IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
03 Dec 2015
Workday ringfences support in Europe after Safe Harbour ruled unsafe
US cloud HR and financial services provider reponds to Safe Harbour failure by ringfencing European data Continue Reading
-
News
01 Dec 2015
Security analytics needs practical approach, says Fico Ciso Vickie Miller
Analytics must form part of a comprehensive defence-in-depth strategy, according to chief information security officer (Ciso) Vickie Miller at software firm Fico Continue Reading
-
E-Zine
01 Dec 2015
Balancing speed and risk in IT projects
In this week’s Computer Weekly, as IT leaders face boardroom pressure to roll out IT projects ever more quickly, we examine how to do that without running unacceptable risks. Michael Dell talks about how he sees the future for his company when it buys EMC in the largest IT acquisition in history. And we hear from IT chiefs about the challenges of implementing DevOps. Read the issue now. Continue Reading
-
News
26 Nov 2015
Use legal protection to soften cyber attack impact, says Kemp Little
IT outsourcing provides an opportunity for businesses to transfer risk and recover losses from cyber attacks, says law firm Kemp Little Continue Reading
-
News
20 Nov 2015
Coalition of top tech firms opposes weakened encryption
Weakening security with the aim of advancing security simply does not make sense, a coalition of top tech firms tells US president Barack Obama Continue Reading
-
News
18 Nov 2015
Cyber security mindset needs to change, says report
Government organisations are prime targets for cyber attacks, leading to increased importance on robust information security, according to a report by Intel Security and the Digital Government Security Forum Continue Reading
-
News
17 Nov 2015
Irish hospital to offer patient access to records by November 2016
Galway Clinic plans a big-bang launch of its Meditech electronic medical record system, which includes a patient portal and mobile app Continue Reading
-
News
11 Nov 2015
Snoopers’ charter will force ISPs to raise broadband prices
The Science and Technology Select Committee hears that ISPs may be forced to put up their service charges to cover the cost of retaining communications data, should the Investigatory Powers Bill become law Continue Reading
-
Feature
06 Nov 2015
Avoiding security issues when recycling hardware
What are the options for the environmentally and ethically responsible recycling of end-of-life hardware, without compromising data security? Continue Reading
-
News
29 Oct 2015
M&S data breach forces retailer to temporarily suspend service
A glitch that allowed online customers to see each others' details forced retailer Mark & Spencer to take its website offline while it resolved the issue Continue Reading
-
News
28 Oct 2015
Lack of data classification very costly to firms, says survey
Most data retained by organisations is not identified or classified and gobbles budget spent on storage, as well as being potentially non-compliant, reveals Veritas-sponsored survey Continue Reading
-
News
21 Oct 2015
Infosec pros should start preparing for the future, say experts
Information security professionals need to grow their skills, engage with the business, increase security awareness, set business goals and tailor their messages, says a panel of experts Continue Reading
-
Feature
15 Oct 2015
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
News
12 Oct 2015
Encryption is a double-edged sword, says Blue Coat
Seven more security suppliers join Blue Coat encrypted traffic management programme amid fresh warnings of attackers using encryption to hide malicious activity Continue Reading
-
Feature
09 Oct 2015
The security dangers of home networks
Most companies take reasonable steps to protect their networks from virus attacks, but one area of vulnerability that is often overlooked is infection from employees’ home networks Continue Reading
-
Feature
09 Oct 2015
How to ensure strong passwords and better authentication
Five steps to ensure stronger passwords and better authentication to reduce the threat of business data theft Continue Reading
-
News
29 Sep 2015
120-day patching gap puts many firms at risk of cyber attack, study shows
The probability of a vulnerability being exploited hits 90% between 40-60 days after discovery, but many firms are taking up to 60 days beyond that to patch, while others are failing to patch at all, a study shows Continue Reading
-
Feature
25 Sep 2015
How to fully test IT networks for vulnerabilities
Making sure a company network is secure is a very important task, and one that should be scheduled regularly Continue Reading
-
News
21 Sep 2015
Department for Culture, Media and Sport takes over responsibility for data protection policy
Government transfers responsibility for data protection policy and ICO oversight from Ministry of Justice (MOJ) to Department for Culture, Media and Sport (DCMS) Continue Reading
-
News
21 Sep 2015
Health chief 'should be held to account' for whistleblow errors
Former nurse and clincial commissioner Bernie Rochford claims unfair dismissal after blowing the whistle on IT problems which put patient care at risk Continue Reading
-
News
18 Sep 2015
Public-private co-operation in the Nordics tackles growing cyber crime threat
Nordic governments and businesses are putting cyber security at the centre of their planning as threats increase Continue Reading
-
News
16 Sep 2015
BT launches ethical hacking service for bankers
BT introduces a certified Crest Star ethical hacking test service for financial services customers Continue Reading
-
News
15 Sep 2015
Most DDoS attacks hiding something more sinister, Neustar warns
Smaller DDoS attacks can be more dangerous than a powerful attack that knocks a company offline but does not install malware or steal data, warns Neustar Continue Reading
-
News
15 Sep 2015
NHS trust denies bullying and intimidation of IT whistleblower
Managers were already aware of whistleblower's concerns about the accuracy of NHS Southwark's data, tribunal hears Continue Reading
-
News
11 Sep 2015
Security industry welcomes GCHQ password guidelines
GCHQ's guidance on password policy covers some of the most pressing issues facing UK businesses and employees today, according to Skyhigh Networks Continue Reading
-
News
11 Sep 2015
DD4BC cyber extortion gang adds social media to arsenal
Cyber extortion gang DD4BC is using social media campaigns to garner more attention for its ability to create service disruptions by publicly embarrassing large organisations Continue Reading
-
News
10 Sep 2015
Researchers discover Android PIN locker ransomware
Researchers say LockerPIN is a self-defending, aggressive piece of ransomware currently targeting Android devices, mainly in the US Continue Reading
-
News
09 Sep 2015
Security pros failing to address digital certificate risks, survey shows
Even though 90% of security professionals believe a leading CA will be compromised in next two years, only 13% have existing automation to deal with that happening Continue Reading
-
News
09 Sep 2015
Conventional security measures hit productivity, study shows
Most IT professionals say context-aware security would improve productivity without compromising security, a survey from Dell reveals Continue Reading
-
News
09 Sep 2015
Security vulnerability management more than patching, warns Secunia
Keeping track of what makes an IT environment vulnerable is an ongoing and complex task, according to Secunia Continue Reading
-
News
04 Sep 2015
US State Department plans cyber security playbook
The US State Department issues a request for information to determine the capabilities of commercial industry to provide and maintain a cyber security playbook Continue Reading
-
News
01 Sep 2015
DDoS attack on NCA highlights need to be prepared, says Barracuda Networks
A Lizard Squad DDoS attack the NCA says is a fact of life highlights the need for organisations to be prepared, according to Barracuda Networks Continue Reading
-
News
27 Aug 2015
Rapid7 calls on router makers to eliminate backdoors
Until manufacturers stop using default passwords, we will continue to see opportunistic attacks on home and small business routers, says Rapid7's Tod Beardsley Continue Reading
-
News
26 Aug 2015
Many firms not getting to grips with third-party data security risk
Supply chain data security risk is pervasive, but being unable to deal with it is down to basic failings, says a cyber risk expert Continue Reading
-
Opinion
25 Aug 2015
Life’s a breach: How to handle the press after a hacking attack
Emily Dent, specialist in crisis PR, offers some advice to organisations that unexpectedly find themselves in the headlines Continue Reading
-
News
20 Aug 2015
Premiership Rugby scores security and efficiency with Intralinks
By setting access controls, Premiership Rugby can ensure that its partners get quick access only to role-appropriate content Continue Reading
-
News
16 Aug 2015
Mobile phone users at risk as hackers bug and track victims
An investigation by Australian TV show 60 Minutes demonstrates how hackers based thousands of miles away in Germany were able to record the calls of an Australian senator and track his movements Continue Reading
-
News
10 Aug 2015
BlackHat 2015: Industrial hacking - the untold story
Hackers have been penetrating industrial control systems for at least a decade for extortion, yet little is known about how they gain access Continue Reading
-
News
03 Aug 2015
Why the time is ripe for security behaviour analytics
Recent months have seen an uptick in announcements by security suppliers around behavioural analytics, but what is driving this trend? Continue Reading
-
News
29 Jul 2015
A third of employees will sell company data if the price is right, study reveals
For £5,000, a quarter of employees polled said they would sell confidential company data, and risk both their job and criminal convictions Continue Reading
-
News
22 Jul 2015
Jeep hack raises questions about responsibility for security
The hack of a Jeep raises the question whether users or car manufacturers should be responsible for protecting against cyber attackers Continue Reading
-
News
21 Jul 2015
Information security governance maturing, says Gartner
Increasing awareness of the impact of digital business risks, coupled with high levels of publicity regarding cyber security incidents, is making IT risk a board-level issue, says Gartner Continue Reading
-
News
17 Jul 2015
United Airlines begins bug bounty payouts
United Airlines has paid out the maximum award to two hackers, which means the flaws are likely to be remote code execution vulnerabilities Continue Reading
-
News
14 Jul 2015
Symantec bets on simplicity, cloud and mobile
Symantec is not trying to be all things to all people, but is instead focusing on threats and protecting information in the mobile and cloud environments Continue Reading
-
News
03 Jul 2015
Wi-Fi enhances guest experience and profitability for Belgian theme park
Bobbejaanland, one of the largest theme parks in Belgium, is using a Fortinet Wi-Fi network to offer visitors access on the go, and improve its management capabilities Continue Reading
-
News
02 Jul 2015
How Deutsche Telekom plans to challenge AWS and Google in the cloud
German telco Deutsche Telekom wants to evolve into the public cloud and plans to beat sector giants such as Amazon and Google at their own game Continue Reading
-
News
17 Jun 2015
DD4B cyber extortion gang ramps up operations
Cyber criminals using DDoS attacks to extort funds from victims are carrying out more attacks despite a $26,000 bounty Continue Reading
- Guide 30 May 2015
-
Feature
26 May 2015
How to reduce the risk of social engineering attacks
Implement simple checks to reduce the risk of the main types of social engineering attacks Continue Reading
-
News
20 May 2015
BT Openreach turns to Crimestoppers to catch cable thieves
Openreach extends its partnership with crime-fighting charity Crimestoppers to tackle cable theft Continue Reading
-
News
11 May 2015
PSNGB rebrands to drive information sharing across PSN
PSNGB, the trade association set up to promote the Public Services Network, rebrands itself as Innopsis and says its work is far from over Continue Reading
-
News
07 May 2015
Businesses should prepare for black swans, says resiliency consultant
While black swan events are random and unexpected, businesses can still prepare for them, according to a resiliency consultant Continue Reading
-
News
07 May 2015
Future IAM will need to be broader, says Martin Kuppinger
Identity and access management systems need to look at all forms of identity, not just employees or users, says KuppingerCole analyst Continue Reading
-
News
29 Apr 2015
Vodafone sends network in a backpack to Nepal earthquake zone
Vodafone’s charitable arm, the Vodafone Foundation, deploys instant mini networks to help restore communications in quake-hit Nepal Continue Reading
-
Feature
27 Apr 2015
Top tips for remote and mobile workers to improve their cyber security
Steps remote and mobile workers can take to improve cyber security on mobile devices, using public Wi-Fi and computers, and handling USB devices Continue Reading
-
Feature
25 Apr 2015
Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance
Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden Continue Reading
-
News
23 Apr 2015
Mobile malware overhyped, says security company Damballa
Mobile internet users are 1.3 times more likely to get struck by lightning than infected by mobile malware, research by security firm Damballa finds Continue Reading
-
News
22 Apr 2015
Destructive cyber attacks making security a business concern, says Microsoft
Destructive cyber attacks are driving a fundamental shift in the information security market, according to Microsoft Continue Reading
-
News
14 Apr 2015
Security risk potential linked to young, mobile users
A study conducted by wireless supplier Aruba Networks has identified a distinct cohort of high-risk, security-agnostic workers Continue Reading
-
News
08 Apr 2015
Alleged White House hack highlights typical security failings, say experts
The alleged penetration of sensitive White House computer networks highlights typical security failings, say information security experts Continue Reading
-
News
31 Mar 2015
DDoS losses potentially £100k an hour, survey shows
DDoS attacks could expose 40% of businesses to losses of £100,000 or more an hour at peak times, a survey shows Continue Reading
-
News
26 Mar 2015
Samsung targets business with Microsoft tools integration
Samsung has pre-installed Microsoft OneNote, OneDrive, and Skype on the new Galaxy S6 and Galaxy S6 edge, as it expands into business Continue Reading
-
News
26 Mar 2015
UK attacks on crypto keys and digital certificates endemic
All UK security professionals polled in a global survey have responded to attacks on keys and certificates in past two years Continue Reading
-
News
20 Mar 2015
Home devices threaten enterprise data security, warn researchers
Poor or lacking security on ADSL routers and other devices used by teleworkers a threat to global enterprise information security Continue Reading
-
News
13 Mar 2015
Lookout bets on big data analytics to secure enterprise mobiles
Mobile security SaaS provider Lookout is betting on its cloud-based big data analytics capability to attract enterprise customers Continue Reading
-
News
11 Mar 2015
Why IAM is topping security investments in 2015
It is not surprising identity and access management (IAM) is set to move to the fore in 2015 Continue Reading
-
News
06 Mar 2015
How to ensure your hot-desking colleagues keep their data secure
Once hot-desking is implemented, data security suddenly demands greater attention Continue Reading
-
Feature
06 Mar 2015
How to secure the SDN infrastructure
As more enterprises look to deploy software-defined networking, the need for security from the ground up should not be underestimated Continue Reading
-
News
27 Feb 2015
Case study: Norwegian insurer invests in Darktrace machine-learning cyber defence
Shipping insurance company DNK hopes to inspire the rest of the shipping industry to adopt Darktrace’s cyber defence system Continue Reading
-
News
26 Feb 2015
Cloud security still needs a lot more work, say European experts
Security and privacy remain a stumbling block for cloud computing, according to information experts at the Trust in the Digital World conference Continue Reading
-
News
19 Feb 2015
Intel Security warns of six social engineering techniques targeting businesses
An Intel Security report encourages businesses to address and educate employees on “six levers of influence” used by hackers Continue Reading
-
Tip
19 Feb 2015
Five ways to prepare a company board for a cyber breach
Five key things that boards need to do to stop their businesses leaking like sieves and potentially going to the wall Continue Reading
-
News
12 Feb 2015
Damballa report highlights the limitations of prevention-centric security
Anti-virus (AV) suppliers can take more than six months to create signatures for malware, according to a report from security firm Damballa Continue Reading
-
Tip
03 Feb 2015
How to implement risk-based security
Implement a simple process to identify, analyse and prioritise risk without significant investment in time or money Continue Reading
-
Opinion
03 Feb 2015
Five questions every board should ask after Sony Pictures breach
What can the board do to avoid having to answer embarrassing questions at the next shareholder meeting? Continue Reading
-
E-Zine
26 Jan 2015
Why we need cyber war games
In this week’s Computer Weekly, the UK and US are starting a cyber war on each other – all in the name of testing each other’s defences. We look at why the cyber war games are needed. We examine what IT managers can learn from the car industry to improve supplier relationship management. And we find out why innovation should be top of the IT agenda in 2015. Read the issue now. Continue Reading
-
News
16 Jan 2015
Security Think Tank: How to deal with wiper malware
How much should businesses worry about destructive, computer-killing malware, and what steps should they take to mitigate attacks? Continue Reading
-
News
16 Jan 2015
FTSE 350 firms still have long way to go on cyber risk
Many FTSE 350 firms still have a long way to go to manage the risks of a cyber attack, a government-backed cyber governance health check has revealed Continue Reading
-
News
12 Jan 2015
Attackers bypass conventional security, says FireEye study
Hackers breach most conventional, signature-based security technologies, with 27% involving advanced threats Continue Reading
-
News
06 Jan 2015
Online money transfer provider Xoom suffers multimillion-dollar fraud
Digital money transfer provider Xoom has admitted to suffering a $30.8m loss at the hands of fraudsters Continue Reading
-
News
23 Dec 2014
What might North Korea v US cyberwarfare over Sony mean for other corporates?
North Korea behind Sony attack and US counter-penetration -- what now, asks SearchCIO's Francesca Sales. Continue Reading
-
News
18 Dec 2014
CIO interview: Mercedes AMG Petronas IT director on the need for speed in IT
When Matt Harris became IT director for F1 team Mercedes AMG Petronas in 2009, IT costs needed to be slashed Continue Reading
-
News
17 Dec 2014
Cabinet Office begins procurement for next stage of Gov.uk Verify
The Cabinet Office has submitted a tender notice for a £150m three-year framework for the provision of identity assurance services Continue Reading
-
News
04 Dec 2014
Sony hack exposes poor security practices
Sony Pictures Entertainment remains tight-lipped about its recent cyber attack, but security lessons can be drawn from what is known Continue Reading
-
News
28 Nov 2014
CGI secures communications between pilots and air traffic control
Satellite communications firm Inmarsat has outsourced the provision of security IT and services to CGI Continue Reading
-
News
27 Nov 2014
BSI urges UK businesses to bolster cyber security
UK businesses are at risk of reputational damage due to lack of awareness on how to protect their data assets, BSI research shows Continue Reading
-
News
21 Nov 2014
Russian webcam-spying site highlights common security failing
A Russian website collecting images from internet-connected cameras highlights a common security failing, say security professionals Continue Reading
-
News
19 Nov 2014
Microsoft releases emergency security patch for Windows and Windows Server
Microsoft emergency patch fixes a Windows and Windows Server vulnerability hackers are exploiting to compromise networks Continue Reading
-
News
11 Nov 2014
Network firewalls as relevant to data security as ever, says industry pioneer Gil Shwed
Network firewalls are as relevant to data security today as they were 20 years ago, says industry pioneer Gil Shwed Continue Reading
-
News
07 Nov 2014
Home Depot traces credit card data hack to supplier compromise
US retailer Home Depot reveals its recent data breach was linked to a compromised supplier’s credentials Continue Reading
-
News
30 Oct 2014
Many firms still unprepared for cyber attack, EY survey shows
More than a third of organisastions have no real-time insight on cyber risks necessary to combat rising threats, a survey has shown Continue Reading
-
News
30 Oct 2014
Firms at serious risk of data loss through file sharing, study shows
Businesses are at serious risk of data loss and compliance violations due to risky file-sharing practices, a study has shown Continue Reading
-
News
28 Oct 2014
Most businesses do not understand risks of data breaches, study finds
More than 70% of businesses do not understand fully the risks associated with data breaches, a study shows Continue Reading
-
News
27 Oct 2014
Incident response: a common failing
Organisations hit by cyber attacks often lack an effective incident response plan. Why are so many unprepared? Continue Reading
-
News
27 Oct 2014
Cloud providers rush to build European datacentres over data sovereignty
Cloud providers IBM and Google build datacentres in the EU as enterprises insist on keeping their data in Europe Continue Reading
-
E-Zine
27 Oct 2014
Securing critical industrial systems
In this week’s Computer Weekly, we examine the security threats to the industrial control systems that power the UK’s critical national infrastructure, and ask what can be done to better protect them. We look at the key considerations when choosing an infrastructure as a service supplier. And we compare six of the top hybrid flash array products from the leading storage hardware providers. Read the issue now. Continue Reading
-
News
16 Oct 2014
UK is prime target for cyber attacks, says FireEye
The UK has been greatest target of advanced cyber attacks in Europe, the Middle East or Africa in the first half of 2014, report shows Continue Reading
-
News
15 Oct 2014
Industrial control systems: What are the security challenges?
Targeted attacks on industrial control systems are the biggest threat to critical national infrastructure, says Kaspersky Lab Continue Reading
-
News
10 Oct 2014
Azure CTO Mark Russinovich's top ten public cloud security risks
Microsoft Azure cloud CTO Mark Russinovich identified ten key security risks of public cloud services Continue Reading
-
News
09 Oct 2014
WordPress most attacked application
Websites that run the WordPress content management system are attacked 24% more often than those using other systems Continue Reading