IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
30 Jan 2018
Most online retail sites put customers at risk of phishing
Most top online retail sites fail to protect consumers from phishing attacks, a study has revealed Continue Reading
-
Opinion
29 Jan 2018
Security Think Tank: Humans and AI machines in harmony
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
29 Jan 2018
Millennials set to disrupt authentication, shows IBM study
Young adults are lax on passwords, but are more comfortable than older generations with biometric and multifactor authentication, an IBM study shows Continue Reading
-
News
29 Jan 2018
Hefty fines confirmed for CNI providers with poor cyber security
The government has confirmed that critical infrastructure providers with poor cyber security face fines of millions of pounds as the National Cyber Security Centre publishes new guidance for the industry Continue Reading
-
News
29 Jan 2018
Business cyber crime up 63%, UK stats show
Despite an overall decrease in fraud and computer misuse in 2017, the latest Office for National Statistics (ONS) reports show that incidents involving computer misuse and malware against business are way up Continue Reading
-
News
26 Jan 2018
ICO launches data protection excellence award
UK’s privacy watchdog launches data protection excellence award to mark international Data Protection Day, as security suppliers issue data protection tips and guidelines Continue Reading
-
News
25 Jan 2018
IoT security risks need immediate action, says report
The security failings in today’s internet-connected devices will only become more pervasive unless action is taken immediately, according to industry experts Continue Reading
-
News
25 Jan 2018
Ransomware was most popular cyber crime tool in 2017
Detections of ransomware increased by more than 90% last year compared with 2016 Continue Reading
-
News
25 Jan 2018
Security spending not on most-effective controls, report reveals
While planned spending on IT security is up globally, so too are data breaches, with evidence mounting that hackers are hitting the bottom line, a global security survey reveals Continue Reading
-
News
24 Jan 2018
Most UK organisations unaware of new data protection laws
The UK’s digital and culture secretary is urging businesses and charities to prepare for stronger data protection laws in the light of new information Continue Reading
-
News
24 Jan 2018
Sweden puts government IT outsourcing under increased scrutiny
Government introduces rules to tighten security in IT outsourcing deals following a very public data leak last year Continue Reading
-
News
24 Jan 2018
Dark web Dream Market drives cyber fraud industry
An international operation shut down the AlphaBay and Hansa marketplaces in July 2017, but new ones have sprung up on the dark web, with one in particular helping to drive cyber fraud Continue Reading
-
News
23 Jan 2018
Intel recalls botched Spectre fix
The inventor of Linux, Linus Torvalds, vents his frustration and suggests Intel has no plans to fix Spectre flaw Continue Reading
-
News
23 Jan 2018
Thousands of critical systems affected by serious security flaws
Multiple and serious vulnerabilities have been found in a software management system widely used in corporate and industrial control environments, researchers warn Continue Reading
-
News
23 Jan 2018
New controversies as Trump passes US Foreign Intelligence Surveillance Act
The amended Foreign Intelligence Surveillance Act, which seeks to legitimise US surveillance on foreigners, has been signed off by president Trump Continue Reading
-
News
22 Jan 2018
Taking complexity out of cyber security
The key to improving the cyber security posture of organisations is to keep complexity at bay, according to a senior Microsoft executive Continue Reading
-
News
22 Jan 2018
Judge will take time to seek answers from EU court over Max Schrems Facebook privacy fight
The Irish High Court will take time to decide what questions to put before the European Court of Justice in a case with significant implications for EU and US trade and the privacy of EU citizens Continue Reading
-
News
22 Jan 2018
European Parliament votes to restrict exports of surveillance equipment
European Parliament votes to tighten export controls to restrict supply of surveillance and encryption technology to states with poor human rights records amid fears British companies may not have to comply after Brexit Continue Reading
-
News
22 Jan 2018
Cyber attackers exploiting trust in FTP servers
Some cyber attackers are exploiting trust in FTP servers to distribute malware, security researchers warn Continue Reading
-
News
22 Jan 2018
Powerful Zyklon malware exploiting MS Office flaws
Cyber attackers are exploiting three recently discovered vulnerabilities in Microsoft Office to spread multifunction Zyklon malware, security researchers warn Continue Reading
-
Feature
22 Jan 2018
The rights and wrongs about GDPR compliance
We explore some common myths surrounding the forthcoming General Data Protection Regulation Continue Reading
-
News
18 Jan 2018
Create security culture to boost cyber defences, says Troy Hunt
Security suffers when there is tension between software developers and security professionals, but it is common in many organisations, says world-renowned security blogger and trainer Continue Reading
-
News
18 Jan 2018
Cyber attackers upped their game in 2017, warns report
Cyber attackers ranging from criminals to nation states have upped their game in the past year, “moving the needle” in terms of tactics, techniques and procedures, a report by a cyber security firm warns Continue Reading
-
News
17 Jan 2018
North Korean hackers tied to cryptocurrency attacks in South Korea
North Korea's Lazarus Group targeted South Korean cryptocurrency exchanges and users in late 2017, but may soon go after exchanges and users in other countries, warns report Continue Reading
-
News
17 Jan 2018
Davos: Disintegration of the internet could create economic turmoil
Politicians and business leaders will discuss the risks posed by fake news, cyber attacks, and artificial intelligence to jobs, political stability and global security, at the World Economic Forum in Davos Continue Reading
-
News
16 Jan 2018
Vulnerability exploit report shows importance of patching
Latest vulnerability exploit report by security firm AlienVault shows the most popular vulnerabilities remain exploited for several years Continue Reading
-
News
16 Jan 2018
Skygofree Android spyware active since 2014, say researchers
Powerful, highly advanced spyware has been targeting Android mobiles for the past four years, security researchers have discovered Continue Reading
-
News
16 Jan 2018
Beware fake Meltdown and Spectre patches
Security experts have warned that cyber attackers will be quick to use the Meltdown and Spectre exploits, but the first attempt to capitalise on them has come in the form of fake updates Continue Reading
-
News
16 Jan 2018
Most UK enterprise mobiles not patched for Meltdown and Spectre
Very few UK enterprise mobile devices have been patched against the recently discovered Meltdown and Spectre exploits and almost a quarter cannot be patched, a study shows Continue Reading
-
News
12 Jan 2018
Call for statutory regulation of police number plate cameras amid concerns over accuracy
The UK’s automatic number plate recognition database – one the largest non-military data-gathering systems – records up to 1.2 million false readings of number plates every day. It should be subject to statutory regulation, says an independent watchdog Continue Reading
-
News
12 Jan 2018
Intel makes security-first pledge
As it scrambles to deal with the Meltdown and Spectre processor exploits, Intel has made a series of security commitments Continue Reading
-
News
12 Jan 2018
F-Secure highlights another critical Intel security issue
As Intel scrambles to issue security updates to address the Meltdown and Spectre exploits, researchers have highlighted another, unrelated, critical security issue that could affect millions of corporate laptops Continue Reading
-
Feature
11 Jan 2018
How secure are smart energy grids?
The improved efficiency of smart grids need to be weighed against the cost of security - presenting a unique opportunity for the tech sector and a new market for security companies Continue Reading
-
News
11 Jan 2018
Mobile app flaws are a risk to industrial IT systems, says report
Cyber security vulnerabilities in mobile applications could be exploited to compromise industrial network infrastructure, a report warns Continue Reading
-
News
11 Jan 2018
Nuclear weapons’ cyber attack risk relatively high, says report
With the potential for catastrophic consequences from a nuclear weapons detonation attack, it is crucial to have the most robust nuclear policies in place, says an international affairs think-tank Continue Reading
-
News
10 Jan 2018
Cyber criminals exploit Oracle WebLogic flaw
Researchers are urging companies to apply a security update to patch a flaw in Oracle’s WebLogic Server component that is being exploited to mine cryptocurrency Continue Reading
-
News
10 Jan 2018
UAE tech growth prompts firms to review internal IT security
As IT becomes more prominent in the UAE economy, more and more internal connections between people and systems are created, all of which need to be secured Continue Reading
-
News
10 Jan 2018
ICO fines Carphone Warehouse £400,000
Mobile retailer hit with one of the highest fines for putting personal data at risk as UK privacy watchdog warns that more stringent data protection laws will apply from 25 May 2018 Continue Reading
-
News
10 Jan 2018
Spectre: How reverse-engineering a microprocessor revealed a fundamental flaw
Researchers have published their work on Spectre, a flaw that affects every modern CPU. We find out what went wrong from one of the engineers Continue Reading
-
News
09 Jan 2018
Meltdown and Spectre a big deal for enterprises
Although consumers are relatively unaffected by the recently disclosed security vulnerabilities in most modern processors, enterprises need to take the threat seriously. Computer Weekly looks at how enterprise IT and security professionals should be approaching these threats Continue Reading
-
News
09 Jan 2018
Cyber attacks in 2017 drive Nordic security efforts
The volume of cyber attacks last year has increased boardroom focus on security in the Nordic region Continue Reading
-
News
09 Jan 2018
Intel to set up new group to focus on hardware security
Chip maker is reportedly planning to form a new group to focus on hardware security as it scrambles to limit the impact of recently discovered security flaws in chip designs Continue Reading
-
News
08 Jan 2018
Sweden steps up cyber defence measures
Sweden is tightening up its cyber security defences as part of a wider national security strategy Continue Reading
-
Feature
08 Jan 2018
Get tooled up to meet GDPR requirements
We look at options for tools to help organisations comply with the EU’s General Data Protection Regulation Continue Reading
-
News
05 Jan 2018
Patch systems against Meltdown and Spectre, urges ICO
UK’s data protection watchdog is calling for organisations to apply security updates to mitigate against exploits of microprocessor flaws as soon as possible to safeguard personal data Continue Reading
-
News
05 Jan 2018
2018 could be year of critical infrastructure attacks, says report
The coming year is likely to see an increase in the number of cyber attacks on critical national infrastructure (CNI), according to a report based on experts’ forecasts Continue Reading
-
News
05 Jan 2018
Apple confirms all devices affected by Meltdown and Spectre
Apple has confirmed that all iPhones, iPads and Mac computers are affected by the recently discovered microprocessor exploits as the financial services industry assesses the risk Continue Reading
-
Opinion
04 Jan 2018
Zero in on your zero-day vulnerabilities
A zero-day attack comes, by definition, out of the blue. You cannot predict its nature or assess how much damage it might cause, but you can take some basic steps to protect yourself from a potentially crippling cyber strike Continue Reading
-
News
04 Jan 2018
Meltdown and Spectre: AWS, Google and Microsoft rush to patch cloud chip flaws
Amazon, Google and Microsoft rush to fix chip flaws that could leave cloud customers at risk of having their data accessed or stolen by other users Continue Reading
-
News
03 Jan 2018
Critical Intel security patch will slow PCs, servers and Macs
AMD shares rise on news that the performance of millions of Windows PCs, Linux servers and Apple Macs is to be impacted by critical updates for a recently discovered security flaw in Intel chips manufactured in the past 10 years Continue Reading
-
News
03 Jan 2018
What the EU’s new data protection regime means for ASEAN
A large proportion of businesses in the regional economic grouping will be affected by Europe’s General Data Protection Regulation, but awareness of the new rules remains low, even in countries with existing data protection laws Continue Reading
-
News
03 Jan 2018
IoT botnet DDoS attacks predicted after exploit code published
Security researchers are urging businesses to ensure they are prepared for large-scale DDoS attacks following the online publication of code to exploit a vulnerability in Huawei HG532 routers Continue Reading
-
News
03 Jan 2018
Top IT priorities for Nordic CIOs in 2018
Nordic CIOs tell Computer Weekly about their intentions for the year ahead Continue Reading
-
News
02 Jan 2018
Ransomware to hit cloud computing in 2018, predicts MIT
Ransomware targeting cloud services is one of the six biggest cyber threats likely to face organisations in 2018, according to the Massachusetts Institute of Technology Continue Reading
-
News
21 Dec 2017
Top 10 IT security stories of 2017
Here are Computer Weekly's top 10 IT security stories of 2017 Continue Reading
-
News
20 Dec 2017
Top 10 cyber crime stories of 2017
Here are Computer Weekly’s top 10 cyber crime stories of 2017 Continue Reading
-
News
20 Dec 2017
UK government blames North Korea for WannaCry cyber attack
The UK and US governments say a North Korean group was responsible for the ransomware attacks that hit the NHS and other organisations globally this year Continue Reading
-
News
14 Dec 2017
Top cyber security predictions in APAC in 2018
Cyber criminals will ramp up efforts to mine cryptocurrencies, while mobile malware will rear its ugly head across the APAC region in 2018 Continue Reading
-
News
10 Dec 2017
Russian-speaking hackers targeting financial institutions
A Russian-speaking cyber criminal gang is targeting financial institutions in the UK, US and Russia, a Moscow-based security firm reports Continue Reading
-
News
08 Dec 2017
Hackers steal nearly $80m in bitcoin
Hackers have stolen nearly $80m worth of bitcoin from a bitcoin mining service as the cryptocurrency’s value continues to skyrocket Continue Reading
-
News
05 Dec 2017
Bitcoin industry enters top 10 DDoS targets
The bitcoin industry has become one of the top 10 industries most targeted by distributed denial of service attacks, a report has revealed Continue Reading
-
News
05 Dec 2017
Researchers warn of new support scam malware
Security researchers have identified a new strain of support scam malware and a way of clearing up infected machines Continue Reading
-
Feature
04 Dec 2017
Steal a march on cyber criminals through security by deception
Security by obscurity, although a common and tempting practice, is generally not recommended, but security by deception offers a way for defenders to make it more difficult for attackers to succeed and easier for defenders to catch them Continue Reading
-
News
04 Dec 2017
Barclays Bank stops offering Kaspersky software to new users
Bank is no longer offering customers Kaspersky anti-virus software after UK security agency issues warning Continue Reading
-
News
29 Nov 2017
Lauri Love would face ‘medieval’ conditions in US prison if extradited over hacking charges
Engineering student Lauri Love should be tried in the UK, court hears, as new evidence is presented on the “medieval” conditions in US jails for people with medical problems Continue Reading
-
News
28 Nov 2017
Businesses need to balance user experience, privacy and security
Balancing user experience, privacy and security for the connected consumer is a key challenge for online businesses, according to KuppingerCole Continue Reading
-
News
28 Nov 2017
IoT and artificial intelligence dominate APAC tech landscape in 2017
Businesses across the APAC region have started to dip their toes into AI and the internet of things to improve operations and stay competitive Continue Reading
-
Video
28 Nov 2017
Lauri Love: how reformed hackers halted the WannaCry virus
Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT. Continue Reading
-
Feature
27 Nov 2017
UK sale of surveillance equipment to Macedonia raises questions over export licence policy
The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision Continue Reading
-
Opinion
27 Nov 2017
My brother Lauri Love should have the right to a trial in the UK
Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister Continue Reading
-
E-Zine
23 Nov 2017
CW Nordics: IT companies focus on job satisfaction
The Nordics IT industry’s increasing focus on job satisfaction is paying off. Computer Weekly’s global salary survey shows Nordic IT professionals are happy with their pay and training opportunities and few are actively seeking a new job. Also in this issue, read how there is still gender inequality in the IT sector despite Nordic countries being hailed as pioneers of digital and equal worker rights. And Anna Eriksson, CIO of the Swedish National Land Survey, talks about the organisation’s approach to digital transformation. Continue Reading
-
News
22 Nov 2017
Uber recognises need for consumer trust after breach cover up
New Uber leadership has recognised the importance of consumer trust and that they never should have attempted to cover up a 2016 data breach that affected millions of customers and drivers Continue Reading
-
News
16 Nov 2017
Europe not ready for imminent cyber strikes, say infosec professionals
Information security leaders in Europe believe a major breach of critical infrastructure is coming and that data breaches in their own organisations are imminent – yet most are not ready Continue Reading
-
E-Zine
15 Nov 2017
CW ANZ: On cyber alert
Achieving any form of computer security is an uphill task, costing Australian companies time and money with no prospect of a reprieve any time soon. In this month’s CW ANZ, read about the state of cyber security in Australia, Telstra’s efforts to help enterprises improve their cyber security posture, and how Australian organisations can keep up with the demands of cyber security. Also, find out why unsanctioned cloud apps continue to be a major bugbear among security chiefs in Australia. Continue Reading
-
E-Zine
15 Nov 2017
CW ASEAN: How managed security services help to reduce cyber risk
The growing complexity and volume of cyber threats has led to rising demand for managed security services that provide the capabilities and technological know-how to combat cyber threats. In this month’s issue of CW ASEAN, read more about the pros and cons of using managed security services and considerations you should be aware of. Also, find out what organizations can do to put the odds in their favor when combating cyber threats. Continue Reading
-
E-Zine
09 Nov 2017
CW Benelux: Young wayward hackers could help fill Dutch IT skills gap
In this issue, read how an initiative in Rotterdam is helping young people get into the IT sector by targeting those overlooked by traditional methods. Also find out how Amsterdam’s Schiphol airport is utilising open source software to create and use a multi-cloud platform with an open API, and how the Netherlands’ Rabobank has moved from tape libraries and robotic arms to a platform-based storage and retrieval system. Continue Reading
-
Opinion
08 Nov 2017
A guide for businesses to China’s first cyber security law
Companies that break China’s new cyber security law may be fined or even have their licence to trade in the country removed Continue Reading
-
News
02 Nov 2017
Businesses unprepared for cyber attacks, warn cyber professionals
Businesses are nowhere near prepared enough for a cyber attack, according to a poll of information and security professionals Continue Reading
-
News
01 Nov 2017
Personal data of 46.2 million Malaysia mobile subscribers leaked
The massive data breach is yet another example of a ‘low and slow’ attack that stays dormant inside networks for years, without anyone noticing Continue Reading
-
E-Zine
31 Oct 2017
IT rules the waves in the Volvo Ocean Race
In this week’s Computer Weekly, we go behind the scenes at the Volvo Ocean Race to see the technology connecting fans and organisers to the seven yachts on a 45,000-mile round-the-world voyage. A newly discovered security vulnerability puts every Wi-Fi network at risk of attack – we examine the problem and the solutions. And we find out how the Mercedes F1 team used big data analytics to win this year’s F1 constructors’ championship. Read the issue now. Continue Reading
-
News
31 Oct 2017
Cyber security professionals urged to embrace AI and automation
IBM security intelligence head says professionals should embrace artificial intelligence and automation to ensure they do not become obsolete Continue Reading
-
News
26 Oct 2017
NAO calls on NHS to ‘get its act together’ after WannaCry attack
The NHS could have prevented the WannaCry cyber attack had it followed basic IT security best practice, according to National Audit Office boss Continue Reading
-
News
26 Oct 2017
IOActive warns of security flaws in maritime communication system
Researcher discovers critical security flaws in an Inmarsat maritime communication system, highlighting the cyber risks facing the shipping industry Continue Reading
-
News
25 Oct 2017
Oversight of intelligence agencies’ data sharing has ‘failed’, court hears
UK’s intelligence services lack adequate oversight and written guidelines when sharing databases of sensitive information, Privacy International argues in secret court Continue Reading
-
Opinion
25 Oct 2017
A history of hacking and hackers
A security professional’s view on criminal hacking has shifted away from the traditional stereotype of the hacker, towards a much more diverse cross-section of wider society Continue Reading
-
News
25 Oct 2017
Bad Rabbit malware raises fears of third global ransomware attack
A ransomware attack that has commonalities with WannaCry NotPeya is reportedly hitting organisations in Russia, Ukraine, Turkey, Bulgaria and Germany Continue Reading
-
News
19 Oct 2017
IT security hindering productivity and innovation, survey shows
IT security is hindering productivity and innovation across enterprises, research has revealed Continue Reading
-
News
19 Oct 2017
Infoblox partners with McAfee to combine web and DNS security
Infoblox is to collaborate with McAfee to combine web and DNS security to deliver unified protection Continue Reading
-
News
18 Oct 2017
McAfee forges ahead with analytics, deep learning and AI
McAfee is forging ahead with its innovation efforts in advanced analytics, deep learning and artificial intelligence Continue Reading
-
News
18 Oct 2017
Focus needs to shift to breach impact, says McAfee researcher
Breach investigations commonly focus on the attackers and their motives, but a security researcher believes there needs to be more emphasis on business impact Continue Reading
-
News
17 Oct 2017
RSA’s Middle East cyber security conference gains its own identity
RSA Abu Dhabi conference focuses on region’s cyber security needs as digital technology deployments expand Continue Reading
-
News
17 Oct 2017
UK intelligence agencies ‘unlawfully’ sharing sensitive personal data, court hears
A secret court will decide whether Intelligence agencies are “unlawfully” sharing huge datasets containing sensitive information about the population with industry, government departments and overseas intelligence services. Continue Reading
-
News
16 Oct 2017
Pizza Hut data breach shows need for board control
The poor handling of the data breach by fast food chain Pizza Hut shows that company boards need to take control, a London-based law firm advises Continue Reading
-
News
16 Oct 2017
SMEs more vulnerable than ever to cyber attacks, survey shows
The biggest cyber threat to UK and US small businesses is employees’ weak passwords, as the frequency, intensity and cost of cyber attacks continue to rise, a study has revealed Continue Reading
-
E-Zine
12 Oct 2017
CW Middle East: Internet of things can help Gulf countries to diversify
The Middle East’s push towards economic diversification is driving innovation in internet of things (IoT) applications for emerging services sectors, such as transport and logistics, telecommunications, financial services and tourism. Also read how the Dubai Health Authority is rolling out Salama, a unified electronic medical record (EMR) system, and a survey shows organisations in the Middle East are not offering IT staff enough training and don’t employ enough women in IT. Continue Reading
-
News
11 Oct 2017
Dutch government agreement increasingly focuses on IT security
The coalition government in the Netherlands has agreed its plan for the next four years, with IT security prominent Continue Reading
-
News
10 Oct 2017
Global cyber security collaboration initiative launched in Krakow
Cyber security ecosystems around the world have launched an initiative aimed at strengthening collaboration between regional ecosystems Continue Reading
-
News
05 Oct 2017
Singapore’s public sector finds agility and speed in AWS
City-state’s government has been able to meet peak demands and address security issues through a cloud-based web-hosting platform powered by Amazon Web Services Continue Reading
-
News
04 Oct 2017
How Australia is tackling cyber crime
Telcos such as Telstra and industry associations in Australia are chipping in to help enterprises that are being targeted by cyber criminals with phishing and social engineering exploits Continue Reading
-
Feature
28 Sep 2017
Where the device hits the network – a mobile device management update
As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge Continue Reading