Regulatory compliance and standard requirements
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
-
News
15 Jul 2022
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
-
News
14 Jul 2022
Government pauses Online Safety Bill’s progress
The government has paused the Online Safety Bill’s journey towards becoming law, amid timetable pressure Continue Reading
-
News
14 Jul 2022
ICO wants to ‘empower people through information’
Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society Continue Reading
-
News
13 Jul 2022
ICO calls for review into government use of private email and WhatsApp messages
Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps Continue Reading
-
News
12 Jul 2022
Brits say social media must do more to block harmful content
UK citizens want social media companies to do more to prevent harmful content appearing on their platforms Continue Reading
-
Feature
12 Jul 2022
Ransomware and backup: Overcoming the challenges
Ransomware attacks that exfiltrate data don’t nullify the value of backups to restore from, but the challenges – such as not restoring corrupted data – require careful planning Continue Reading
-
News
12 Jul 2022
Singapore doubles down on OT security
The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state Continue Reading
-
Opinion
11 Jul 2022
Cyber insurance: An effective use of your scant security budget?
The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading
-
Feature
11 Jul 2022
Cyber insurance: Tips for keeping the right level of cover
Transferring risk to an insurer doesn’t mean you are risk-free – so what is not included in your cyber insurance cover? Continue Reading
-
News
08 Jul 2022
Sweden and GDPR – four years on
Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation Continue Reading
-
Opinion
08 Jul 2022
Lots to consider when buying cyber insurance, so do your homework
When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading
-
News
07 Jul 2022
UK government does not yet understand threat of technology to foreign policy
Select committee chair warns government that the threat posed to global security by malign actors influencing tech standards is no ‘dystopian fantasy’ Continue Reading
-
News
07 Jul 2022
MI5, FBI chiefs warn of Chinese cyber espionage threat
In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests Continue Reading
-
News
07 Jul 2022
UK signs ‘in principle’ data adequacy agreement with South Korea
Bilateral adequacy agreement will allow businesses to conduct cross-border data transfers with minimal restrictions Continue Reading
-
Opinion
07 Jul 2022
Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it
In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading
-
News
07 Jul 2022
Tech companies face pressure over end-to-end encryption in Online Safety Bill
An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services Continue Reading
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
-
News
05 Jul 2022
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams Continue Reading
-
News
05 Jul 2022
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country Continue Reading
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
04 Jul 2022
Government rejects Lords police tech inquiry recommendations
The government has largely rejected the findings and recommendations of a House of Lords inquiry into police tech, which called for an overhaul of how police deploy artificial intelligence and algorithmic technologies Continue Reading
-
Feature
01 Jul 2022
Tech sector efforts to root out forced labour are failing
Digitally mapping supply chains to identify forced labour and slavery is no longer a technology problem for the IT sector, but a lack of government enforcement and corporate inaction are major barriers to effective change Continue Reading
-
Opinion
01 Jul 2022
Security Think Tank: Now is the time to think about cyber insurance
Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs Continue Reading
-
News
30 Jun 2022
ICO to cut back on fines for public sector data breaches
Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over Continue Reading
-
News
29 Jun 2022
Urgent need for new laws to govern biometrics, legal review finds
Independent review says new framework is needed to clear up legal and ethical concerns over the use of biometric data and technologies, which can impact privacy, freedom of expression and other human rights Continue Reading
-
Feature
29 Jun 2022
Backup maintenance: Five key points to consider
Effective backups need to ensure all data is protected, and to track media and software changes. We look at five key things to consider Continue Reading
-
News
29 Jun 2022
Spy agencies need ‘independent authorisation’ to access telecoms data, say judges
The High Court has ruled that UK intelligence agencies should seek independent authorisation before accessing phone and internet records during criminal investigations Continue Reading
-
News
28 Jun 2022
Proposed changes to copyright law open doors for AI data mining
Update to copyright law will mean researchers who already have access to data will not require extra permission from copyright owner to run data mining algorithms, removing barriers to artificial intelligence research and development Continue Reading
-
News
28 Jun 2022
Veritas aims at autonomous backup discovery and provisioning
Veritas bets on a backup platform that can discover all enterprise data – on-premise and in the cloud – and make its own decisions about the optimal place to store copies Continue Reading
-
News
27 Jun 2022
Commercial cyber products must be used responsibly, says NCSC CEO
NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel Continue Reading
-
News
27 Jun 2022
Brexit a net negative for UK cyber, say CISOs
Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe Continue Reading
-
E-Zine
24 Jun 2022
CW APAC: Tech career guide to cyber security
The demands placed on those fighting against hackers are constantly evolving. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at the skills required to make it in the industry, how Singapore’s critical systems remain protected, the short-term options for tech stack management and how organisations can support cyber professionals’ mental health. Continue Reading
-
Opinion
23 Jun 2022
Finding the balance between innovation and data security in healthcare
As the government launches its data strategy for health and social care, a fine line must be trodden between innovating through privacy-enhancing technologies, and retaining data security for patients Continue Reading
-
Opinion
23 Jun 2022
What will the Data Reform Bill mean for UK businesses operating in the EU?
Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading
-
Feature
23 Jun 2022
What the world can learn from Saudi Arabia’s fight against industrial control system attacks
Iran learned from attacks on its infrastructure and unleashed similar malware on Saudi Arabia. The world has now gained valuable lessons from the Saudi response Continue Reading
-
News
23 Jun 2022
FCA seeks more tech expertise in fight against fraud
UK financial services regulator wants technology professionals to join its team fighting online fraud Continue Reading
-
Opinion
23 Jun 2022
Germany – let’s stop debating data retention and start finding solutions
Germany has the opportunity to set the democratic precedent for ending the collection and retention of everybody’s call details record and metadata in the EU. It is time find real and effective solutions to crime Continue Reading
-
News
22 Jun 2022
Uber drivers strike over pay issues and algorithmic transparency
Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data Continue Reading
-
Opinion
22 Jun 2022
Why the world needs tech standards for UN Sustainable Development Goals
Chaesub Lee from the ITU argues that the world needs technology standards to address the UN’s Sustainable Development Goals Continue Reading
-
News
22 Jun 2022
NatWest files under whistleblower’s bed contain live customer data
Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’ Continue Reading
-
News
22 Jun 2022
How TDCX is building a people-centric business
Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading
-
Opinion
21 Jun 2022
We’re all technologists now – the powerful impact of low-code platforms
Low-code platforms are bringing a shift in how organisations develop and use technology – and it’s the job of the CIO to let it happen in a controlled, secure and connected fashion Continue Reading
-
News
21 Jun 2022
Government won’t regulate on professional cyber standards
The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession Continue Reading
-
News
20 Jun 2022
Lords move to protect cyber researchers from prosecution
A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their work Continue Reading
-
Feature
17 Jun 2022
What the EU’s content-filtering rules could mean for UK tech
EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector Continue Reading
-
News
17 Jun 2022
Government responds to Data Reform Bill consultation
Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit Continue Reading
-
Opinion
17 Jun 2022
Consider governance, coordination and risk to secure supply chain
A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
-
News
13 Jun 2022
UK, US prepare to launch PET project
A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin Continue Reading
-
News
13 Jun 2022
New UK digital strategy aims to secure future growth for £150bn digital economy
Government publishes plan that brings together existing and new initiatives intended to expand the digital sector and help to establish the UK as a ‘superpower’ in science and tech Continue Reading
-
News
13 Jun 2022
Health data strategy to exorcise ghosts of GPDPR
Government publishes a revised data in health strategy, with an emphasis firmly on preserving the integrity and privacy of patients’ confidential information Continue Reading
-
News
13 Jun 2022
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading
-
News
10 Jun 2022
ICO fails to disclose majority of reprimands issued under GDPR
London law firm Mishcon de Reya forces disclosure of reprimands issued to organisations by the Information Commissioner’s Office for contraventions of UK data protection law Continue Reading
-
News
09 Jun 2022
SolarWinds CEO offers to commit staffers to government cyber agencies
A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response Continue Reading
-
News
07 Jun 2022
Software house Mega achieves holistic SaaS security with Synopsys
Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards Continue Reading
-
Feature
07 Jun 2022
APAC buyer’s guide to backup and recovery software
In this buyer’s guide, learn more about the market for backup and recovery software and key data protection capabilities to look for Continue Reading
-
News
01 Jun 2022
EU must stand ground on cyber security, says Finland’s WithSecure
Russian threat is serving to focus minds on cyber security across Europe, say executives at enterprise security company’s inaugural conference Continue Reading
-
Opinion
01 Jun 2022
What does the EU’s NIS 2 cyber directive cover?
We run the rule over the European Union’s updated NIS2 security directive Continue Reading
-
Opinion
31 May 2022
The importance of making information security more accessible
Robin Smith, CSO of Aston Martin Lagonda, talks about how an accessible approach to cyber is helping him to keep the organisation secure Continue Reading
-
News
31 May 2022
Industrial systems not safe for the future, say Dutch ethical hackers
Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations Continue Reading
-
Opinion
31 May 2022
Mobile digital transformation – from fast to deep
The first half of 2022 has been a busy time, with much happening in the mobile industry. We consider what the rest of year might hold Continue Reading
-
News
30 May 2022
ICO calls for police to end ‘excessive collection’ of personal data from rape and assault victims
The UK’s information commissioner, John Edwards, has called for prosecutors and police to end the excessive collection of personal data from victims of rape and serious sexual assault Continue Reading
-
Opinion
27 May 2022
Consistency is key to mitigate outsourcing risk
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
Opinion
26 May 2022
Security Think Tank: Core security processes must adapt in a complex landscape
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
26 May 2022
Two-thirds of UK organisations defrauded since start of pandemic
Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report Continue Reading
-
News
25 May 2022
Rubrik charts data security path
Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats Continue Reading
-
News
24 May 2022
ICO orders facial recognition firm Clearview AI to delete all data about UK residents
UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world Continue Reading
-
Opinion
23 May 2022
Security Think Tank: Understanding attack paths is a question of training
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
19 May 2022
Defensive cyber attacks may be justified, says attorney general
Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable Continue Reading
-
News
19 May 2022
Deliveroo accused of ‘soft union busting’ with GMB deal
Smaller grassroots unions have criticised Deliveroo and GMB for making a “hollow” deal that will ultimately undermine workers’ self-organising efforts Continue Reading
-
News
19 May 2022
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading
-
News
19 May 2022
Singapore opens security testing centre
Joint centre set up by the Cyber Security Agency of Singapore and a local university will facilitate security testing and train security evaluation talent Continue Reading
-
Opinion
18 May 2022
Security Think Tank: To follow a path, you need a good map
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
17 May 2022
Australian CISOs least prepared for cyber attacks
Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds Continue Reading
-
News
16 May 2022
Europol gears up to collect big data on European citizens after MEPs vote to expand policing power
The European Parliament has voted to expand Europol’s role, legalising its processing of bulk datasets containing personal information and endorsing research into predictive policing technologies Continue Reading
-
News
16 May 2022
Keeping Singapore’s critical systems secure
Tracy Thng offers a glimpse into her work in strengthening the cyber resilience of 11 essential service sectors in Singapore Continue Reading
-
News
12 May 2022
GPDPR data scrape a ‘mistake’, says leading scientist
Giving evidence to the Science and Technology Committee, academic, physician and science writer Ben Goldacre has expressed serious misgivings about the on-hold GPDPR NHS data scrape Continue Reading
-
News
11 May 2022
CyberUK 22: Five Eyes focuses on MSP security
The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves Continue Reading
-
News
11 May 2022
CyberUK 22: Data-sharing service to protect public from scams
A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading
-
News
11 May 2022
Cyber accreditation body Crest forges new training partnerships
Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills Continue Reading
-
News
11 May 2022
Nationwide stops thousands more attempted frauds with Strong Customer Authentication
Nationwide Building Society is blocking an additional 2000 attempted online shopping frauds a month through extra checks Continue Reading
-
News
11 May 2022
EU plans to police child abuse raise fresh fears over encryption and privacy rights
Draft regulation unveiled today will require internet and messaging firms to use algorithms to identify grooming and child abuse or face heavy fines Continue Reading
-
News
10 May 2022
CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy
On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy Continue Reading
-
News
10 May 2022
CyberUK 22: Wales splashes £9.5m on cyber innovation hub
A new innovation hub hopes to spur on cyber security innovation in Wales Continue Reading
-
News
06 May 2022
UK digital markets regulator to be given statutory powers
Digital Markets Unit will be put on statutory footing by UK government to ensure technology giants do not abuse market power, but announcement comes with no clear indication of when legislation will be introduced Continue Reading
-
Feature
05 May 2022
Disaster recovery is an essential service for EDF with Phenix-IT
EDF has built disaster recovery tracking, planning and testing software on a six-month upgrade cycle based on governance, risk and compliance functionality in Mega’s Hopex platform Continue Reading
-
News
04 May 2022
UK government puts pressure on IT sector to clean up app security
Apps can be exploited to carry malicious payloads that steal personal information and cause financial loss – and not enough is being done to secure them Continue Reading
-
Podcast
29 Apr 2022
Podcast: War, geo-political risk, data storage and compliance
We talk to Mathieu Gorge, CEO of Vigitrust, about impacts on compliance and data storage from instability in geo-political events, such as the Russian invasion of Ukraine Continue Reading
-
News
28 Apr 2022
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading
-
News
26 Apr 2022
Coralogix makes foray into cyber security with Snowbit
Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent Continue Reading
-
E-Zine
26 Apr 2022
The latest salary trends for IT professionals
In this week’s Computer Weekly, the results of our annual salary survey show pay returning to pre-pandemic levels and work-life balance a growing consideration. As sustainability becomes a critical issue, we look at how datacentres can meet emissions targets. And we find out how IT leaders can help protect children online. Read the issue now. Continue Reading
-
News
22 Apr 2022
How Adnovum is leveraging its Swiss roots
Software company Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security Continue Reading
-
News
22 Apr 2022
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading
-
News
22 Apr 2022
Finance regulator identifies challenger bank financial crime weaknesses
Financial Conduct Authority review finds challenger banks need to do more to prevent their platforms being used to commit financial crime, such as money laundering Continue Reading
-
News
21 Apr 2022
Five Eyes in new Russia cyber warning
Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure Continue Reading
-
News
20 Apr 2022
One-third of scams that hit TSB are impersonation fraud
TSB reports an increase in fraudsters impersonating trusted organisations to trick consumers into making payments to them Continue Reading
-
News
14 Apr 2022
Lack of expertise hurting UK government’s cyber preparedness
UK government bodies and critical infrastructure owners cite a lack of staff resources, and internal and external expertise, as hampering factors when it comes to cyber readiness, according to a report Continue Reading
-
News
14 Apr 2022
Government agrees bulk surveillance powers fail to protect journalists and sources
Campaign group Liberty to launch legal appeal that will call for journalists to receive stronger legal protections from state surveillance Continue Reading
-
News
13 Apr 2022
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading
-
News
12 Apr 2022
Universal IAM policy failings put cloud environments at risk
Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study Continue Reading