Identity and access management products
-
News
07 Sep 2023
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks Continue Reading
-
Feature
11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI
Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
-
Definition
12 Apr 2024
OAuth (Open Authorization)
OAuth (Open Authorization) is an open standard authorization framework for token-based authorization on the internet. Continue Reading
-
Feature
12 Apr 2024
5G networks and biometric breakthroughs: Navigating opportunities and risks
Businesses are quickly adopting 5G to introduce advanced security features such as facial recognition, but while these technologies improve safety and ease of use, they also raise concerns about how sensitive biometric information is gathered and may be misused Continue Reading
-
Feature
12 Apr 2024
European Digital Identity Wallet: One ID for EU citizens
The European Digital Identity Wallet is a personal digital wallet with which you will be able to identify yourself digitally in the future. Is this the solution for a centralised ID? Continue Reading
-
News
11 Apr 2024
Facial recognition to play key role in UK shoplifting crackdown
UK government will fund roll-out of police facial recognition across the country as part of its crackdown on shoplifting and violence against retail staff, but civil society groups say the government is attempting to police its way out of the cost-of-living crisis Continue Reading
-
News
11 Apr 2024
Government dismisses Lords’ concerns over facial recognition
UK government is claiming police forces’ use of live facial recognition is comprehensively covered by existing laws, in response to a Lords investigation that found police lacked a clear legal basis to deploy it Continue Reading
-
News
09 Apr 2024
Public worried by police and companies sharing biometric data
More than half of the British public do not feel comfortable with police forces sharing biometric data with the private sector, including facial recognition images, to tackle crimes such as shoplifting Continue Reading
-
News
09 Apr 2024
Greek government fined over AI surveillance in refugee camps
Greece’s Data Protection Authority has issued a €175,000 fine against the country’s migration ministry over its deployment of artificial intelligence-powered security systems in refugee camps after the watchdog’s investigation found ‘serious shortcomings’ with the roll-out Continue Reading
-
News
05 Apr 2024
How Oracle Red Bull Racing guards against cyber threats
The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware Continue Reading
-
News
04 Apr 2024
Obituary: Professor Ross Anderson, pioneer in security engineering and campaigner
Ross Anderson, a titan in the field of security engineering and campaigner for privacy and security, has passed away Continue Reading
-
Definition
28 Mar 2024
retina scan
Retina scanning is a biometric authentication technology that uses an image of an individual's retinal blood vessel pattern as a unique identifying trait for access to secure installations. Continue Reading
-
News
28 Mar 2024
UK plc going backwards on cyber maturity, Cisco report claims
Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape Continue Reading
-
News
27 Mar 2024
Cyber spies, not cyber criminals, behind most zero-day exploitation
Analysis from Google has found that zero-day vulnerabilities are much more heavily exploited for espionage purposes than for financially motivated cyber crime Continue Reading
-
News
26 Mar 2024
NCSC reaffirms guidance for those at risk of Chinese state hacking
As the UK and US governments announce sanctions and indictments of a Chinese state threat actor, the NCSC has reiterated its security advice for individuals at risk of being targeted for espionage purposes Continue Reading
-
Blog Post
21 Mar 2024
Challenging the traditional boundaries between IAM and UEM
It's always refreshing to engage with vendors who aren't bound by the rigid category definitions that large analyst firms often impose on the market. At Freeform Dynamics, our view is that it's ... Continue Reading
-
News
19 Mar 2024
EMEA security spend will have another boom year in 2024
Cyber security services and technology will once again be the focus of major investment across EMEA during 2024, according to the latest Technology Spending Intentions study from TechTarget and ESG Continue Reading
-
News
19 Mar 2024
Australia’s cyber security spending to grow 11.5% this year
Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner Continue Reading
-
News
11 Mar 2024
Dutch organisations vulnerable to deepfake fraud
With the information many employees share on social media, Dutch companies are especially vulnerable to a new form of fraud Continue Reading
-
News
07 Mar 2024
NI Policing Board pressed to open inquiry into PSNI spying on journalists’ phones
Amnesty International and the Committee on the Administration of Justice have asked Northern Ireland’s policing watchdog to open an inquiry into the Police Service of Northern Ireland’s use of surveillance powers against journalists Continue Reading
-
News
05 Mar 2024
Meta outage disrupts social media globally
Meta services, including Facebook, Instagram and Threads, have been downed in a brief service outage Continue Reading
-
News
05 Mar 2024
American Express customers exposed through third-party breach
US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach Continue Reading
-
E-Zine
05 Mar 2024
Authorised access only – biometrics in the workplace
In this week’s Computer Weekly, we examine how biometrics technologies are transforming identity and access management. We analyse research that shows a mismatch between managerial expectations of generative AI and worker experience. And we look at how to assess the best hybrid cloud management tools. Read the issue now. Continue Reading
-
04 Mar 2024
Biometric revolution in IAM: The future of authentication
The IAM landscape is experiencing profound change thanks to the advent of biometrics. Learn about the latest advantages and key benefits of biometrics in identity Continue Reading
-
News
29 Feb 2024
Okta doubles down on cyber in wake of high-profile breaches
Okta launches Secure Identity Commitment to shore up its technology in the wake of a damaging breach and elevate best practice around identity Continue Reading
-
News
29 Feb 2024
DSIT publishes results of public digital identity trust consultation
Report from Department for Science, Innovation and Technology shows UK public wants government to be accountable and transparent, and views trust and inclusivity as key Continue Reading
-
News
27 Feb 2024
Majority of UK employees ‘willingly gamble’ with security
Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report Continue Reading
-
News
27 Feb 2024
Cozy Bear and other APTs changing tack as cloud adoption increases
A change in APT tactics has been observed resulting from greater adoption of cloud-based services, according to the NCSC Continue Reading
-
E-Zine
20 Feb 2024
Flying into cloud – EasyJet’s journey out of the datacentre to AI
In this week’s Computer Weekly, we find out how EasyJet fills an aircraft every 10 seconds while migrating to the cloud and introducing AI. There’s only 283 years to go until we have a diverse IT workforce – we find out why. And we examine how the UK anti-trust investigation into the cloud market could hit the big hyperscalers. Read the issue now. Continue Reading
-
News
14 Feb 2024
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but campaigners warn that racial discrimination will persist with new tool Continue Reading
-
News
09 Feb 2024
Amazon defends facial-recognition tech sale to FBI despite moratorium
The FBI has confirmed it is using Amazon’s Rekognition image and video analysis software, but Amazon says it is ‘false’ to suggest this violates the company’s self-imposed moratorium on selling facial-recognition technology to US police Continue Reading
-
Opinion
07 Feb 2024
Security Think Tank: The phishing forecast for 2024
Egress' Jack Chapman and James Dyer explore how phishing attacks are set to grow in their scope and sophistication this year, with generative AI playing a big role Continue Reading
-
News
07 Feb 2024
AI ID specialist Onfido in talks to be bought by Entrust
UK-based cyber unicorn Onfido agrees to enter talks to be acquired by Entrust Continue Reading
-
E-Zine
06 Feb 2024
Generative AI – an early adopter’s experience
In this week’s Computer Weekly, as IT leaders start to implement GenAI in their organisations, we look at the experiences of one early adopter. Our latest buyer’s guide examines the key security trends for 2024. And Microsoft’s head of identity talks about a future without passwords. Read the issue now. Continue Reading
-
Feature
02 Feb 2024
UK police facial recognition explained: What you need to know
In this essential guide, Computer Weekly looks at the use of facial recognition technology by UK police forces, including the points of contention around its deployment so far and where it’s heading next Continue Reading
-
News
01 Feb 2024
US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers
The US government has succeeded in halting a botnet comprised of hundreds of end-of-life routers that posed a threat to critical national infrastructure (CNI) organisations in multiple countries Continue Reading
-
News
29 Jan 2024
Lords question legality of police facial recognition
Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability Continue Reading
-
News
26 Jan 2024
UK government consults on age verification tech in alcohol sales
The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales Continue Reading
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading
-
Feature
17 Jan 2024
Biometric revolution in IAM: The future of authentication
The IAM landscape is experiencing profound change thanks to the advent of biometrics. Learn about the latest advantages and key benefits of biometrics in identity Continue Reading
-
News
16 Jan 2024
Republic of Ireland publishes progress update on digital strategy
Update reveals 2.3 million people in Ireland now have MyGovID accounts, and the Irish government plans to launch a new digital portal for businesses, as well as establishing an AI advisory council imminently Continue Reading
-
News
15 Jan 2024
NCA director sacked after WhatsApp and email security breaches
Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp Continue Reading
-
News
12 Jan 2024
UK government seeks public views on impacts of AI-generated porn
The government’s Pornography Review will look in part at the use of AI throughout the industry to generate sexually explicit content without people’s consent Continue Reading
-
News
10 Jan 2024
SEC social media hack highlights value of MFA
The US SEC briefly appeared to approve new bitcoin trading rules after a social media account was targeted by troublemakers, proving the value of MFA once again Continue Reading
-
News
10 Jan 2024
Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill
The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK Continue Reading
-
News
27 Dec 2023
Top 10 police technology stories of 2023
Here are Computer Weekly’s top 10 police technology stories of 2023 Continue Reading
-
News
21 Dec 2023
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
-
Opinion
20 Dec 2023
What we learned in cyber in 2023, and what to look out for
PA Consulting's Rasika Somasiri looks back at a busy 12 months in the cyber security world, and highlights some key learnings from 2023 Continue Reading
-
Opinion
19 Dec 2023
Security Think Tank: Anytime, anywhere access is achievable
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
14 Dec 2023
The Security Interviews: Talking identity with Microsoft’s Joy Chik
Microsoft’s president of identity and network access, Joy Chik, joins Computer Weekly to discuss the evolving threat landscape in identity security, using innovations in artificial intelligence to stay ahead, and advocating for the coming passwordless future Continue Reading
-
News
12 Dec 2023
Top IT predictions in APAC in 2024
Generative AI will continue to leave its mark on many areas in business and IT, along with other trends such as sustainability, cyber security and smart factories that are expected to shape the region’s technology landscape in 2024 Continue Reading
-
News
01 Dec 2023
Human augmentation tech requires dual use oversight
Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO Drone Wars UK Continue Reading
-
News
01 Dec 2023
The Security Interviews: Mark McClain, SailPoint Technologies
SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come Continue Reading
-
News
29 Nov 2023
Scope of Okta helpdesk breach widens to impact all users
Okta has widened the scope of the October breach of its systems to include every customer that has used its helpdesk service, after new information came to light Continue Reading
-
Definition
28 Nov 2023
privileged identity management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments. Continue Reading
-
Feature
27 Nov 2023
How passwordless authentication aids identity security
Enterprise Strategy Group's Jack Poller discusses survey results on user authentication practices and explains the security benefits of passwordless methods. Continue Reading
-
News
24 Nov 2023
UK police plan national roll-out of facial-recognition phone app
UK police chiefs plan to expand use of facial-recognition technology through a nationwide roll-out of mobile-based tools and increases in retrospective facial-recognition, but oversight problems persist Continue Reading
-
News
23 Nov 2023
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities Continue Reading
-
News
22 Nov 2023
An inside look at a Scattered Spider cyber attack
Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated Continue Reading
-
Definition
21 Nov 2023
possession factor
The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software token. Continue Reading
-
News
21 Nov 2023
Canada’s Mounties among government employees hit by LockBit
A LockBit attack on a specialist supplier of relocation services has engulfed multiple government agencies in Canada Continue Reading
-
News
16 Nov 2023
Outgoing police tech watchdog warns of declining oversight
The outgoing biometrics and surveillance camera commissioner for England and Wales discusses police deployment of powerful new surveillance technologies, and the declining state of oversight in this area Continue Reading
-
Definition
09 Nov 2023
mandatory access control (MAC)
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system. Continue Reading
-
News
06 Nov 2023
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account Continue Reading
-
News
02 Nov 2023
EU digital ID reforms should be ‘actively resisted’, say experts
Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security Continue Reading
-
News
27 Oct 2023
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft Continue Reading
-
News
25 Oct 2023
Demystifying the top five OT security myths
Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems Continue Reading
-
News
25 Oct 2023
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems Continue Reading
-
Definition
20 Oct 2023
soft token
A soft token is a software-based security token that generates a single-use login personal identification number (PIN). Continue Reading
-
20 Oct 2023
How to tame the identity sprawl
Organisations should find a comprehensive way to gain full visibility into their digital identities and leverage automation to tame the identity sprawl. Continue Reading
-
20 Oct 2023
CyberArk eyes growth beyond PAM
Aaron Tan examines CyberArk’s exponential growth in the broader identity security market. Continue Reading
-
E-Zine
20 Oct 2023
CW APAC: Buyer’s guide to IAM
Identity access management tools are proving pivotal in the race to outwit cyber criminals. In this handbook, focused on IAM in the Asia-Pacific region, Computer Weekly takes a closer look at their capabilities, CyberArk’s growth, the uses of automation and how ForgeRock enhances user experience. Continue Reading
-
20 Oct 2023
APAC guide to identity and access management
The rise of identity-based attacks is fuelling investments in identity and access management tools. Continue Reading
-
News
19 Oct 2023
Loughborough Uni to create five cyber AI research posts
Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security Continue Reading
-
Definition
18 Oct 2023
Google Authenticator
Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure resources. Continue Reading
-
Definition
17 Oct 2023
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser. Continue Reading
-
Feature
11 Oct 2023
Preparing IT security for the age of quantum computing
We look at what progress is being made to ensure digital communications remain secure as quantum computers make an entrance Continue Reading
-
Definition
10 Oct 2023
password entropy
Password entropy is a measurement of a password's strength based on how difficult it would be to crack the password through guessing or a brute-force attack. Continue Reading
-
News
10 Oct 2023
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m Continue Reading
-
Definition
06 Oct 2023
risk-based authentication (RBA)
Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise. Continue Reading
-
News
05 Oct 2023
Policing minister wants to use UK passport data in facial recognition
The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales Continue Reading
-
News
04 Oct 2023
Lloyds Bank launches digital identity app
Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm Continue Reading
-
E-Zine
03 Oct 2023
Where next for quantum computing?
In this week’s Computer Weekly, we talk to the head of Amazon’s Braket quantum computing services about how the technology is progressing. We go behind the scenes at an ethical hacker event to find out how bug bounty programmes work. And we analyse the offerings of the major players in software-defined storage. Read the issue now. Continue Reading
-
News
28 Sep 2023
Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app
The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps Continue Reading
-
News
28 Sep 2023
Security and risk management spending to grow 14% next year
Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024 Continue Reading
-
Definition
26 Sep 2023
Protected Extensible Authentication Protocol (PEAP)
Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks. Continue Reading
-
News
26 Sep 2023
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report Continue Reading
-
E-Zine
26 Sep 2023
Preparing for post-quantum cryptography
In this week’s Computer Weekly, our latest buyer’s guide assesses the challenges for cryptography in the emerging era of quantum computing. Google Cloud experts explain how the internet giant is preparing its datacentres for a world of AI. And we examine the privacy, compliance and backup issues from generative AI. Read the issue now. Continue Reading
-
News
19 Sep 2023
Okta confirms link to cyber attacks on Las Vegas casinos
Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed Continue Reading
-
News
19 Sep 2023
38TB Microsoft data leak highlights risks of oversharing
An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing Continue Reading
-
Opinion
19 Sep 2023
Ending the online fraud epidemic
A different approach to managing personal data across the web is possible - and it could minimise online fraud, boost e-commerce, and help make the web more secure. So why isn't the government doing it? Continue Reading
-
Feature
18 Sep 2023
APAC guide to identity and access management
The rise of identity-based attacks is fuelling investments in identity and access management (IAM) tools. We examine the key capabilities of IAM, discuss implementation best practices, and explore the future of this technology Continue Reading
-
News
15 Sep 2023
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers Continue Reading
-
News
15 Sep 2023
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force Continue Reading
-
News
13 Sep 2023
Storm-0324 gathers over Microsoft Teams
An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks Continue Reading
-
News
13 Sep 2023
How DocuSign is extending its capabilities beyond e-signatures
DocuSign is harnessing large language models to help individuals make sense of agreements and employing AI-based biometrics to verify the identity of signers, as part of its broader efforts to expand its capabilities beyond electronic signatures Continue Reading
-
Podcast
12 Sep 2023
Podcast: ‘Data first’ a key principle of digital transformation
Chris Gorton of Syniti says organisations should put data first during digital transformation projects, and that means getting data quality, access rights and governance right Continue Reading
-
News
08 Sep 2023
Sensitive NatWest customer files set to be returned after High Court agreement
Sensitive NatWest customer files set to be secured by bank after years in the home of a data breach whistleblower Continue Reading
-
News
08 Sep 2023
HGS to provide contact centre support for One Login
The partnership between the Government Digital Service and Hinduja Global Solutions will see the supplier provide contact centre services for the digital identity platform Continue Reading
-
News
07 Sep 2023
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks Continue Reading
-
News
06 Sep 2023
Meet the professional BEC op that targeted Microsoft 365 users for years
The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers Continue Reading
-
News
06 Sep 2023
Okta customers targeted in new wave of social engineering attacks
Authentication specialist Okta has warned customers to be on alert for a campaign of social engineering attacks exploiting highly privileged users Continue Reading