IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
04 Jun 2005
Life at the edge part 4: When things go wrong
A checklist and other hints to protect your Web servers from a worst-case scenario. Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks, answer No. 3
Quiz: Identify and analyze Web server attacks, answer No. 3 Continue Reading
-
News
01 Jun 2005
Zombie machines used in 'brutal' SSH attacks
IT managers use SSH to gain secure access to remote computers. Hackers are using it to crack your network, with help from their zombie friends. Continue Reading
-
News
29 May 2005
Patching resource kit
From vulnerability scanning to patching flubs, here's a collection of other helpful resources to ensure your patching efforts are effective. Continue Reading
-
News
23 May 2005
Pre-CISSP: Options for the security newbie
Shon Harris advises novice security practitioners on the value of entry-level certifications -- and good, old-fashioned experience -- in preparation for the CISSP®. Continue Reading
-
News
17 May 2005
Should the government define spyware?
Who's best qualified to define what is and isn't spyware -- your congressman or your online user community? Security experts say no entity can do it alone. Continue Reading
-
News
17 May 2005
Some vendors get labeled as spyware pushers
To win the battle with spyware, you must be able to spot it. That's not as easy as you think. Continue Reading
-
News
11 May 2005
A new era of computer worms: Wireless mobile worms
In this excerpt of Chapter 9 from "The Art of Computer Virus Research and Defense," author Peter Szor dissects the Cabir worm. Continue Reading
-
Feature
10 May 2005
Learning Guide: Low-cost storage
Resources on low-cost networking, iSCSI, SATA and IP storage Continue Reading
-
Feature
15 Apr 2005
The acceptable rules of the mobile game
Mobile networks allow you to connect to your network from almost anywhere by the appropriate methodology. Yet that may also mean... Continue Reading
-
News
14 Apr 2005
Who should be on (and off) the hook for ID theft?
An influential cryptographer and a panel of technologists today debate how best to fight false authentication and fraudulent transactions. Continue Reading
-
News
03 Apr 2005
Are identities safer on laptops than central databases?
Microsoft pledges better ID security. Given the theft of a laptop storing 100,000 Social Security numbers, Redmond's approach could prove controversial. Continue Reading
-
News
29 Mar 2005
Quiz: Do you have a firm e-mail security foundation?
This Security School quiz is the first in a series of three on e-mail security essentials. Continue Reading
-
News
21 Mar 2005
Linux lags Windows in new security report
A controversial research paper takes a critical look at two popular platforms' track record on vulnerabilities and fixes. In turn, its findings are facing sharp scrutiny as well. Continue Reading
-
News
17 Mar 2005
Botnets more menacing than ever
Researchers from the Honeynet Project and iDefense say bots are spreading quickly, digging their heels into more than a million machines around the world. Continue Reading
-
Feature
16 Mar 2005
Managed services: Looking to the long term
IT directors looking for an easy way to manage increasing volumes of data by buying more hardware could be storing up problems... Continue Reading
-
News
15 Mar 2005
ID theft and national security
Check out what some ITKnowledge Exchange members had to say about this controversial issue. Continue Reading
-
News
14 Mar 2005
HIPAA causes data security problems for small businesses
If your local dentist isn't complying with HIPAA's security rules, he's not alone. Experts say most doctors' offices aren't getting it. Continue Reading
- News 14 Mar 2005
-
Feature
13 Mar 2005
Winning the cyber arms race in the classroom
In the struggle for cybersecurity, Lenny Zeltser's most important weapons are the classroom and the pen.
For the past few years he has taught part-time at the SANS Institute, creating a course on how to analyze malicious software,. He's also directed security efforts for several organizations as a consultant and employee. As a writer, he co-authored Inside Network Perimeter Security and contributed a few chapters to the book Malware: Fighting Malicious Code.
In this Q&A, Zeltser outlines his latest course offerings and book projects, and what he sees as today's greatest threats.
Continue Reading - News 08 Mar 2005
-
News
08 Mar 2005
A sound architecture involves both strong technology and a professional approach
Although many large organisations need to respond rapidly to changes in the market as well as to competition and globalisation... Continue Reading
-
News
07 Mar 2005
Windows vulnerable to LAND attack
Security researchers say this type of attack leaves enterprise customers of popular Windows products open to a denial of service. There is good news, though. Continue Reading
-
News
24 Feb 2005
Security Bytes: Cisco patch available for ACNS flaws
Workaround outlined for new php exploit. IBM issues patch for DB2 flaw. Payroll service goes offline to investigate security claims , and BoA loses personal data on customers. Continue Reading
-
News
15 Feb 2005
Federal agency security still poor, but improving
Report cards give federal security a D-plus average, but the Homeland Security Department is still failing. Continue Reading
- News 14 Feb 2005
- News 14 Feb 2005
-
News
14 Feb 2005
Strategic Storage: DR planning blueprint
Developing a good disaster recovery (DR) plan is similar to good dental hygiene -- and almost as exciting. Similar to going to the dentist twice a year, you should also test your DR plan with the same frequency. Wait too long to clean up your plan and you'll be stuck with the root canal of recovering your data. Continue Reading
-
News
09 Feb 2005
The Controversy of Hacking Books and Classes
Read this excerpt and download Chapter 1, Ethics of Ethical Hacking from Shon Harris' All-in-One Gray Hat Hacking. Continue Reading
-
News
07 Feb 2005
CEOs and CIOs split on IT success
Business and IT directors are still at loggerheads on key technology issues, according to a new survey by the Economist... Continue Reading
-
News
02 Feb 2005
Compressed files strike another blow to AV
The "alternative" .rar files are picking up where popular .zip files left off as attack vectors. Continue Reading
-
News
31 Jan 2005
ID theft remains No. 1 worry
For the fifth straight year, the FTC said most complaints came from identity theft victims. And that's a problem for enterprises. Continue Reading
-
News
23 Jan 2005
Cyberstorm chasers: The folks who look out for the latest Internet threats
They keep a 'round-the-clock watch on conditions in cyberspace. CTO Johannes Ullrich discusses the volunteer effort behind the SANS Internet Storm Center. Continue Reading
- News 19 Jan 2005
-
Feature
14 Jan 2005
Financing the future
Don't get a headache working out the best ways to pay for hardware and software. Danny Bradbury offers a user-friendly guide to... Continue Reading
-
News
10 Jan 2005
Security Bytes: George Mason U. hacked; new Trojans on the loose
Hackers steal personal data of more than 30,000 members of George Mason University. Two new Trojans emerge. BMC Software buys a Parisian company. Continue Reading
-
News
10 Jan 2005
Security on a Shoestring: Creating Internet policies on the cheap
No matter how small the organization, it's impractical to stand over employees and make sure they properly use the Internet. So here's how to write a decent acceptable use policy, and make sure everyone abides by it. Continue Reading
-
News
19 Dec 2004
Transforming the cybersecurity culture
Eleven New Year's resolutions can help employees at all levels empower the security function at their organization. Continue Reading
-
News
08 Dec 2004
The security lingo of 2004
This was the year of botnets, zombie PC armies and phishying online schemes. Continue Reading
- News 05 Dec 2004
-
News
28 Oct 2004
MoD may write off £200m Chinook helicopters
The Ministry of Defence could write off more than £200m spent on eight Chinook Mk3 helicopters. Continue Reading
-
Feature
21 Oct 2004
IP everything, essentially
What are the fundamental deliverables of IP networks? How can you use IP networks to gain financial benefits in addition to... Continue Reading
-
Feature
21 Oct 2004
The basis of profitability
Not so long ago, you didn't have much choice - your IT and communications requirements were acquired, implemented and maintained... Continue Reading
- News 04 Oct 2004
-
News
03 Oct 2004
Training for CISSP Certification: SearchSecurity.com's Security School
Study guides for each of the ten domains of the CBK for those preparing to take the CISSP exam or expanding their knowledge of security concepts and practices. Continue Reading
-
News
26 Sep 2004
Authorize.Net says it has 'learned' from attack
The credit card processing service was unprepared for the kind of attack it suffered last week, but it will use the experience to improve security. Continue Reading
- News 21 Sep 2004
-
Feature
14 Sep 2004
Management matters
Cath Everett finds out how you stay on top of networking. What are the management issues related to your telecoms and networks... Continue Reading
-
News
24 Aug 2004
Latest worm uses IM to lure victims
A version of the worm which spread from infected Microsoft Internet Information Services (IIS) web servers in June has been... Continue Reading
-
Feature
13 Aug 2004
Undercover operations
Computer crime is on the rise, but collecting admissible evidence is a tricky business. Helen Beckett gets expert advice on what... Continue Reading
-
News
27 Jul 2004
New attacks and vulnerability trends highlighted at Black Hat
Presentations beginning today will analyze vulnerabilities, zero-day code, phishing and secure wireless deployment, among many other topics. Continue Reading
-
News
26 Jul 2004
Fewer IT supplier conflicts are going to court
Law firms have reported a sharp fall in the number of IT disputes reaching the courts over the past 12 months as more users turn... Continue Reading
- News 25 Jul 2004
-
News
18 Jul 2004
Debian fixes multiple flaws
Denial-of-service, buffer overflow and format string vulnerabilities in Debian GNU/Linux that an attacker could use to remotely execute malicious code has been fixed. Continue Reading
-
News
18 Jul 2004
Enterprise-class RAID functions, part 2: N-way mirroring, splitting and more
With the convergence of RAID and lower-priced storage technologies, advanced RAID functions can be enjoyed by any small-to-medium sized organization with critical data. Continue Reading
-
News
14 Jul 2004
Continuous backup gains traction
For continuous backup technology, 2004 is the year that vendors have moved from promises to actual products. Although the market is still small -- inhabited by startups such as Revivio, Mendocino Software, Alacritus and XOsoft -- the buzz is relatively loud. Continue Reading
-
News
21 Jun 2004
Users at risk after web host attack
Users have been warned to brace themselves for attacks on sites which provide patch downloads and web hosting services. Continue Reading
-
News
23 May 2004
Hacking for Dummies: Chapter 10 -- Wireless LANs
Read Chapter 10, Wireless LANs, from the book "Hacking for Dummies" written by Kevin Beaver. Continue Reading
-
News
19 May 2004
IT experts not losing sleep over code theft
Days after Cisco acknowledged someone may have stolen source code from its network, IT experts said they doubt it will amount to anything catastrophic. After all, source code has made it onto the Internet before, and there's no proof it has ever led to an attack. For them, the bigger question is how to prevent such a thing from happening to their organization. Continue Reading
-
News
13 May 2004
Hacking For Dummies: Chapter 7 -- Passwords
In his latest book, "Hacking For Dummies," Kevin Beaver takes the reader into the mindset of a hacker in order to help admins fend off vulnerabilities and attacks. Continue Reading
-
News
02 May 2004
Return to sender?
Several researchers have identified a new e-mail attack that can be used to swamp enterprise e-mail servers, as well as some secondary systems. Continue Reading
-
News
15 Apr 2004
Bacs launches online billing service
UK clearing house Bacs has embarked on a joint venture with a US software company to provide an online bill presentation and... Continue Reading
- News 11 Apr 2004
-
News
17 Mar 2004
Best practices for enabling and maintaining compliance
As part of our Storage Decisions conference preview series, Shaun Mahoney, senior storage engineer for Citigroup, Randy Wilson, assistant vice president of IT at Essex Investment Management Company and Enterprise Storage Group's Peter Gerr discussed the best practices for enabling compliance. Continue Reading
-
Feature
15 Mar 2004
Achieving the goal of CIO
What exactly does a chief information officer do?Paul Burfitt, global CIO at AstraZeneca, analysed the various aspects of his job... Continue Reading
- News 01 Mar 2004
-
News
24 Feb 2004
Exploiting Software: How to Break Code, Chapter 7 -- Buffer Overflow
This excerpt is from Chapter 7, Buffer Overflow of Exploiting Software: How to Break Code written by Greg Hoglund and Gary McGraw. Continue Reading
-
News
10 Nov 2003
NHS IT plan risky but will not fail, says OGC
The £2.3bn national programme to modernise health service IT systems is "risky and ambitious" but it has sufficient safeguards in... Continue Reading
-
Feature
26 Mar 2003
What's in an IT name?
What exactly does a chief information officer do?Paul Burfitt, global CIO at AstraZeneca, analysed the various aspects of his job... Continue Reading
-
News
06 Feb 2003
Users warned as number of software holes soars
IT departments were put on alert this week after it emerged that the number of security vulnerabilities discovered in commercial... Continue Reading
-
News
29 Jan 2003
Courts Libra system 'is one of the worst IT projects ever seen'
The cost of the Libra project to provide a national system for 385 magistrates courts soared from £146m to £390m, and the main... Continue Reading
-
Opinion
23 May 2002
Who watches the watchers?
The Civil Aviation Authority must come clean about how it has policed Nats' computer systems Continue Reading
-
News
07 Feb 2002
Victory! Lords confirm CW stand - software flaw could have caused Chinook crash
An historic House of Lords report has this week vindicated a five-year campaign by Computer Weekly for justice after the crash of... Continue Reading
-
Feature
06 Dec 2000
The VPN dilemma
With traditional networks choking on data, Liz Biddlecombe investigates the pros and cons of managing a VPN yourself or... Continue Reading
-
News
30 Nov 2000
Chinook: a breach of natural justice
MPs slam MoD over 1994 crash whitewash. Software, not pilot error, could have killed 29 Continue Reading
-
Feature
29 Nov 2000
Computer Weekly's evidence to the Public Accounts Committee
We write to the Public Accounts Committee in relation to its consideration of the Chinook's FADEC computerised engine control... Continue Reading
-
Opinion
16 Nov 2000
Solution: Internet misuse at work
Like the technology, Internet abuse appears to have proliferated in recent years. There are, however, two ways to tackle this... Continue Reading
-
Feature
15 Nov 2000
Tackling Internet misuse at work
Like the technology, Internet abuse appears to have proliferated in recent years. There are, however, two ways to tackle this... Continue Reading
-
Feature
15 Nov 2000
MoD kept RAF chief in the dark
New evidence shows that the air chief marshal who blamed the pilots for the Chinook crash on the Mull of Kintyre in 1994 was not given potentially vital information related to the helicopter's safety-critical software Continue Reading
-
Feature
01 Nov 2000
Pathway and the Post Office: the lessons learned
The infamous 1996-1999 Pathway project aimed to computerise the nation’s post offices and tackle benefit fraud. But 18 months... Continue Reading
-
Feature
18 Oct 2000
How to scour the world when outsourcing
Thanks to Y2K compliance programmes, it is now perfectly acceptable for a firm to consider moving all or part of its systems development and support... Continue Reading -
Feature
24 May 2000
Lifting the lid on secret stiffing techniques
One of the UK's most experienced IT negotiators lifts the lid on some of the sharp practices used by software suppliers to get... Continue Reading
-
News
29 Mar 2000
MoD did not tell the whole truth on Chinook software
Letters from software experts to Computer Weekly show the Ministry of Defence omitted to mention it sanctioned the very testing... Continue Reading
-
Feature
08 Mar 2000
Leaked RAF memo scathing of safety software evaluation
Computer Weekly's Tony Collins uncovers evidence that the MoD has consistently undermined the authority of its software assessors... Continue Reading
- Feature 01 Mar 2000
-
News
09 Feb 2000
NAO report puts software at the heart of Chinook debate
Tony CollinsGovernment auditors will report tomorrow (Friday) that defence staff put into operational service a fleet of Chinook...
Continue Reading -
Feature
12 Jan 2000
Was Y2K a costly non-event?
Many expected catastrophe. In reality, the industry coped well and is now in good shape for the future, writes Bill Goodwin Continue Reading
-
Feature
21 Oct 1999
White Paper: Software solutions for effective network power management
Uncertain power conditions can wreak havoc on small businesses, however, there are ways to limit the risk of computer data loss Continue Reading