IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
Photo Story
15 Oct 2013
10 security reasons to upgrade to iOS 7
Even if it did not include numerous security fixes, iOS 7 has compelling reasons for corporates to adopt it to improve their security Continue Reading
-
News
15 Oct 2013
D-Link begins fixing router backdoor
D-Link has begun releasing security patches to close the backdoor discovered on some of its routers Continue Reading
-
Opinion
03 Oct 2013
Privacy concerns in the digital world
Considering the full spectrum of privacy, people need to ask themselves if they are comfortable with all their characteristics in the public domain Continue Reading
-
News
02 Oct 2013
McAfee Focus 2013: McAfee leadership upbeat about Stonesoft acquisition
Intel-owned security firm McAfee is upbeat about its acquisition of Stonesoft and its future capability to tackle security differently Continue Reading
-
News
01 Oct 2013
IT security industry still immature, says (ISC)2 board member
The information security industry is still immature and failing to act or speak as one, says Dave Lewis, (ISC)2 board member Continue Reading
-
News
30 Sep 2013
MoD announces specialist programme to fend off cyber attacks
The Ministry of Defence (MoD) has announced a strategy to defend UK national security from the threat of cyber attacks Continue Reading
-
News
27 Sep 2013
Top 10 cyber crime stories of 2013
Cyber crime featured heavily in security news coverage in 2013, with cyber criminals and cyber law enforcers upping their games with each passing month Continue Reading
-
News
27 Sep 2013
Software acquisition is risk acquisition, says industry panel
New software often means new security vulnerabilities, panel tells the (ISC)2 Security Congress 2013 Continue Reading
-
News
26 Sep 2013
Small businesses must encrypt customer data, says ICO
The Information Commissioner’s Office (ICO) urges small businesses to encrypt customer data after a sole trader was fined for failing to do so Continue Reading
-
News
23 Sep 2013
US websites should inform EU citizens about NSA surveillance, says report
US web site providers should inform European citizens that their data may be subject to government surveillance, says a report for the European parliament Continue Reading
-
News
19 Sep 2013
NSA reveals how Snowden accessed secret Prism files
Prism whistleblower Edward Snowden accessed secret documents through a file-share, the NSA has revealed Continue Reading
-
News
09 Sep 2013
Lloyds website continuity hit as TSB launches
Lloyds Banking Group websites, including the new standalone TSB, have been hit by problems on TSB launch day Continue Reading
-
News
06 Sep 2013
NSA and GCHQ unlock online privacy encryption
UK and US intelligence agencies have unlocked the technology used to encrypt online services, including email, online banking and medical records. Continue Reading
-
News
05 Sep 2013
Windows 2012 Server Network Security
This book chapter offers an introduction to Windows 8 and Windows Server 2012 network security and IPv6. It includes a 30% discount code for Computer Weekly readers. Continue Reading
-
News
05 Sep 2013
Windows Server 2012 Security from End to Edge and Beyond
This extract from the book Windows Server 2012 Security from End to Edge and Beyond shows you how to plan your platform security requirements and gives you the critical questions to ask. Continue Reading
-
News
05 Sep 2013
Printing: a false sense of security?
Louella Fernandes and Bob Tarzey show how secure printing technology can provide authentication, authorisation and accounting capabilities, helping businesses improve document security and meet compliance regulations. Continue Reading
-
News
03 Sep 2013
Disinfecting PCs false security, says security expert
Many companies proud of their ability to identify and clean malware infected machines are missing a trick, says veteran security expert Continue Reading
-
News
23 Aug 2013
Box.com forges new cloud security model
Service providers and consumers need to move to a security model better suited to the cloud computing, says Box.com Continue Reading
-
News
21 Aug 2013
Case study: Keeping it private at Beth Israel Deaconess after the Boston Marathon Attacks
Doctor and healthcare CIO shares his lessons learned from the Boston Marathon attacks and how to protect patient data Continue Reading
-
News
20 Aug 2013
Targeted attacks and how to defend against them
Analysts Bob Tarzey and Louella Fernandes assess the scale and real impact of targeted attacks the measures being taken to defend against them. Continue Reading
-
Opinion
14 Aug 2013
How to appoint a new outsourcing supplier
Outsourcing can come with its own security risks if not managed appropriately, making due diligence and clear contractual arrangements key Continue Reading
-
Opinion
13 Aug 2013
The dangers of internet cafés
Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay Continue Reading
-
Opinion
13 Aug 2013
The data fragmentation challenge
Few organisations have policies to guide where data should and should not be stored. The result: data fragmentation Continue Reading
-
Opinion
30 Jul 2013
The ideology of hacking
Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information Continue Reading
-
Feature
30 Jul 2013
Big data journalism exposes offshore tax dodgers
How journalists harnessed big data to challenge offshore financial secrecy Continue Reading
-
Feature
29 Jul 2013
An introduction to cyber liability insurance cover
Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists Continue Reading
-
News
29 Jul 2013
Continual vigilance key to security, says Damballa
UK businesses must update their approach to cyber security to look for signs of compromise continually Continue Reading
-
News
25 Jul 2013
MI5 and GCHQ call for FTSE 350 cyber health check
Intelligence agencies MI5 and GCHQ call on UK’s top listed companies to take part in a cyber governance health check Continue Reading
-
News
22 Jul 2013
Insider threat: Balancing security with privacy
How can organisations increase security without affecting productivity or encroaching on employees’ right to privacy? Continue Reading
-
News
19 Jul 2013
Facebook to acquire UK startup Monoidics
Facebook is to acquire UK startup Monoidics, which makes code verification and analysis tools and specialises in detecting coding errors Continue Reading
-
News
19 Jul 2013
IT security case studies
Four critical IT security case-studies selected from the winners of Computer Weekly's European User Awards for security Continue Reading
-
News
18 Jul 2013
Needle in a Datastack: The rise of big security data
This research from McAfee investigates how well organisations are positioned to address the challenges of managing security in a world of ever increasing amounts and types of data. Continue Reading
-
News
17 Jul 2013
2013 Cost of Data Breach Study: UK
The cost of data breaches has risen for UK organisations over the past year, the Ponemon Institute reveals. Continue Reading
-
News
17 Jul 2013
Security Think Tank Download: Bring your own device
Downloadable guide. How to make your company secure when you introduce BYOD. Continue Reading
-
News
17 Jul 2013
IT Security Case Studies
Warwick Ashford presents 4 essential IT security case-studies selected from the winners of Computer Weekly's European User Awards. Continue Reading
-
News
16 Jul 2013
More than one-fifth of UK firms hit by DDoS attacks in 2012
More than a fifth of UK firms experienced a disruptive distributed denial of service (DDoS) attack in 2012 Continue Reading
-
News
11 Jul 2013
Protecting against modern password cracking
This article in our Royal Holloway Security Thesis series explains just how insecure passwords are and offers advice on alternative methods of security. Continue Reading
-
News
11 Jul 2013
Security visualisation
This article in our Royal Holloway Information Security Thesis series shows how to generate a visual representation of a dataset and use visualisation in the evaluation of known security vulnerabilities. Continue Reading
-
News
09 Jul 2013
Will cloud services follow the evolution of the banking industry?
Cloud service providers say security will become the very reason companies choose cloud services in future Continue Reading
-
News
08 Jul 2013
UK takes cyber threats to infrastructure seriously
The UK is taking seriously potential cyber threats to critical national infrastructure, according to GCHQ head Iain Lobban Continue Reading
-
News
02 Jul 2013
Security Think Tank: Prism – Sitting duck or elaborate honeypot?
Does the data collected by Prism put the US Government at risk from other state or non-state sponsored activists? Continue Reading
-
News
25 Jun 2013
BES extends MDM to Android and iPhones
Aiming to rekindle interest in the Blackberry Enterprise Server (BES), Blackberry has extended the platform to support Android and iOS Continue Reading
-
News
21 Jun 2013
UK businesses failing to secure virtual environments, study finds
Most UK businesses are failing to secure data in virtual environments, a survey of IT decision makers has revealed Continue Reading
-
Opinion
18 Jun 2013
The challenges of information governance in our increasingly litigious age
Formulating the right enterprise-wide information governance policies is essential in heading off potential legal and compliance costs Continue Reading
-
News
10 Jun 2013
Telefonica Digital forms security group Eleven Paths
The business division of mobile operator Telefonica launches Eleven Paths, an independent company working on security issues in the workplace Continue Reading
-
Feature
10 Jun 2013
Manage identity and access to improve business processes
Streamlining identity and access management is essential to exploiting your organisation’s assets and employees’ productivity. Continue Reading
-
News
05 Jun 2013
Human error causes most data breaches, Ponemon study finds
Human errors and system problems caused two-thirds of data breaches in 2012, according to a study from Symantec and the Ponemon Institute Continue Reading
-
News
03 Jun 2013
Information Governance
This research from AIIM looks at the risk profile around electronic records, the keep-all versus delete-all options, e-discovery, and the implications of social, mobile and cloud on risk management policies. Continue Reading
-
News
21 May 2013
Privileged accounts key to most APT attacks, says Cyber-Ark
The theft, misuse and exploitation of privileged accounts is becoming an increasingly key tactic in advanced persistent threat attacks Continue Reading
-
News
15 May 2013
Microsoft declares conformance with ISO 27034-1
Microsoft has declared conformance with ISO 27034-1, the first part of an international standard for secure software development Continue Reading
-
News
13 May 2013
Cyber criminals hack Washington court system
Hackers gain access to the personal data of 160,000 US citizens after compromising Washington State court service servers Continue Reading
-
News
07 May 2013
Symantec helps NHS trust cut security costs by a quarter
The Royal Liverpool and Broadgreen University Hospitals NHS Trust cut security costs by 25% in its partnership with security supplier Symantec Continue Reading
-
News
03 May 2013
Computer Weekly European User Awards for Security: Winners
The winners are in for the Computer Weekly European User Awards for Security. See who made the top spots. Continue Reading
-
News
01 May 2013
What’s to be done about data breach discovery?
The time from first contact by cyber attackers to the victim learning of it is still measured in months and years, not hours and days Continue Reading
-
News
01 May 2013
CW buyer's guide: context-aware security
This 11-page Computer Weekly buyer's guide looks at how organisations should approach context-aware security technologies and what business benefits they can deliver. Continue Reading
-
News
01 May 2013
Information Security Breaches Survey 2013
Security breaches cost large businesses an average of £850,000, the 2013 Information Security Breaches Survey reveals. Continue Reading
-
News
01 May 2013
CW Special Report on CSC
This 16-page report from Computer Weekly analyses the challenges facing CSC, its financial performance, the services it offers, its place in the IT market and its future strategy. Continue Reading
-
News
29 Apr 2013
Another online firm hit by data breach
Online deals service LivingSocial is the latest company to report a breach of its computer systems that may mean attackers accessed customer details Continue Reading
-
News
24 Apr 2013
Protecting against modern password cracking
This article in our Royal Holloway Security Thesis series explains just how insecure passwords are and offers advice on alternative methods of security. Continue Reading
-
News
22 Apr 2013
Infosec 2013: University research challenges reliability of IPS
Research shows intrusion prevention systems (IPS) are not as effective at detecting malicious activity as some might think Continue Reading
-
News
22 Apr 2013
Security spend misaligned with threats, says security veteran
Security budget allocations have remained the same for the past 15 years, but threats have changed, says Shlomo Kramer, chief executive at security firm Imperva Continue Reading
-
News
19 Apr 2013
Conficker makes way for web-based attacks, says Microsoft
Web attacks emerge as top threat as businesses finally begin to win the battle against Conficker and other worms, says Microsoft Continue Reading
-
Feature
16 Apr 2013
How to create a good information security policy
Information security policies provide vital support to security professionals, yet few organisations take the time to create decent policies Continue Reading
-
News
11 Apr 2013
Bots and web apps among top threats to data security, says Check Point
Bots, viruses, breaches and attacks are a constant and real threat to the information security of organisations Continue Reading
-
Feature
11 Apr 2013
Windows XP end of support: What to do next
CIOs may not wish to carry on running a 12-year-old desktop OS, but thousands of incompatible applications leave many with no choice Continue Reading
-
News
11 Apr 2013
Porn websites pose malware risk, says researcher
Browsing popular pornography internet sites pose a growing risk of malware infection, according to a security researcher Continue Reading
-
News
04 Apr 2013
Effective print security for SMBs
Analysts Louella Fernandes and Clive Longbottom discuss how integrated print management provides SMBs with a simple and scalable approach for print security. Continue Reading
-
News
03 Apr 2013
Case Study: 192business switches to tokenisation to speed up business processes
Online payment card verification firm 192business uses tokenisation to speed up its processes and protect credit card details from fraud Continue Reading
-
News
03 Apr 2013
US Army practises poor data security on mobile devices
Pentagon inspector general finds smartphones and tablets the US Army buys are not configured to protect sensitive data and allow remote wipe Continue Reading
-
News
03 Apr 2013
Anonymous threatens to declare cyber war on North Korea
Anonymous hacktivist collective has threatened North Korea with cyber war if leader Kim Jong-un does not resign and install free democracy Continue Reading
-
News
26 Mar 2013
Employees ignore security rules, say infosec pros
Most information security professionals believe corporate employees wilfully ignore security rules, survey at RSA Conference 2013 reveals Continue Reading
-
Opinion
25 Mar 2013
Securing the hypervisor: expert tips
There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances Continue Reading
-
News
14 Mar 2013
CIO Interview: Matthew Oakeley, global IT head of Schroders
Matthew Oakeley talks to Karl Flinders about his role as global IT head at investment management company Schroders Continue Reading
-
News
12 Mar 2013
The Deloitte Consumer Review: A more secure customer
This report from Deloitte assesses the impact of cybercrime on consumers and offers advice to businesses on how to respond. Continue Reading
-
News
12 Mar 2013
Information security trends
This report from CompTIA, based on original research, assesses the current trends in information security. Continue Reading
-
News
11 Mar 2013
Microsoft releases four critical security updates
Microsoft is to release four “critical” patches in its monthly Patch Tuesday security update, according to the advance notice. Continue Reading
-
News
11 Mar 2013
Territorial Army on the hunt for information assurance professionals
TA to recruit IT security professionals into the Royal Signals to strengthen cyber operations Continue Reading
-
News
06 Mar 2013
What is RSA's build, buy, partner strategy?
Computer Weekly takes a closer look at RSA's build, buy, partner strategy Continue Reading
-
E-Zine
05 Mar 2013
The security risk sweeping Europe
Never have we been so open about the information we share online, without so little concern for our privacy. Social media can be a threat to a company, not just to what information an employee chooses to disclose, but because social media sites are prime targets for cybercrime. In this issue of CW Europe read how the increase in social media usage has created new privacy concerns for businesses. Continue Reading
-
News
05 Mar 2013
Enterprise Security Architecture – an outsourcer's view
Alan Jenkins, chief security officer of outsourcing specialist, T Systems, explains the company's approach to enterprise security architecture. Continue Reading
-
News
05 Mar 2013
Enterprise Security Architecture
Mark Brown, Director for Advisory Risk & Information Security at Ernst & Young offers advice to security leaders on developing a robust Enterprise Security Architecture. Continue Reading
-
News
05 Mar 2013
Security the future: Keeping up with the business
Gareth Lindahl-Wise, group information security manager at British American Tobacco, explains the company's approach to enterprise security architecture. Continue Reading
-
Feature
04 Mar 2013
How to tackle big data from a security point of view
Before leaping into big data, companies must be clear what they are trying to achieve, otherwise their investment will be wasted Continue Reading
-
News
28 Feb 2013
RSA 2013: Suppliers need to prepare for new security vulnerability handling standards
Software makers and online service providers need to prepare for two ISO standards on vulnerability handling processes due by the end of 2013 Continue Reading
-
News
27 Feb 2013
350,000 different types of spam SMS messages were targeted at mobile users in 2012
350,000 different variants of unsolicited spam SMS messages were accounted for in 2012, with 53,000 variants logged for December alone Continue Reading
-
News
26 Feb 2013
RSA 2013: Obama cyber order will have significant effect, says DoHS
President Barack Obama’s executive order on cybersecurity is a “very big deal” says Mark Weatherford, deputy under-secretary for cybersecurity at the US Department of Homeland Security (DoHS). Continue Reading
-
News
18 Feb 2013
The Demise in Effectiveness of Signature and Heuristic Based Antivirus
Anti-virus technology is failing to protect organisations from malicious attacks. Security professionals should look at alternative strategies, the NNC group argues in this report. Continue Reading
-
Feature
11 Feb 2013
How to find the most vulnerable systems on your internal network
Most corporate networks share common vulnerabilities, but many could be mitigated with education in “hacker thinking” for technical staff Continue Reading
-
News
06 Feb 2013
Twitter strengthens login security after hacker attack
Days after a hacking attack, it has emerged that Twitter plans to strengthen its login security with two-factor authentication Continue Reading
-
News
28 Jan 2013
Why has NAC, like DLP, failed to take off?
Why are organisations not investing in systems that are designed to keep malicious actors out of their networks? Continue Reading
-
Photo Story
28 Jan 2013
IT Security Purchasing Intentions 2013 - Europe
TechTarget surveyed 250+ IT pros about security media purchasing in Europe. Continue Reading
-
News
25 Jan 2013
Encryption is safe bet, says SafeNet
Encryption is the only thing that can give peace of mind to CIOs and CISOs, says Dave Hansen, president and CEO of security firm SafeNet Continue Reading
-
News
24 Jan 2013
ICO hits Sony with £250,000 data breach penalty
The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act Continue Reading
-
News
22 Jan 2013
Why has DLP never taken off?
Why is data loss prevention (DLP) technology not being adopted if it provides the very protection most businesses need? Continue Reading
-
News
18 Jan 2013
Security visualisation
This article is guideline of how to generate a visual representation of a given dataset and use in the evaluation of known security vulnerabilities Continue Reading
-
News
14 Jan 2013
Oracle rushes out patches for Java zero days
Oracle has released two out-of-band security updates for the latest zero day vulnerabilities in Java Continue Reading
-
News
11 Jan 2013
Disable Java to protect from latest zero-day
Security researchers are warning of a zero-day vulnerability in all versions of Java, including the latest Java 7 update 10 Continue Reading
-
News
10 Jan 2013
Software piracy international in scope, says Fast
The scale of software piracy is both international in scope and military in its execution, says the Federation Against Software Theft (Fast) Continue Reading
-
News
08 Jan 2013
Misuse of social media could wreak havoc, warns World Economic Forum
The rapid spread of false information through social media poses a growing threat to business and society, the World Economic Forum has warned Continue Reading
-
News
07 Jan 2013
Ernst & Young email keyword analysis identifies fraudsters
Fraud investigators have revealed the most common words used in email conversations by employees engaged in rogue trading and fraud Continue Reading