IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Dec 2024
Top 10 data and ethics stories of 2024
Here are Computer Weekly’s top 10 data and ethics stories of 2024 Continue Reading
-
News
19 Dec 2024
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee Continue Reading
-
News
06 Apr 2018
HSBC IT whistleblower faces extradition to Switzerland
Hervé Falciani, who stole data from thousands of private banking customers, is apprehended in Spain following the issuing of an international arrest warrant Continue Reading
-
News
05 Apr 2018
Retail sector top cyber attack target
The retail sector was the top cyber attack target in 2017, as cyber attacks evolved to become more organised and structured, a report reveals Continue Reading
-
News
05 Apr 2018
Business should note Facebook data sharing, say security advisers
Businesses that use Facebook and have employees that use it should take note that data is shared with potential cyber attackers, security advisers warn, as Facebook reveals the Cambridge Analytica data exploitation scandal may affect 87 million users Continue Reading
-
Opinion
05 Apr 2018
Security Think Tank: Deal with cryptojacking to avoid security vulnerability
How can organisations best defend against cryptojacking? Continue Reading
-
News
05 Apr 2018
More than 1.5 billion business and consumer files exposed online
With just over a month to go before the GDPR compliance deadline, more than 1.5 billion data files are exposed online without adequate protections, a report reveals Continue Reading
-
News
05 Apr 2018
Interview: GDPR will give Dutch privacy watchdog its teeth
The Netherlands’ privacy watchdog has not handed out fines so far because there has been no reason to, says the organisation’s chairman, Aleid Wolfsen Continue Reading
-
Opinion
04 Apr 2018
Security Think Tank: User vigilance key to cryptojacking defence
How can organisations best defend against cryptojacking? Continue Reading
-
News
04 Apr 2018
Ransomware puts pressure on incident response
Cyber attackers switched focus to ransomware attacks in 2017 putting pressure on incident response, while human error was responsible for two-thirds of compromised records, a study shows Continue Reading
-
News
04 Apr 2018
Average attacker dwell time nearly six months for EMEA, study shows
Firms in Europe, the Middle East and Africa take nearly six months to detect cyber attacks on average, a report reveals Continue Reading
-
News
03 Apr 2018
UK firms failing to make financial plans for cyber attacks
Most UK firms are failing to plan for the financial impact of cyber attacks, a survey by Lloyds Bank has revealed Continue Reading
-
Opinion
03 Apr 2018
Security Think Tank: Use awareness, education and controls to halt cryptojacking
How can organisations best defend against cryptojacking? Continue Reading
-
News
03 Apr 2018
Automation and gamification key to cyber security
The use of automation and gamification are key to winning the fight against cyber criminals in the face of the skills’ shortage, a study investigating challenges facing IT security teams reveals Continue Reading
-
News
02 Apr 2018
Lawyers more influential than IT staff in cloud deployments
Traditionally considered risk-adverse, lawyers are twice as more influential than in-house technology staff about cloud, research finds Continue Reading
-
News
29 Mar 2018
Europol operation nabs another 20 cyber criminals
Police have arrested 20 cyber criminals in connection with a €1m fraud operation across Italy and Romania Continue Reading
-
News
29 Mar 2018
Business unaware of scale of cyber threat
Many businesses, especially board members, do not understand the scale of the cyber threat, but international efforts to combat cyber crime are being hampered by political barriers Continue Reading
-
News
29 Mar 2018
Cryptocurrency mining rampant in higher education
Higher education institutions are the biggest target for illicit cryptocurrency mining, data shows Continue Reading
-
News
29 Mar 2018
Most airports not protected from cyber threats
The chairman of the Israel Airports Authority paints a dismal picture of the state of cyber security in aviation, and offers advice on what can be done to avert the next disaster Continue Reading
-
News
28 Mar 2018
Majority of European firms unprepared for phishing attacks
Most cyber attacks can be traced back to a phishing email, but more than half of European firms are unprepared to deal with email-based attacks, research has revealed Continue Reading
-
News
28 Mar 2018
Facebook announces more privacy control updates
Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns Continue Reading
-
News
28 Mar 2018
AWS ups ante on cloud services for Australian government
Cloud supplier AWS says government agencies can now assess the prospect of running protected workloads, following an independent cloud security assessment Continue Reading
-
News
28 Mar 2018
Majority of firms fear mobile workers have been hacked
More than half of organisations fear that their mobile workers have been hacked and most are concerned that a growing mobile workforce means increased cyber security risk, a survey reveals Continue Reading
-
News
27 Mar 2018
UK organisations urged to develop cyber security skills
Managed cloud computing firm Rackspace is calling on UK organisations to do more to develop cyber security skills in the light of research into expertise in cloud security Continue Reading
-
News
27 Mar 2018
Most top UK firms fail to disclose cyber risk testing details
Most of the largest UK companies do not reveal their testing of cyber protection plans and do not share security updates with the board regularly, a Deloitte report reveals Continue Reading
-
News
26 Mar 2018
ShopDirect set to use AI to detect fraud on phone calls
The online retailer has signed a contract to use voice authentication technology from Pindrop to tackle fraud and improve customer experience Continue Reading
-
News
26 Mar 2018
Blockchain not ready for cross-border bank payments
The use of blockchain in certain parts of the financial services industry is limited at present due to the additional IT work required around its use Continue Reading
-
News
26 Mar 2018
Dutch SMEs’ cyber security is insufficient
Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security Continue Reading
-
News
22 Mar 2018
Colt pioneers blockchain in telco voice wholesaling
Colt Technology Services and Hong Kong Telecom’s international unit PCCW Global teamed up to trial the use of blockchain in wholesale voice settlements Continue Reading
-
News
22 Mar 2018
Application layer DDoS attacks increasing, Imperva data shows
Distributed denial of service attacks targeting applications almost doubled in the last three months of 2017, according to Imperva Incapsula data Continue Reading
-
News
22 Mar 2018
Businesses lack cyber security confidence after majority were breached in past year
Most businesses were hit by a data breach in the past year, yet less than half are confident they would detect a breach, a survey shows Continue Reading
-
News
21 Mar 2018
MoD to focus on SMEs to raise supply chain cyber security
The Ministry of Defence continues to develop a joint initiative with industry aimed at raising the security posture throughout the UK’s defence supply chain, with increasing focus on SMEs Continue Reading
-
News
20 Mar 2018
Firms need to move from DevOps to DevSecOps, says expert
In the face of competition, organisations are turning to DevOps to improve efficiency and accelerate innovation, but this is creating new security risks, an industry expert warns Continue Reading
-
News
19 Mar 2018
C-suite a cyber attack risk, say security chiefs
Those tasked with running organisations are the most likely group to expose them to a major cyber attack, a poll of UK information security executives shows Continue Reading
-
News
19 Mar 2018
Wigan data breaches underline need to share threat intelligence
Ongoing data breaches experienced by local authorities underline the need for greater sharing of threat intelligence, say security experts Continue Reading
-
News
19 Mar 2018
Russia compromised core router in US energy attacks
Russian cyber attackers used a compromised core router in a series of attacks on the US energy sector, security researchers have revealed as the UK energy sector is placed on alert Continue Reading
-
News
16 Mar 2018
IT contractors not a risk despite Snowden leaks, GCHQ tells court
The government argues in the Investigatory Powers Tribunal that contractors with systems administration rights to computers holding GCHQ’s most sensitive intelligence pose no more of a security risk than the agency’s employees Continue Reading
-
Opinion
16 Mar 2018
SD-WAN needs software-defined security
Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected Continue Reading
-
News
16 Mar 2018
US blames Russia for cyber attacks on energy firms
The US has blamed Russia for a series of attacks on energy sector firms, underlining the need to ensure critical infrastructure IT systems are up to date and secure Continue Reading
-
Opinion
16 Mar 2018
Australian firms need to move faster in the digital age
Just over a tenth of IT professionals in Australia say their companies can roll out a new product in less than three months, despite operating in fast-moving markets with digitally savvy customers Continue Reading
-
15 Mar 2018
Taking complexity out of cyber security
The key to improving the cyber security posture of organisations is to keep complexity at bay, according to a senior Microsoft executive. Continue Reading
-
E-Zine
15 Mar 2018
CW ASEAN: Time to boost cyber defences
With a relatively young and tech-savvy population, ASEAN has been at the forefront of technology adoption. Yet, this has exposed its people and businesses to more cyber threats, including the massive data leak in Malaysia in 2017. In this month’s issue of CW ASEAN, we take a closer look at ASEAN’s patchy cyber security landscape, including varying levels of cyber resilience across the region, cyber security strategies adopted by different countries, as well as efforts to improve cyber capabilities and foster greater collaboration in the common fight against cyber threats. Download the issue now. Continue Reading
-
E-Zine
15 Mar 2018
CW ANZ: Report data break-ins – it’s the law
Cyber security is an increasingly global endeavour, with threat actors who know no boundaries unleashing attacks from nearly anywhere in the world. In this month’s issue of CW ANZ, we look at how Australia’s mandatory data breach notification law underscores recent efforts to lift its cyber security game, both locally and internationally. Download the issue now. Continue Reading
-
Opinion
15 Mar 2018
Security Think Tank: Fileless malware not totally undetectable
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
15 Mar 2018
DocuTrac medical software is a breach risk, warns Rapid7
Security researchers have issued a security warning about medical billing and documentation software they say puts patients at risk of data breach Continue Reading
-
Opinion
14 Mar 2018
Security Think Tank: Awareness is a good starting point to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
14 Mar 2018
Researchers accused of irresponsible disclosure of AMD chip flaws
Israel-based researchers have been accused of irresponsible disclosure for going public with more than a dozen security flaws discovered in AMD processors Continue Reading
-
News
13 Mar 2018
Government ‘unlawfully delegated’ bulk data powers to GCHQ, court hears
Privacy International urges Britain’s most secret court, the Investigatory Powers Tribunal, to rule that the government illegally collected surveillance data from internet and phone companies until at least September 2017 Continue Reading
-
Opinion
13 Mar 2018
Security Think Tank: Patch, scan and lock down to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Feature
13 Mar 2018
Businesses need to take cryptojacking seriously
Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading
-
News
13 Mar 2018
Public sector organisations ill-prepared for GDPR
Public sector organisations in the UK need to do much more to comply with the General Data Protection Regulation rule on providing information to citizens about details held about them Continue Reading
-
News
13 Mar 2018
Slingshot router malware: a warning for businesses
A stealthy malware that has been used to carry out cyber espionage undetected for six years should raise a red flag to businesses, say security commentators Continue Reading
-
Opinion
12 Mar 2018
Security Think Tank: Human, procedural and technical response to fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
12 Mar 2018
Eight new cyber threats a second in Q4 2017, McAfee report reveals
There was an increase in cyber attacks on healthcare organisations, the use of fileless malware and cryptocurrency mining in the last three months of 2017, with eight new threats a second Continue Reading
-
News
12 Mar 2018
Regulator takes tougher line than expected on surveillance warrants
The Investigatory Powers Commissioner’s Office has signalled to government that it will take a tough line when scrutinising surveillance warrants under the controversial Investigatory Powers Act Continue Reading
-
News
12 Mar 2018
UK leads global upward trend in SOC maturity
The UK is leading the way towards more efficient security operations centres, but many still continue to operate with serious gaps in security, a report reveals Continue Reading
-
News
09 Mar 2018
Security researchers demonstrate ransomware attack on robots
Researchers have carried out a ransomware attack on robots to show that such attacks are possible and should be guarded against Continue Reading
-
Opinion
09 Mar 2018
Security Think Tank: Use layered security and patch management to defeat fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
09 Mar 2018
Cryptojacking cyber criminals up their game
Cyber criminals hijacking computing resources to mine for cryptocurrencies are raising their efforts to bypass enterprise security controls, researchers have found Continue Reading
-
Opinion
08 Mar 2018
Security Think Tank: Multi-layered security key to fileless malware defence
What should organisations do, at the very least, to ensure business computers are protected from fileless malware? Continue Reading
-
News
08 Mar 2018
Mac malware more than doubled in 2017
Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes Continue Reading
-
E-Zine
08 Mar 2018
CW Europe: Germany’s Lemoncat takes catering to the cloud
Business catering startup Lemoncat has taken advantage of the affordable cost of living in Berlin and is shaking up the catering sector by harnessing the Amazon and Salesforce clouds. Also in this issue, read how Moscow’s government is taking advantage of high penetration of broadband and mobile internet to expand innovative services under the Russian capital’s smart city programme, and how organisations in the Netherlands still have much to do to comply with the General Data Protection Regulation. Continue Reading
-
News
08 Mar 2018
Businesses warned not to ignore cryptojacking threat
Businesses should not ignore the threat of malware designed to carry out illicit cryptocurrency mining, warns NTT Security Continue Reading
-
News
07 Mar 2018
Only half of ransomware payments honoured
Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks Continue Reading
-
News
07 Mar 2018
Businesses under pressure to allow easier access to cloud
Businesses are under pressure from employees to use consumer-focused authentication methods for cloud applications, but that could have both positive and negative security implications, warns Gemalto Continue Reading
-
Opinion
07 Mar 2018
Security Think Tank: Aim to detect and contain fileless malware attacks quickly
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
07 Mar 2018
Cyber security is a team sport, says NCSC
The UK’s national cyber security agency aims to help organisations understand the need to act collaboratively and collectively against the cyber threat, urging them to raise the bar Continue Reading
-
News
07 Mar 2018
World Economic Forum creates fintech focus group for cyber security
WEF consortium of companies will focus on protecting financial technology firms from cyber threats Continue Reading
-
Opinion
06 Mar 2018
Security Think Tank: Social engineering at the heart of fileless malware attacks
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
06 Mar 2018
EC to boost cyber security support and collaboration
The European Commission is focused on boosting cyber security support and collaboration throughout the European Union Continue Reading
-
News
05 Mar 2018
Most healthcare organisations have been breached, report shows
Less than a third of global healthcare organisations remain untouched, as data breaches rise across the industry, a report reveals Continue Reading
-
News
02 Mar 2018
Cyber crime is a top threat to UK charities, says NCSC
Cyber crime poses the most serious threats to UK charities, the National Cyber Security Centre has warned Continue Reading
-
News
02 Mar 2018
Cyber threat to industrial control systems highest yet
The cyber threat to industrial control systems has never been greater, according to a report analysing malicious activity aimed at such systems Continue Reading
-
News
02 Mar 2018
Memcached servers irresistible to DDoS attackers, expert warns
In the light of the biggest distributed denial of service attack to date against GitHub, organisations should ditch memcached servers or risk a blizzard of blistering attacks, says security researcher Continue Reading
-
News
02 Mar 2018
New privacy fears as IT challenges delay surveillance oversight body by a year
IT challenges have delayed government plans for an independent body to authorise requests to access the public’s internet and phone records by nearly a year, raising new legal and privacy concerns Continue Reading
-
News
01 Mar 2018
Imaging systems biggest security risk in healthcare
Imaging systems have been identified as the biggest cyber security risk in the healthcare sector, a report on internet of things security has revealed Continue Reading
-
News
01 Mar 2018
Security fears delay roll-out of national e-voting system in Finland
Project enters problem-solving phase to identify advanced, effective and best practice solutions to develop a secure internet-based voting system Continue Reading
-
News
01 Mar 2018
ANZ organisations grappling with cloud outages
A majority of organisations from Australia and New Zealand admitted in a survey that they had not fully evaluated the impact of cloud outages which were longer than they had expected Continue Reading
-
News
28 Feb 2018
Government must rewrite illegal sections of Snoopers’ Charter, court told
A court has been asked to give ministers until July 2018 to rewrite powers to require phone and internet companies to retain data on the population. The government acknowledges parts of surveillance regime are unlawful Continue Reading
-
News
28 Feb 2018
Businesses urged to patch Oracle WebLogic flaw
Security researchers are again urging businesses to patch an Oracle WebLogic flaw that continues to be exploited by cyber criminals to mine cryptocurrencies Continue Reading
-
News
27 Feb 2018
Understanding the cyber threat key to UK defence, says NCSC
Understanding cyber threats is key to defending the UK and ensuring it is a safe place to do business, says the National Cyber Security Centre Continue Reading
-
E-Zine
27 Feb 2018
How IT is taking UPS to new heights
In this week's Computer Weekly, we talk to UPS CIO Juan Perez to find out how making his IT department “business intimate” is driving innovation at the parcel shipping giant. We look at how cloud management platforms can help ease the adoption of multiple public cloud services. And we examine how UK local councils are struggling to deal with cyber attacks and data breaches. Read the issue now. Continue Reading
-
Opinion
26 Feb 2018
GDPR gotchas and how to handle them
We look at common problems organisations encounter when dealing with the EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018 Continue Reading
-
News
26 Feb 2018
Cryptomining is top attack type, says Malwarebytes
Malicious cryptomining has been the top cyber criminal activity detected since September 2017, a report reveals Continue Reading
-
News
26 Feb 2018
Cyber criminals catching up with nation state attacks
The trickle-down effect of advanced “military-grade” tools is seeing the gap between cyber criminal and nation state attack capabilities closing, outpacing many organisations’ defence capabilities Continue Reading
-
News
23 Feb 2018
Avast discovers Tempting Cedar Android spyware campaign
Security researchers have uncovered a three-year-old Android spyware campaign spread through social media and targeting people in the Middle East Continue Reading
-
News
22 Feb 2018
Unprotected Kubernetes consoles expose firms to cryptojacking
A number of big companies have been targeted by crytojacking attacks, where cyber criminals hijack computing power to mine cryptocurrencies, but some have unprotected Kubernetes consoles in common Continue Reading
-
News
22 Feb 2018
Hitachi Vantara ups ante on industrial IoT
Potential internet of things powerhouse believes its deep expertise in operational technology will give it a leg up over traditional IT rivals Continue Reading
-
News
22 Feb 2018
UK plans laws to protect company directors from ID theft
Legislation will make it easier for directors to remove their personal addresses from the company register Continue Reading
-
E-Zine
22 Feb 2018
CW Nordics: Nordics CIOs’ priorities in 2018
A select group of CIOs and analysts in Denmark, Finland, Norway and Sweden give their views on the top IT priorities in 2018. As in 2017, digital transformation will continue to be a buzzword. Also read how Sweden is tightening up its cyber security defences as part of a wider national security strategy, and how Nordic banks cannot afford to slow their digital transformations as PSD2 comes into force. Continue Reading
-
News
22 Feb 2018
Email attacks and incident detection top security challenges
Email inboxes are the weakest link in security perimeters, and companies struggle with detecting security incidents quickly and accurately, a report finds Continue Reading
-
News
21 Feb 2018
UK organisations failing to take action against fraud
UK organisations are facing increasingly complex and costly incidents of fraud partly due to increasing cyber fraud, yet few are making use of the anti-fraud technologies available, a survey has revealed Continue Reading
-
News
21 Feb 2018
Security leaders investing in automation and AI, study shows
Automation and artificial Intelligence are being used to defend against cyber threats, says report, but experts warn that these tools and technologies can be exploited by attackers Continue Reading
-
News
21 Feb 2018
Economic impact of cyber crime is significant and rising
Cyber attacks are becoming easier to carry out while defences remain inadequate, study shows Continue Reading
-
News
21 Feb 2018
AI a threat to cyber security, warns report
Artificial intelligence is being incorporated into a range of cyber security products, but the technology may also introduce new threats, a report warns Continue Reading
-
News
20 Feb 2018
Businesses face unprecedented volume of cyber attacks
Organisations are facing the highest levels of cyber attacks in both number and sophistication as automated swarm attacks increase, a cyber threat report reveals Continue Reading
-
News
20 Feb 2018
Strategic cyber criminals likely to capitalise on GDPR
As cyber criminals concentrate on targeted, strategic, money-making attacks, they are likely to use GDPR fines as leverage to extort money from organisations, a report warns Continue Reading
-
News
20 Feb 2018
UK local councils under huge cyber attack pressure
Investigation underlines importance of security automation and employee awareness training Continue Reading
-
News
19 Feb 2018
Botnets shift focus to credential abuse
Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns Continue Reading
-
Feature
19 Feb 2018
Getting a handle on mobile security in your enterprise
Everyone now has a mobile device at work, so how can enterprises ensure they are secure? Continue Reading
-
News
19 Feb 2018
Lauri Love can stay in UK: prosecutors will not appeal extradition ruling
Crown Prosecution Service gives undertaking to Lauri Love that it will not appeal against a court decision not to extradite him to the US – but prosecutors are seeking leave to appeal over part of the court ruling on extradition procedure Continue Reading
-
News
19 Feb 2018
Google reveals Edge flaw after Microsoft fails to meet deadline
Google’s Project Zero has gone public with another Microsoft security vulnerability after the software giant failed to issue a fix within allotted time Continue Reading