IT security
-
News
12 Nov 2024
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web Continue Reading
-
Opinion
12 Nov 2024
Strengthening cyber: Best IAM practices to combat threats
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
Feature
13 Nov 2019
Taking responsibility for security in the cloud
From accidental leaks to full-on data breaches, maintaining security across cloud services is becoming a headache for enterprises. What questions should organisations be asking of their cloud service provider and, ultimately, whose responsibility is cloud security anyway? Continue Reading
-
News
13 Nov 2019
Cyber risk insurance is more than just insurance
Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks Continue Reading
-
News
12 Nov 2019
Nordic SMEs lack the money needed for cyber security
Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country Continue Reading
-
News
12 Nov 2019
PCI DSS payment security compliance drops again
Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling Continue Reading
-
News
12 Nov 2019
‘Robust’ security foils cyber attack on Labour Party
Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked Continue Reading
-
News
12 Nov 2019
Shared responsibility model key to solving 5G security problem
Both buyers and sellers need to cooperate to solve the thorny issues around 5G security Continue Reading
-
News
12 Nov 2019
IBM drums up quantum computing future
IBM’s head honcho, Ginni Rometty, welcomes Australia’s Woodside Energy to the quantum computing fold through a partnership to harness the technology to shore up cyber security and plant operations Continue Reading
-
News
11 Nov 2019
Australia’s productivity woes pinned on poor employee experience
Research by Ricoh suggests that the lukewarm view of employee experience among IT leaders is part of the reason for Australia’s declining productivity Continue Reading
-
News
08 Nov 2019
Security pros urged to get ahead of incoming BlueKeep exploits
The BlueKeep RDP vulnerability is beginning to be exploited in the wild, and security teams have no excuse for not trying to get in front of it, says Microsoft Continue Reading
-
News
08 Nov 2019
Morrisons in new appeal over data breach fine
The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data Continue Reading
-
Opinion
08 Nov 2019
Security Think Tank: Base cloud security posture on your data footprint
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
Opinion
07 Nov 2019
Security Think Tank: Cloud security is a shared responsibility
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
07 Nov 2019
Amazon Ring video doorbell flaw left users open to attack
A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks Continue Reading
-
Opinion
07 Nov 2019
Security in the supply chain – a post-GDPR approach
A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher's James Walsh reviews the fundamentals of supply chain security Continue Reading
-
News
07 Nov 2019
Saudis recruited Twitter employees to spy on critics
Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents Continue Reading
-
E-Zine
07 Nov 2019
CW Benelux: Dutch banks fight money laundering
Dutch banks are sharing expertise and resources to help reduce money laundering through their accounts. Also read in this issue how companies could lose loyal IT staff because salary rises do not match those at rival employers, and why a Dutch province is pioneering a no-code software development platform. Continue Reading
-
Feature
06 Nov 2019
Navigate PII data protection and GDPR to meet privacy mandates
Know the commonalities surrounding personally identifiable information to better navigate and comply with the regulations and penalties IT managers must contend with today. Continue Reading
-
News
06 Nov 2019
Trend Micro insider breach exposes need for data-centric protection
Simple measures could have saved consumer security product supplier from insider breach Continue Reading
-
News
06 Nov 2019
How Facebook’s ‘Switcheroo’ plan concealed scheme to kill popular apps
Leaked documents reveal how Facebook used and abused app developers, cut off data to competitors, gave privileged access to its friends and used privacy as a cover story Continue Reading
-
News
06 Nov 2019
Global security workforce must more than double to meet demand
There are about 2.8 million cyber security professionals working today, and the world needs four million more Continue Reading
-
News
06 Nov 2019
Professional cyber criminals command $75k per annum
An ill-advised career in cyber crime is potentially almost as well-paying as a job as a threat researcher in the industry, according to Tenable researchers Continue Reading
-
News
06 Nov 2019
Lawmakers study leaked Facebook documents made public today
Computer Weekly publishes cache of leaked documents disclosed to Congress Continue Reading
-
Opinion
06 Nov 2019
What changes are needed to create a cyber-savvy culture?
PA Consulting's Cate Pye considers the people and process changes that are necessary to build a security aware business culture Continue Reading
-
News
06 Nov 2019
Huawei: 5G growth will be maintained with or without US tech supply
Huawei dismisses US tech sabre-rattling and claims it will continue robust business growth in 5G with or without US suppliers Continue Reading
-
Opinion
06 Nov 2019
Security Think Tank: Adapt security posture to your cloud model
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
Blog Post
05 Nov 2019
Making sense of the current UK Cybersecurity Skills scene
But that is for the future. For the here and now I strongly recommend participation in the DPA cybersecurity skill sub-group in order to make sense of what it happening and ensure that your needs, ... Continue Reading
-
News
05 Nov 2019
Ransomware authors seeking new ways to avoid being spotted
Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls Continue Reading
-
Opinion
05 Nov 2019
Security Think Tank: The cloud needs security by design
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
E-Zine
05 Nov 2019
The benefits of API-first software development
In this week’s Computer Weekly, we find out how organisations are using an API-based approach to software development to boost digital initiatives. We examine the potential pitfalls in using cloud storage. And we talk to the Department for Work and Pensions about its four-year project to move from outsourced IT to the cloud. Read the issue now. Continue Reading
-
News
05 Nov 2019
ICO launches data security campaign for UK General Election
Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes Continue Reading
-
News
05 Nov 2019
Gartner: The time is right to make IT a boardroom issue
In many businesses, IT is regarded as an internal service provider and cost centre. Gartner says now is the best time for CIOs to make IT strategic Continue Reading
-
Opinion
04 Nov 2019
Security Think Tank: Secure the cloud when negotiating contracts
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
04 Nov 2019
Sumo Logic buys into cloud security software market
Jask’s cloud-native autonomous security operations software will be integrated into Sumo Logic’s intelligence platform Continue Reading
-
News
04 Nov 2019
EU patches 20-year-old open source vulnerability
Ethical hackers taking part in a bug bounty programme on behalf of the European Union have uncovered a 20-year-old vulnerability Continue Reading
-
Feature
04 Nov 2019
Making the case for integrated risk management
Security experts discuss how an integrated approach to risk and governance can be effectively managed Continue Reading
-
Blog Post
03 Nov 2019
Insurability is the key to Cybermaturity
Most organisations are uninsurable. They spend large amounts on security products and services technology but they are not doing that which reduces the risk of a successful cyberattack, limits the ... Continue Reading
-
News
01 Nov 2019
General Election sees UK government defer ‘high-risk’ 5G tech supplier review
Decision on allowing so-called high-risk suppliers access to the UK’s market for 5G infrastructure delayed due to 12 December poll Continue Reading
-
Feature
01 Nov 2019
ICO says UK police must ‘slow down’ use of facial recognition
The Information Commissioner’s Office is calling for a statutory code of practice to govern how police in the UK deploy live facial recognition technology while controversy surrounding its use continues Continue Reading
-
News
01 Nov 2019
CIO must focus on easing data access to help data scientists build models more quickly
Data scientists struggle to get the right data in the right format to build artificial intelligence models, so to benefit from AI, CIOs will need to simplify data access Continue Reading
-
Opinion
01 Nov 2019
Security Think Tank: In the cloud, the buck stops with you
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
01 Nov 2019
Banks let customers down with mixed approaches to security
Treasury Committee report recommends new measures to tackle financial fraud Continue Reading
-
News
31 Oct 2019
Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches
Social media giant also promises to change the way its platform is used to protect people’s data Continue Reading
-
News
31 Oct 2019
Alibaba Cloud earns security credentials in automotive and healthcare sectors
Alibaba Cloud’s compliance with Tisax and GxP follows earlier efforts by major public cloud suppliers to win over enterprises with strict data protection and security rules Continue Reading
-
News
30 Oct 2019
What will succeed the National Cyber Security Strategy?
As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures Continue Reading
-
News
29 Oct 2019
NordVPN enlists ethical hackers, launches bug bounty programme
Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers Continue Reading
-
News
29 Oct 2019
Fancy Bear resumes Olympic hacks ahead of Tokyo games
Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft Continue Reading
-
29 Oct 2019
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing. Continue Reading
-
E-Zine
29 Oct 2019
IR35 reforms – the difficult decisions facing IT contractors
In this week’s Computer Weekly, we examine the difficult choices facing UK IT contractors from the controversial IR35 tax reforms. Social engineering is a major source of cyber security attacks – we look at mitigation strategies. And the IT chief at Mercedes F1 explains what it takes to support a world championship team. Read the issue now. Continue Reading
-
Opinion
28 Oct 2019
Security Think Tank: Embedding security in governance
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
28 Oct 2019
Windows 7 upgrade haunts health service tech vision
Windows 7 issues at the NHS are making headlines, 15 months after the release of the review of how legacy IT was exploited by the WannaCry attack Continue Reading
-
Feature
28 Oct 2019
Security puzzle calls for some joined-up thinking
The age of digitisation brings new risks to organisations, so security needs to be more integrated Continue Reading
-
News
24 Oct 2019
Know Fraud database became backlog dump
Reports to Action Fraud handled by City of London Police’s National Fraud Intelligence Bureau were quarantined as security risk, finds HM’s Inspectorate of Constabulary and Fire and Rescue Services Continue Reading
-
Blog Post
24 Oct 2019
Hack the Kop – the Reds are sitting ducks
Liverpool may be flying high at the top of the Premier League table right now, but when they get home after a hard-fought 90 minutes, their fans are the most likely to have had their personal data ... Continue Reading
-
News
24 Oct 2019
Endpoint security is a procurement issue, says HP, IDC study
Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders Continue Reading
-
News
24 Oct 2019
£4,000 bug bounty could have saved BA from record ICO fine
British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities Continue Reading
-
Opinion
23 Oct 2019
Gartner: Three Barriers to AI Adoption
CIOs are set to include artificial intelligence in their IT strategy. Technical, legislative and cultural challenges could influence their AI ambitions Continue Reading
-
News
23 Oct 2019
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading
-
News
22 Oct 2019
Banks move to contain impact of Samsung biometric flaw
NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices Continue Reading
-
News
22 Oct 2019
Brexit: Withdrawal agreement lists EU IT data link beyond transition
Document lists system-to-system IT and network connectivity that will be required after the UK leaves the European Union Continue Reading
-
News
22 Oct 2019
NordVPN blames datacentre provider for server breach
VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue Continue Reading
-
News
22 Oct 2019
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets Continue Reading
-
News
22 Oct 2019
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period Continue Reading
-
Blog Post
22 Oct 2019
Secure Bacon Butties With Gherkin But No Gherkins
Had my first visit to The Gherkin recently at a “mini” Netevents security briefing in London. I can certainly recommend the brioche-bun bacon butties with a view of the London rain from the 38th ... Continue Reading
-
22 Oct 2019
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management. Continue Reading
-
News
22 Oct 2019
Over-30s tend to do better at cyber security than younger colleagues
Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security Continue Reading
-
News
21 Oct 2019
Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords Continue Reading
-
News
21 Oct 2019
Alleged state hackers adapting to cover their tracks, says NCSC
A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence Continue Reading
-
News
21 Oct 2019
Trend Micro buys cloud security firm to broaden offering
Acquisition of Cloud Conformity will address often overlooked cloud security fundamentals Continue Reading
-
News
21 Oct 2019
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots Continue Reading
-
News
18 Oct 2019
Huge rise in rogue banking apps driving fraud attacks
Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA Continue Reading
-
News
18 Oct 2019
Amazon consumer devices vulnerable to two-year-old exploit
Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017 Continue Reading
-
News
17 Oct 2019
BEIS launches multimillion-pound security investment package
Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme Continue Reading
-
News
17 Oct 2019
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service Continue Reading
-
News
17 Oct 2019
Security threat landscape becomes more organised and business-like
Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape Continue Reading
-
Opinion
17 Oct 2019
Security Think Tank: Focus on metrics to manage risk
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
News
17 Oct 2019
Emerging markets’ mobile financial services transactions set to surpass $1tn in by 2024
Mobile financial services transaction value will grow by 70% from 2019 to 2014 to total more than $1tn, driven by markets such as Latin America and Cico transactions Continue Reading
-
News
16 Oct 2019
Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack Continue Reading
-
News
16 Oct 2019
Sweden’s first GDPR fine sets regulatory tone
Secondary school fined for breaching General Data Protection Regulation, signalling the attitude of Sweden’s Data Protection Authority Continue Reading
-
Opinion
16 Oct 2019
Security Think Tank: Embed security professionals in your risk strategy
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
15 Oct 2019
Attackers hunt iPhone jailbreakers in click fraud campaign
Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices Continue Reading
-
Podcast
15 Oct 2019
Podcast: The Computer Weekly Downtime Upload – episode 34
In this week’s episode of the Computer Weekly Downtime Upload podcast, the team discusses BBC conspiracy thriller, The Capture, and its focus on video surveillance and facial recognition technology Continue Reading
-
Opinion
15 Oct 2019
Security Think Tank: Risk management must go beyond spreadsheets
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
E-Zine
15 Oct 2019
Securing the internet of things
In this week’s Computer Weekly, as security concerns prevent many organisations from adopting the internet of things, we examine mitigation strategies. Many firms are still struggling with GDPR policies – we assess if full compliance is ever possible. And we look at the technologies for delivering on-premise object storage. Read the issue now. Continue Reading
-
News
14 Oct 2019
Private equity swoops on Sophos
British cyber security star picked up by technology sector investors for $3.9bn Continue Reading
-
News
14 Oct 2019
Researchers reveal the cyber campaign that built China's new airliner
CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry Continue Reading
-
Podcast
14 Oct 2019
PCI DSS: Credit card data and what to expect from version 4.0
We preview October’s PCI Europe Community Meeting where attendees will discuss credit card payment data, with topics covered likely to include the cloud and point-to-point encryption Continue Reading
-
14 Oct 2019
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to. Continue Reading
-
14 Oct 2019
How to mitigate IoT security risks to tap business benefits
Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk. Continue Reading
-
News
14 Oct 2019
The Security Interviews: Applying AI to Lego, and security
Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up Continue Reading
-
Opinion
14 Oct 2019
Security Think Tank: Consider risk holistically, not just from an IT angle
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
News
11 Oct 2019
Zuckerberg’s mentor condemns Facebook’s business practices
Long-time Silicon Valley investor speaks out against surveillance capitalism and the lack of rules and regulations governing big tech’s behaviour Continue Reading
-
Feature
11 Oct 2019
McAfee’s push for secure cloud adoption
Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee Continue Reading
-
E-Zine
10 Oct 2019
CW Middle East: Saudi banks trial biometrics in ATMs
Biometric and blockchain technologies are being used in tandem to provide ID verification at Saudi Arabian cash machines. Also read about the first government organisation in Bahrain to migrate to Amazon Web Services, and an interview with Yasmeen Al Sharaf, head of fintech and innovation unit, Central Bank of Bahrain. Continue Reading
-
Feature
10 Oct 2019
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Opinion
09 Oct 2019
Small business guide: How to keep your organisation secure from fraudsters and hackers
Doing a few things well can keep your organisation protected from common cyber attacks and fraudsters Continue Reading
-
Podcast
09 Oct 2019
Podcast: The Computer Weekly Downtime Upload – Episode 33
In this week’s episode of the Computer Weekly Downtime Upload podcast, Brian McKenna and Clare McDonald are joined by Alex Scroxton to talk about cyber warfare and digital healthcare Continue Reading
-
News
09 Oct 2019
US likely to concede on Huawei export ban
The US government may make some concessions over the future of Huawei before the end of the year Continue Reading
-
Opinion
09 Oct 2019
Security Think Tank: The operational approach to integrated risk management
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
08 Oct 2019
CIO interview: Matt Harris, head of IT, Mercedes-AMG Petronas Motorsport
The IT chief at the world-leading Formula 1 team is focused on using technology to support and deliver marginal gains in performance for the team’s drivers Continue Reading
-
News
08 Oct 2019
How APAC enterprises can keep pace with container security
For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities Continue Reading