread through social media and targeting people in the Middle East Continue Reading
-
News
22 Feb 2018
Unprotected Kubernetes consoles expose firms to cryptojacking
A number of big companies have been targeted by crytojacking attacks, where cyber criminals hijack computing power to mine cryptocurrencies, but some have unprotected Kubernetes consoles in common Continue Reading
-
News
22 Feb 2018
Hitachi Vantara ups ante on industrial IoT
Potential internet of things powerhouse believes its deep expertise in operational technology will give it a leg up over traditional IT rivals Continue Reading
-
News
22 Feb 2018
UK plans laws to protect company directors from ID theft
Legislation will make it easier for directors to remove their personal addresses from the company register Continue Reading
-
E-Zine
22 Feb 2018
CW Nordics: Nordics CIOs’ priorities in 2018
A select group of CIOs and analysts in Denmark, Finland, Norway and Sweden give their views on the top IT priorities in 2018. As in 2017, digital transformation will continue to be a buzzword. Also read how Sweden is tightening up its cyber security defences as part of a wider national security strategy, and how Nordic banks cannot afford to slow their digital transformations as PSD2 comes into force. Continue Reading
-
News
22 Feb 2018
Email attacks and incident detection top security challenges
Email inboxes are the weakest link in security perimeters, and companies struggle with detecting security incidents quickly and accurately, a report finds Continue Reading
-
News
21 Feb 2018
UK organisations failing to take action against fraud
UK organisations are facing increasingly complex and costly incidents of fraud partly due to increasing cyber fraud, yet few are making use of the anti-fraud technologies available, a survey has revealed Continue Reading
-
News
21 Feb 2018
Economic impact of cyber crime is significant and rising
Cyber attacks are becoming easier to carry out while defences remain inadequate, study shows Continue Reading
-
News
21 Feb 2018
Security leaders investing in automation and AI, study shows
Automation and artificial Intelligence are being used to defend against cyber threats, says report, but experts warn that these tools and technologies can be exploited by attackers Continue Reading
-
News
21 Feb 2018
AI a threat to cyber security, warns report
Artificial intelligence is being incorporated into a range of cyber security products, but the technology may also introduce new threats, a report warns Continue Reading
-
News
20 Feb 2018
Businesses face unprecedented volume of cyber attacks
Organisations are facing the highest levels of cyber attacks in both number and sophistication as automated swarm attacks increase, a cyber threat report reveals Continue Reading
-
News
20 Feb 2018
Strategic cyber criminals likely to capitalise on GDPR
As cyber criminals concentrate on targeted, strategic, money-making attacks, they are likely to use GDPR fines as leverage to extort money from organisations, a report warns Continue Reading
-
News
20 Feb 2018
UK local councils under huge cyber attack pressure
Investigation underlines importance of security automation and employee awareness training Continue Reading
-
News
19 Feb 2018
Botnets shift focus to credential abuse
Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns Continue Reading
-
Feature
19 Feb 2018
Getting a handle on mobile security in your enterprise
Everyone now has a mobile device at work, so how can enterprises ensure they are secure? Continue Reading
-
News
19 Feb 2018
Lauri Love can stay in UK: prosecutors will not appeal extradition ruling
Crown Prosecution Service gives undertaking to Lauri Love that it will not appeal against a court decision not to extradite him to the US – but prosecutors are seeking leave to appeal over part of the court ruling on extradition procedure Continue Reading
-
News
19 Feb 2018
Google reveals Edge flaw after Microsoft fails to meet deadline
Google’s Project Zero has gone public with another Microsoft security vulnerability after the software giant failed to issue a fix within allotted time Continue Reading
-
News
16 Feb 2018
Tech industry signs cyber security charter
Nine technology organisations have signed a cyber security charter aimed at raising the level of cyber security internationally Continue Reading
-
News
16 Feb 2018
A third of Brits plan to exercise right to be forgotten
After the General Data Protection Regulation compliance deadline, a third of Britons polled say they plan to exercise their right to be forgotten, but few fully understand the GDPR and how it will affect them Continue Reading
-
News
16 Feb 2018
Few organisations managing cyber risk, survey shows
Cyber risk management practices are not keeping up with rising cyber security concerns among senior executives around the world, a study shows Continue Reading
-
News
15 Feb 2018
F-Secure warns against ‘evil maid’ attacks
Business people are being urged not to underestimate the importance of physical security for their laptops, which can be used as entry points by attackers if not adequately protected Continue Reading
-
News
15 Feb 2018
Atos investigates breach linked to Winter Olympics cyber attack
IT services firm Atos is investigating a potential security breach in response to reports that employee credentials were found in malware used to target the Winter Olympics Continue Reading
-
Feature
14 Feb 2018
How AI will underpin cyber security in the next few years
Cyber security risks are growing in complexity and volume, but artificial intelligence techniques can help businesses track and fight them in real time Continue Reading
-
News
14 Feb 2018
Telegram zero-day exploit is a warning
The discovery of an exploit of a zero-day vulnerability in the Telegram messaging app demonstrates that not all “secure” apps are automatically safe, security experts have warned Continue Reading
-
Opinion
13 Feb 2018
Why police forces need to be honest about mass mobile phone surveillance
Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency Continue Reading
-
News
13 Feb 2018
Industrial cyber security improving, but needs work
Cyber attacks on industrial and critical infrastructure systems are increasing in number and sophistication, but more attention is being paid to security, says Honeywell at it opens new Dubai facility Continue Reading
-
News
13 Feb 2018
Cyber security awareness top priority in financial sector
Information security chiefs in the financial sector say cyber security awareness needs to be a top priority Continue Reading
-
News
12 Feb 2018
FS-ISAC enables safer financial data sharing with API
The global financial industry's body for cyber and physical threat intelligence analysis and sharing has published an API to facilitate safer sharing of consumer financial information Continue Reading
-
News
12 Feb 2018
Criminals hijack government sites to mine cryptocurrency used to hide wealth
Europol says criminals are hiding billions in cryptocurrencies, as thousands of government and other websites have reportedly been used to hijack computers to mine more Continue Reading
-
News
12 Feb 2018
PyeongChang Winter Games hit by cyber attack
Although critical operations were not affected by the incident, event organisers at the PyeongChang Winter Olympics had to shut down servers and the official games website to prevent further damage Continue Reading
-
News
09 Feb 2018
Europe in the firing line of evolving DDoS attacks
The Europe, Middle East and Africa region accounts for more than half the world’s distributed denial of service attacks, a report from F5 Labs reveals Continue Reading
-
News
08 Feb 2018
Norway’s government backs cyber defence mobilisation
Norway has accelerated plans to scale up its national security infrastructure against threats emanating from the cyber domain Continue Reading
-
News
08 Feb 2018
More POS malware detected in the wild
The first new point of sale malware in many months is stealing data from the magnetic strips on payment cards, security researchers warn Continue Reading
-
News
08 Feb 2018
Swisscom downplays data breach
Telecommunication provider Swisscom has downplayed a data breach affecting around 800,000 customers, but security experts warn of potential long-term risks Continue Reading
-
E-Zine
08 Feb 2018
CW Benelux: Dutch IT expert on a mission to expose vulnerabilities
Dutch ethical hacker Victor Gevers took full-time leave from his IT job last year and used the time to hunt for vulnerabilities. Read about his mission to find vulnerabilities, report them responsibly and then, hopefully, get them fixed by the vulnerable parties involved. Also in this issue, read how Proximus, Belgium’s largest telecommunications operator, is leaning on Cloudify to support its adoption of network functions virtualisation, and how journalists showed that the email addresses of Dutch politicians are easy to spoof. Continue Reading
-
News
08 Feb 2018
Teenager suspected of crippling Dutch banks with DDoS attacks
A large distributed denial of service attack on banks and other organisations in the Netherlands, first thought to emanate from Russia, is now thought to have been launched by a local teenager Continue Reading
-
Opinion
08 Feb 2018
Mobile biometrics set to be game-changer in APAC
Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility Continue Reading
-
News
07 Feb 2018
Third party cyber breach risk set to rise
Third party cyber security risk should always have been a priority, but this has never been more important than it is now in light of new technology risks and data protection regulations Continue Reading
-
Opinion
07 Feb 2018
Security Think Tank: How to evolve SecOps capacity
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Opinion
06 Feb 2018
Security Think Tank: Take care of security basics before automating
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
06 Feb 2018
Many UK firms ill-equipped to deal the cloud security risks
Many UK firms do not have the security tools, processes and skills required to ensure their cloud implementations are secure, a security researcher and advocate warns Continue Reading
-
News
05 Feb 2018
Lauri Love plans to use ‘internet as a force for good’
Engineering student Lauri Love says he plans to help businesses fight cyber crime, after the court of appeal ruled that he can be tried in the UK for allegedly hacking US computer systems, rather than face extradition to the US Continue Reading
-
Opinion
05 Feb 2018
Security Think Tank: How automation can reduce the load on the security operations team
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
05 Feb 2018
NCSC shows how first year affected cyber attacks on the UK
Initiatives by the UK’s National Cyber Security Centre (NCSC) have detected and prevented millions of online commodity attacks, the agency’s first annual report shows Continue Reading
-
News
05 Feb 2018
Appeals court rules Lauri Love will not be extradited over US hacking charges
The lord chief justice, Lord Burnett, says 33-year-old engineering student Lauri Love will not be extradited to the US to face hacking charges, in a landmark legal decision, and the Crown Prosecution Service should bring proceedings against Love in the UK Continue Reading
-
News
05 Feb 2018
Researchers discover malicious Chrome extensions
Security researchers have discovered a new botnet delivered via malicious Chrome extensions designed to hijack computers to mine cryptocurrency and record victims’ every move Continue Reading
-
Opinion
02 Feb 2018
Security Think Tank: Approaches to strengthening security operations
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
02 Feb 2018
GDPR: Don’t panic, but seize the chance to build trust, says ICO
With the compliance deadline for the EU’s GDPR just 112 days away, the UK’s information commissioner has urged organisations not to panic, but to seize the chance to build trust with customers Continue Reading
-
News
02 Feb 2018
Appeal Court to give landmark verdict on Lauri Love extradition
The Appeal Court will decide whether Lauri Love, who has serious health issues, should be extradited to the US to face hacking charges, or face trial in the UK. The landmark case is the first test of legal protections introduced by Theresa May to protect vulnerable people Continue Reading
-
News
02 Feb 2018
CIO interview: Aaron Powell, CDO, NHS Blood and Transplant
NHS Blood and Transplant chief digital officer Aaron Powell explains why pushing a digital transformation agenda has a real impact on people’s lives Continue Reading
-
Opinion
02 Feb 2018
Europe’s shameful role in spy-tech exports that led to torture and jail
Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of spy-technology to countries with poor human rights records Continue Reading
-
News
02 Feb 2018
Faster data is a safer bet for risk exposure
Betting platform service supplier FSB Technology (UK) has used GridGain’s in-memory database to support its existing PostgreSQL transactional system Continue Reading
-
News
01 Feb 2018
Industrial cyber security continues to be poor, warns report
The number of internet-accessible industrial control systems is increasing every year, researchers warn Continue Reading
-
News
01 Feb 2018
Businesses urged to patch against cryptocurrency-mining botnet
Researchers have uncovered further evidence that cyber criminals are cashing in on the popularity of cryptocurrencies, with the discovery of a global cryptocurrency-mining botnet Continue Reading
-
Opinion
01 Feb 2018
Security Think Tank: Automating basic security tasks
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
01 Feb 2018
Dutch companies not ready for GDPR despite approaching deadline
Organisations in the Netherlands are racing towards General Data Protection Regulation compliance, but there is still much to be done Continue Reading
-
News
31 Jan 2018
Many businesses still using outdated security, says Troy Hunt
Too many businesses are using out-of-date approaches to security, a world-renowned cyber security author and trainer warns Continue Reading
-
Opinion
31 Jan 2018
Security Think Tank: Don’t automatically automate security
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
31 Jan 2018
UK finance sector cyber security pros admit shocking practices
UK financial sector IT security teams face immense challenges that are undermining business opportunities and continuity in financial services, a survey reveals Continue Reading
-
Feature
31 Jan 2018
Navigating ASEAN’s patchy cyber security landscape
Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows Continue Reading
-
Opinion
30 Jan 2018
Security Think Tank: Establish best practice before automating security processes
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
30 Jan 2018
Cyber security salaries will rise 7% in 2018, says research
Salaries for increasingly popular technology roles such as cyber security are set to rise over the next year Continue Reading
-
News
30 Jan 2018
Government surveillance regime unlawful, court rules in Tom Watson case
Appeal court ruled in favour of Labour MP Tom Watson in a legal battle with the government over the UK’s surveillance laws, leading to calls to rethink controversial Investigatory Powers Act Continue Reading