IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
News
28 Jul 2016
UK’s top security judges struggle to assess privacy threats
Technological advancements make it difficult for the Investigatory Powers Tribunal to assess privacy threats, say the tribunal’s own judges Continue Reading
-
News
26 Jul 2016
Date set for landmark hearing into EU-US data transfers
Irish court hearing triggered by Austrian law student Max Schrems could have huge implications for EU-US trade and the data privacy rights of millions of EU citizens Continue Reading
-
News
19 Jul 2016
Carbon Black bets on next-generation antivirus
Carbon Black is betting on next-generation antivirus technology by acquiring Confer to extend the capability and appeal of its endpoint protection offerings Continue Reading
-
News
19 Jul 2016
Case study: Rémy Cointreau boosts security and productivity
Drinks firm Rémy Cointreau uses Centrify’s identity and mobile management to simplify security, improve business agility and reduce IT costs Continue Reading
-
News
14 Jul 2016
Cyber attacks cost UK business more than £34bn a year, study shows
Nearly half of UK firms lack advanced cyber defences, despite the high level of concern about cyber attacks and associated costs Continue Reading
-
News
12 Jul 2016
IBM sets up security centre in Canberra
IBM leads the charge as large private businesses invest heavily in security resources across Australia in an attempt to close the security gap Continue Reading
-
E-Zine
07 Jul 2016
CW ASEAN: July 2016
Lessons from the Philippine government hack: In this issue we ask why a hack on the Philippine Commission on the Elections (Comelec) was allowed to happen and what organisations in Southeast Asia can learn from this breach of security. Retailers in the region are concerned – read how the theft of customer data is their biggest worry. Continue Reading
-
E-Zine
07 Jul 2016
CW ANZ: July 2016
Australia knows it has a cyber security problem, but not the scale. In this month’s CW ANZ we describe how Australia's $230m security strategy serves as a wake-up call to enterprises. We also reveal the techniques and technologies being used to protect one Australian school, as well as a more general look at the main cyber threats to orgainsations in Australia. Read the issue now. Continue Reading
-
Feature
07 Jul 2016
The problem of passwords and how to deal with it
Security experts have long recognised passwords as inadequate, but finally technology is offering some viable alternative authentication methods that businesses can explore to keep their data safe Continue Reading
-
News
06 Jul 2016
UK's Darktrace aims to lead the way to automatic cyber security
Darktrace hopes to be a leader in the move to automated cyber security to free up security professionals to focus on business risk and innovation Continue Reading
-
E-Zine
05 Jul 2016
How will UK IT adapt after Brexit?
In this week’s Computer Weekly, as the aftershocks continue from the UK’s decision to leave the European Union, we look at the implications and challenges for the UK technology community. Our latest buyer’s guide examines expense management software. And IT leaders discuss ethics in IT and debate the question – can you trust your technology? Read the issue now. Continue Reading
-
News
30 Jun 2016
LizardStresser IoT botnet launches 400Gbps DDoS attack
Attack groups using the LizardStresser botnet are exploiting IoT devices to mount massive DDoS attacks without using amplification techniques, say researchers Continue Reading
-
News
29 Jun 2016
Lauri Love using illness as a shield against extradition, claims prosecution
Prosecution lawyer questions whether activist Lauri Love is not fit enough to stand trial in the US over hacking charges,as expert witnesses warn that US prisons are ill-equipped for people with mental health problems. Continue Reading
-
News
28 Jun 2016
Lauri Love suicide risk if extradited to US over hacking allegations
Westminster Magistrates’ Court hears evidence from medical experts that alleged hacker Lauri Love is at risk of suicide if extradited to the US Continue Reading
-
News
21 Jun 2016
Cyber security industry mostly welcomes report on TalkTalk breach
Most of the recommendations of a government committee inquiry into the TalkTalk breach have been welcomed, but pundits have expressed reservations about some, particularly proposed new fines Continue Reading
-
News
20 Jun 2016
Lower average cost of Australian data breaches is not a sign of comfort
The average cost of a data breach to Australian organisations dropped in 2015, according to research Continue Reading
-
E-Zine
14 Jun 2016
The password’s the problem – lessons from the LinkedIn breach
In this week’s Computer Weekly, after millions of LinkedIn users had their data compromised, we look at the lessons to be learned from this latest data breach incident. Our buyer’s guide looks at NoSQL technologies and compares the offerings from database leaders Microsoft and Oracle. And we examine the benefits of cloud-based data analytics and how to make it work for your organisation. Read the issue now. Continue Reading
-
News
13 Jun 2016
EU firms slow in detecting cyber attacks, study shows
European firms take an average of 469 days to discover a compromise, compared with an average of 146 days globally, according to Mandiant Continue Reading
-
News
12 Jun 2016
Philippines government data breach is a warning to Asean region
Security is a rising concern in the Asean region, with fears fuelled by incidents such as the recent hacking incident in Manila Continue Reading
-
News
10 Jun 2016
IoT security: Lack of expertise will hurt, says Bruce Schneier
Government action at national and international levels is essential for addressing IoT security issues, but the relevant expertise is lacking, according to security expert Bruce Schneier Continue Reading
-
News
07 Jun 2016
Millions of sensitive IT services exposed to the internet, study finds
Encryption should become the default as study reveals millions of sensitive services are exposed to the internet, says Rapid7 Continue Reading
-
News
01 Jun 2016
MPs’ private emails are routinely accessed by GCHQ
Computer Weekly investigation reveals the extent of interception of MPs’ and peers’ email communications and data Continue Reading
-
Feature
01 Jun 2016
My first IoT project: A guide for businesses
We’ve all had a good giggle about having our fridges hacked – but now it’s time to get real. What are the first steps enterprises should take when implementing their first internet of things project? Continue Reading
-
News
20 May 2016
NHS data security standards to be designed around technology, people and processes
The Care Quality Commission’s delayed review of NHS data security standards will encourage NHS organisations to have senior information risk owners and Caldicott Guardians at board level Continue Reading
-
E-Zine
20 May 2016
CW Benelux: May-July 2016
Welcome to the Computer Weekly ezine focused on the Benelux region. This quarterly publication will look at the issues facing CIOs in Belgium, the Netherlands and Luxemburg. Continue Reading
-
News
19 May 2016
Lessons from LinkedIn data breach revelations
There are several important lessons to be learned from revelations about LinkedIn's 2012 data breach, say security experts Continue Reading
-
E-Zine
17 May 2016
Countdown begins to new EU data protection rules
In this week’s Computer Weekly, with the new EU data protection rules ready to become law, firms now have just two years to prepare for the stringent regulations – we assess the challenges. Manufacturing giant Rolls-Royce talks about why it moved its HR systems to the cloud and the lessons it learned. And we look back at 50 years of technology innovation in storage. Read the issue now. Continue Reading
-
News
13 May 2016
Time to shift information security focus away from prevention, says Swiss bank CISO
Organisations need a new approach which recognises security is “breakable”, according to Michael Meli Continue Reading
-
News
09 May 2016
Australian health sector an easy target for cyber criminals, says IBM
A push to encourage greater adoption of electronic health records has raised the spectre of online record theft Continue Reading
-
News
06 May 2016
Ransomware emerges as a top cyber threat to business
Security researchers at Kasperky Lab and FireEye confirm that the upward trend of ransomware is continuing and has emerged as a top threat to business Continue Reading
-
News
29 Apr 2016
Cyber security in Belgium will gain prominence after terror attacks
Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up? Continue Reading
-
News
28 Apr 2016
Payment card industry issues data security standard update
PCI DSS version 3.2 introduces six new requirements for compliance, some additional guidance and a raft of clarifications Continue Reading
-
News
27 Apr 2016
IPv6 alone will not secure IoT, warns GE CISO
It is important for all users of the internet of things to understand what they are getting into with IPv6, and to be aware of the risks and myths, says GE CISO Hanns Proenen Continue Reading
-
News
26 Apr 2016
Business failing to learn lessons of past cyber attacks, report shows
Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals Continue Reading
-
News
21 Apr 2016
GCHQ told analysts to assume surveillance 'bulk data' is legal
Documents obtained by charity Privacy International reveal insights into GCHQ’s collection of sensitive bulk data, as lawyers question the impact of surveillance on legal privilege, fair trials and protection of whistleblowers Continue Reading
-
E-Zine
19 Apr 2016
The hunters who prey on cyber criminals
In this week’s Computer Weekly, we talk to the hunters – a new breed of security expert that proactively hunts down cyber attackers before they can strike. We visit Silicon Valley to meet some of the up-and-coming startups in data analytics and business intelligence. And we hear from IT leaders about the people, process and cultural aspects of managing digital transformation. Read the issue now. Continue Reading
-
News
19 Apr 2016
Employees’ use of personal devices puts firms at risk of malware infection, says report
Downloaders care about their own security while grabbing pirated content, not that of their employers Continue Reading
-
News
15 Apr 2016
Israeli volunteers ready their cyber defences as Anonymous affiliates attack
Every April, Israel braces itself for an onslaught from pro-Palestinian hackers, but the occupants of a small conference room in Tel Aviv stand in their way Continue Reading
-
News
15 Apr 2016
BBC turns micro:bit computers into IoT devices
The BBC and Nominet demonstrate a new use case for the micro:bit computer and hope to turn Britain’s schoolchildren into internet of things pioneers Continue Reading
-
News
13 Apr 2016
NCA attempts 'back door' access to obtain activist Lauri Love’s passwords
Court told that use of civil proceedings to force disclosure of alleged hacker Lauri Love's passwords is disproportionate and would breach human rights law Continue Reading
-
News
11 Apr 2016
QA launches cyber attack defence training facility in London
Training firm QA launches a cyber attack simulation facility in London to enable organisations to test and learn cyber defence skills Continue Reading
-
News
11 Apr 2016
Activist Lauri Love faces order to disclose encryption keys
The UK’s National Crime Agency takes an unusual legal step to force a former university student accused of hacking to disclose encryption keys Continue Reading
-
News
11 Apr 2016
IT specialist sentenced for stealing NHS computer equipment
A former NHS IT worker is convicted of stealing hospital computer equipment from Doncaster and Bassetlaw Hospitals NHS Foundation trust and selling them on eBay Continue Reading
-
News
05 Apr 2016
'Citizens will be stripped naked' by Turkey’s data law
Turkey's data protection law, introduced in March 2016, will make Turkey a near total surveillance state, yet the EU, apparently more concerned about securing Turkey's help in controlling immigration, is turning a blind eye Continue Reading
-
News
31 Mar 2016
DDoS attacks on universities normally performed by “disgruntled” students or employees
The majority of distributed denial of service attacks on universities are made by students or employees, says the head of infrastructure services at the University of London Continue Reading
-
News
30 Mar 2016
Security should be driven by business, says Corvid’s Andrew Nanson
Information security should be business-driven and investments assessed for their effectiveness and business value, according to Corvid CTO Continue Reading
-
News
29 Mar 2016
Cyber criminals use Microsoft PowerShell in ransomware attacks
A newly discovered family of ransomware, dubbed PowerWare, uses Microsoft PowerShell to target organisations through macro-enabled documents Continue Reading
-
Feature
29 Mar 2016
Hunters: a rare but essential breed of enterprise cyber defenders
They wait, they watch, they search the outer reaches of networks and the darkest corners of the web, setting traps, crafting tools, collecting evidence and going in pursuit: they are the hunters Continue Reading
-
News
24 Mar 2016
Government warned of smart meter security threat back in 2012
The government was warned four years ago that its plans for a nationwide smart meter roll-out represented a “potentially significant” security and privacy threat, Computer Weekly has learned Continue Reading
-
News
23 Mar 2016
US hospital claims to have fought off a ransomware attack
A hospital in Kentucky claims to have regained control of its IT systems five days after cyber criminals hit it with a ransomware attack Continue Reading
-
Feature
23 Mar 2016
How to manage IT access for external users
Identity and access management has extended from being solely an internal IT management process to focus on external business engagement too Continue Reading
-
News
21 Mar 2016
Britain to pay billions for monster internet surveillance network
New questions raised about Britain’s snoopers’ charter after Denmark abandons its own UK-style surveillance programme for a second time Continue Reading
-
News
21 Mar 2016
National Cyber Security Centre to be UK authority on information security
The UK’s National Cyber Security Centre (NCSC) is to be the UK's one-stop authority on infosec, based in London and led by GCHQ's Ciaran Martin Continue Reading
-
News
18 Mar 2016
Australian girls believe online harassment is endemic
There are clear signals that online threats against women and attempts to invade their privacy are becoming societal norms in Australia Continue Reading
-
E-Zine
15 Mar 2016
Robots at your service
In this week’s Computer Weekly, we find out how financial services firms are investing in artificial intelligence to create robo-advisors to help customers with financial advice online. We ask if virtual reality is ready for mainstream business adoption or is still just an over-hyped technology. And we examine the key steps needed to successfully build smart cities using internet of things and networking technologies. Read the issue now. Continue Reading
-
Feature
15 Mar 2016
IAM is the future for managing data security
Why identity and access management is taking centre stage in companies’ access policies Continue Reading
-
News
09 Mar 2016
Lack of security knowledge limiting business initiatives, survey shows
Security concerns are limiting the adoption of cloud and mobility throughout organisations, according to the first Dell Data Security Survey Continue Reading
-
Opinion
08 Mar 2016
Security Think Tank: Many breaches down to poor access controls
In the modern business environment, what are the most common access control mistakes – and how best are these corrected? Continue Reading
-
E-Zine
08 Mar 2016
Building datacentres under the sea
In this week’s Computer Weekly, we look at Microsoft’s trial of an underwater datacentre and assess the technology and environmental implications of running cloud services under the sea. As PC suppliers build new products around Windows 10, we ask if the desktop PC is set to be reinvented. And with ransomware on the rise, we examine the threat of cyber extortion. Read the issue now. Continue Reading
-
Opinion
07 Mar 2016
The problem with passwords: how to make it easier for employees to stay secure
An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading
-
Opinion
03 Mar 2016
Security Think Tank: Top five access control mistakes
In the modern business environment, what are the most common access control mistakes and what is the best way to correct them? Continue Reading
-
E-Zine
01 Mar 2016
Protecting the UK from cyber attacks
In this week’s Computer Weekly, we talk to the National Crime Agency’s top cyber cop, Sarah Goodall, about how the police are tackling IT security threats against the country through global collaborations. We ask CIOs for their tips on building an IT strategy for the digital age. And we review the big six storage suppliers’ plans for all-flash arrays. Read the issue now. Continue Reading
-
News
26 Feb 2016
Nissan acts on Leaf car app security flaw after researcher goes public
Nissan suspends its electric car app after a researcher went public about a security flaw that could enable attackers to take control of heating systems Continue Reading
-
News
25 Feb 2016
Cyber crime is fastest growing economic crime, says PwC report
More than half of UK organisations say they expect to be the victim of cyber crime in the next two years, suggesting it will become the UK’s largest economic crime, says a PwC report Continue Reading
-
E-Zine
23 Feb 2016
Surviving broadband failure
In this week’s Computer Weekly, after the recent BT broadband outage, we examine the options to keep your communications in place in the event of a failure, to ensure business continuity. We look at the prospects for the OpenStack open source cloud platform in the enterprise. And we see how Ireland is making progress on delivering a digital health service. Read the issue now. Continue Reading
-
News
23 Feb 2016
Social engineering confirmed as top information security threat
Cyber attackers shifted away from automated exploits in 2015 and instead tricked people into doing the dirty work, Proofpoint researchers found Continue Reading
-
News
19 Feb 2016
HSBC launches biometric security for mobile banking in the UK
Bank claims UK’s largest planned roll-out of voice biometric security technology, with more than 15 million customers in line for voice and fingerprint authentication services Continue Reading
-
E-Zine
18 Feb 2016
CW Europe: February 2016
In Europe cloud is restricted and hybrid setups make use of local compute and storage. Continue Reading
-
News
16 Feb 2016
EU managers need to up cyber security collaboration, study finds
There is still much work to be done in the area of collaboration and sharing responsibility when it comes to preventing data breaches, a study has found Continue Reading
-
E-Zine
16 Feb 2016
How AstraZeneca saved $350m by insourcing IT
In this week’s Computer Weekly, we talk to pharmaceutical giant AstraZeneca to find out why it brought its outsourced IT back in-house, and how it saved $350m per year as a result. As the data protection debate rages around Europe, we ask if the new EU/US Privacy Shield agreement will protect citizens’ data. And we examine the relative merits of datacentre colocation and the cloud. Read the issue now. Continue Reading
-
News
12 Feb 2016
US IT professionals overconfident in cyber attack detection, study finds
Most US IT professionals are confident in key security controls to detect cyber attacks – but unsure how long it would take automated tools to discover a breach Continue Reading
-
News
11 Feb 2016
Social engineering is top hacking method, survey shows
Social engineering tops the list of popular hacking methods, underlining the need for continuous monitoring, according to security firm Balabit Continue Reading
-
E-Zine
09 Feb 2016
How software protects people
In this week’s Computer Weekly, we find out how software is helping to maintain safety in high-risk sectors like oil & gas, aerospace and healthcare – and what lessons they hold for other organisations. We offer six tips from CIOs for innovation with data. And after the HSBC cyber attack, we examine the continuing threat to businesses from distributed denial of service (DDoS) attacks. Read the issue now. Continue Reading
-
News
01 Feb 2016
DDoS is most common cyber attack on financial institutions
January’s attack on HSBC is typical for the financial sector, but no business should consider itself unlikely to be targeted in this way, say security experts Continue Reading
-
News
29 Jan 2016
HSBC online services hit by DDoS attack
HSBC was hit by a distributed denial of service (DDoS) attack, which targeted its online personal banking services. Continue Reading
-
News
29 Jan 2016
ICO launches data privacy assessment tool for SMEs
The ICO has launched an online self-assessment tool to help SMEs to comply with data protection laws and improve data handling procedures Continue Reading
-
News
28 Jan 2016
Business urged to take action on data privacy
Security professionals use Data Protection Day to encourage businesses to do more to protect personal data Continue Reading
-
News
27 Jan 2016
Keep data safe or risk financial impact, ICO warns business
The knock-on effect of a data breach can be devastating for a company, warns information commissioner Christopher Graham Continue Reading
-
News
27 Jan 2016
Average DDoS attacks fatal to most businesses, report reveals
Criminal activity is top motivation for DDoS attacks as average attacks become strong enough to down most businesses, Arbor Networks report reveals Continue Reading
-
E-Zine
26 Jan 2016
Beyond India – the emerging outsourcing destinations
In this week’s Computer Weekly, we look at the growing number of offshore alternatives to the dominant outsourcing destination of India and assess their relative merits. We examine how to respond if your organisation is affected by a data breach. And we analyse how virtualisation technology can help improve your disaster recovery strategy. Read the issue now. Continue Reading
-
E-Zine
21 Jan 2016
CW Europe - January 2016
This month, CW Europe looks in-depth at an issue that is set to affect people across all 28 European Union member states – the abolition of mobile roaming charges, set for mid-2017. Continue Reading
-
News
19 Jan 2016
Most Android devices running outdated versions
Nearly a third of Android devices in enterprises today are running version 4.0 or older of the operating system, leaving them highly susceptible to vulnerabilities, a study shows Continue Reading
-
E-Zine
19 Jan 2016
Is government surveillance going too far?
In this week’s Computer Weekly, as the UK prepares new laws on surveillance and data collection, we hear from security experts on the challenges of balancing privacy and security and their insider view on GHCQ and the NSA. We examine the growing threat of ransomware and how to tackle it. And we look at the implications of new EU data protection rules. Read the issue now. Continue Reading
-
News
18 Jan 2016
Chinese university targeted by Islamic State hacktivist
Beijing’s Tsinghua University is the latest organisation to be attacked by hackers with a social or political agenda Continue Reading
-
News
13 Jan 2016
UK not involved in mass surveillance, says Theresa May
Coffee shops and libraries could be the target of interception warrants, Theresa May tells MPs and peers Continue Reading
-
News
13 Jan 2016
Watchdog urges US nuclear agency to close cyber security gaps
An audit report has called on the US nuclear agency to revise its IT contracts to ensure better cyber security Continue Reading
-
News
12 Jan 2016
Police take action against cyber extortion gang DD4BC
Police have made one arrest and gathered evidence in searches of properties in an international operation aimed at cyber extortion gang DD4BC Continue Reading
-
News
06 Jan 2016
UK IoT research hub opens with support from academic world
A consortium of nine UK universities have come together to work alongside the Engineering and Physical Sciences Research Council on research into the internet of things Continue Reading
-
News
06 Jan 2016
Upgrade to Internet Explorer 11 to reduce risk
Failure to update to the latest version of Internet Explorer by 12 January 2016 could put users at risk, Microsoft warns Continue Reading
-
Feature
05 Jan 2016
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
News
31 Dec 2015
Top 10 internet of things stories of 2015
2015 was the year the internet of things began to move from theory to widespread practice, and the fledgling industry shook off the millstone of connected kitchen appliances Continue Reading
-
News
24 Dec 2015
Top 10 IT security stories of 2015
Computer Weekly looks back at the most significant stories on IT security in the past 12 months Continue Reading
-
News
23 Dec 2015
Top 10 cyber crime stories of 2015
Computer Weekly takes a look back at the top cyber crime stories of 2015 Continue Reading
-
News
11 Dec 2015
UK firms act quickly to fix payment card data encryption
Security firm found that 16 global companies had failed to effectively encrypt traffic to the payment portion of their websites and apps Continue Reading
-
Feature
10 Dec 2015
How to deal with the aftermath of a data breach
Considering that a data breach could happen to any company, at any time, a plan of action is the best tactic Continue Reading
-
Feature
10 Dec 2015
Disaster recovery planning: Where virtualisation can help
The disaster recovery planning process is not fundamentally technology-centric, so when can virtualisation make it quicker and easier to restore services after an unplanned outage? Continue Reading
-
E-Zine
08 Dec 2015
The most influential people in UK IT 2015
In this week’s Computer Weekly, we announce our sixth annual UKtech50 list of the 50 most influential people in UK IT, and talk to this year’s winner – BT chief executive Gavin Patterson, about the challenges facing the telecoms giant in 2016. Also, we find out how the genomics industry is pushing big data technology to its limits. Read the issue now. Continue Reading
-
Feature
07 Dec 2015
The next stage in quantum key distribution
Authentication schemes based on quantum physics are emerging to address the growing number of ways to compromise data traffic Continue Reading
-
News
07 Dec 2015
Cyber attacks an increasing concern for Asean countries
Organisations in the Association of Southeast Asian Nations are increasingly the targets for cyber criminals, according to a report focused on the region Continue Reading
-
Guide
07 Dec 2015
Essential guide to data breaches, the dark web and the hidden data economy
In this guide, we look at the aftermath of a data breach - what do cyber criminals use that stolen data for, and what can companies do to avoid becoming a victim? Continue Reading