Security policy and user awareness
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
Opinion
19 Nov 2024
Underfunded, under pressure: We must act to support cyber teams
With almost half of cyber pros experiencing more incidents this year, security leaders say their teams are coming under increasing strain. Businesses must be more proactive approach about building a resilient, future-ready workforce Continue Reading
-
Opinion
10 Jan 2020
Learning from the Travelex cyber attack: Failing to prepare is preparing to fail
The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department Continue Reading
-
Opinion
10 Jan 2020
Security Think Tank: Hooded hackers? More like ruthless competitors
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
09 Jan 2020
Travelex hackers threaten to sell credit card data on dark web
Sodinokibi cyber gangsters have threatened to sell Travelex customers’ private data on a Russian underground cyber crime forum if it fails to pay a $6m ransom Continue Reading
-
News
09 Jan 2020
Don’t become the next Travelex: Get ready for ransomware
With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident Continue Reading
-
News
09 Jan 2020
PowerTrick backdoor used to target high-value businesses
Threat actors are exploiting a PowerShell-based backdoor called PowerTrick to go after high-value targets, warns SentinelLabs Continue Reading
-
Feature
09 Jan 2020
Whisper it… but could a cyber attack be good for your career?
All too often it’s the CISO who carries the can for an enterprise security failure, but this might not be a bad thing. There’s lots of evidence to suggest that falling victim to a cyber attack may actually enhance your CV Continue Reading
-
News
09 Jan 2020
New GDPR service aims to ease compliance challenges
Security consultants claim their software platform will address a pressing need for an effective and efficient means of complying with data protection rules Continue Reading
-
Opinion
09 Jan 2020
Security Think Tank: Changing attitudes to cyber is a team sport
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
08 Jan 2020
Half of UK citizens want tighter data regulations
Over 50% of UK citizens believe the gathering and use of personal data should be subject to more stringent government oversight, according to Fujitsu Continue Reading
-
News
08 Jan 2020
TikTok video-sharing app left user data exposed
Check Point uncovered serious vulnerabilities in the TikTok video-sharing app that left users exposed Continue Reading
-
Opinion
08 Jan 2020
Security Think Tank: Hero or villain? Creating a no-blame culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
07 Jan 2020
Facebook to ban deepfake videos
New policy closes some loopholes around misinformation, but seems to leave others wide open Continue Reading
-
Opinion
07 Jan 2020
Security Think Tank: Get your users to take pride in security
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
06 Jan 2020
Iran likely to hit back with cyber attacks, security experts warn
The possibility of cyber attack by threat groups acting on behalf of the Iranian government has dramatically increased following US actions in Iraq Continue Reading
-
Opinion
06 Jan 2020
Security Think Tank: Let’s call time on inciting fear among users
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
News
03 Jan 2020
Suspected ransomware attack causes worldwide disruption for Travelex
Travelex switches off computer systems and resorts to cash-only currency sales after malware attack. Insiders claim the currency exchange chain has been hit by ransomware which has left critical files containing customer data encrypted Continue Reading
-
Opinion
03 Jan 2020
Security Think Tank: Put information at the heart of security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
03 Jan 2020
How Darktrace is riding the AI boom
Cyber security firm known for its artificial intelligence smarts doubled its headcount across Asia-Pacific last year in key markets including Australia and South Korea Continue Reading
-
News
02 Jan 2020
California’s CCPA an opportunity for security industry to do better
California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners Continue Reading
-
News
24 Dec 2019
Top 10 cyber crime stories of 2019
Here are Computer Weekly’s top 10 cyber crime stories of 2019 Continue Reading
-
News
23 Dec 2019
Top 10 cyber security stories of 2019
Here are Computer Weekly’s top 10 cyber security stories of 2019 Continue Reading
-
News
20 Dec 2019
Finnish government supports local authorities in cyber security initiative
The Finnish government has committed resources to a cyber security project aimed at local authorities Continue Reading
-
Blog Post
19 Dec 2019
20,000 new police will not make UK law enforcement fit for the Internet Age
Over a decade ago the EURIM-IPPR study into “Partnership Policing for the Information Society” identified that the police would never have more than a fraction of the resources necessary to address ... Continue Reading
-
Feature
19 Dec 2019
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
News
18 Dec 2019
Top 10 Australia IT stories of 2019
Here are Computer Weekly’s top 10 Australia IT stories of 2019 Continue Reading
-
Opinion
16 Dec 2019
Security Think Tank: Data-centric security requires a holistic approach
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
16 Dec 2019
Barco fixes ClickShare wireless flaw, but users still at risk
Supplier patches a major vulnerability in its popular ClickShare wireless presentation system with a firmware upgrade, but experts warn that users are not out of the woods yet Continue Reading
-
Opinion
16 Dec 2019
We can’t allow fake news and disinformation to upend our democracy
Fake news, misinformation and cyber attacks are part of our political process – now is the time to act Continue Reading
-
News
13 Dec 2019
Alarm bells ring, the IoT is listening
With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts Continue Reading
-
Opinion
13 Dec 2019
Security Think Tank: Data-centric security requires context and understanding
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
Opinion
11 Dec 2019
Security Think Tank: Risk-based response critical to protect data
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
09 Dec 2019
Public sector still losing user devices in high numbers
The Ministry of Justice has lost 354 smartphones, PCs, laptops and tablets in the past 12 months, according to a Freedom of Information request, and other government departments are in the same boat Continue Reading
-
News
09 Dec 2019
China bans foreign computing kit from government contracts
All government offices and public institutions must eliminate foreign hardware and software within three years, according to a leaked directive dubbed 3-5-2 Continue Reading
-
News
06 Dec 2019
How commodities firm ED&F Man solved its threat detection challenges
After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations Continue Reading
-
News
06 Dec 2019
Dutch government must facilitate and coordinate a broad eID system
The Dutch government should push for an electronic ID system for its citizens that works across the public and private sectors, according to a report Continue Reading
-
Opinion
06 Dec 2019
Security Think Tank: Is data more or less secure in the cloud?
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
Opinion
05 Dec 2019
Security Think Tank: Time for a devolution of responsibility
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
05 Dec 2019
Two Russians indicted over Dridex and Zeus malware
The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans Continue Reading
-
News
05 Dec 2019
Cyber Girls First volunteers encourage girls to think high-tech
More than 80 schoolgirls spent a day learning about computer hackers and rocket science – Cyber Girls First hopes they will become the next generation of technologists Continue Reading
-
News
05 Dec 2019
Black Hat Europe: Mental health websites are leaking user data
At Black Hat Europe in London, researchers reveal the extent to which confidential data is being leaked to third parties by online mental health websites Continue Reading
-
News
04 Dec 2019
Black Hat Europe: Red teams and blue teams must evolve in the 2020s
The red team versus blue team dichotomy is somewhat arbitrary and risks pigeonholing skilled security professionals into certain roles, says Facebook’s Amanda Rousseau Continue Reading
-
Opinion
04 Dec 2019
Security Think Tank: Optimise data-centric strategies with AI
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
Opinion
03 Dec 2019
Cyber security: How to avoid a disastrous PICNIC
Fieldfisher’s David Lorimer examines how individual employees often facilitate cyber attacks, and what can be done to reduce the risk Continue Reading
-
News
03 Dec 2019
Tenable buys Indegy to integrate IT and OT security
Acquisition of industrial security specialist Indegy will create a unified, risk-based platform spanning both IT and OT security for Tenable Continue Reading
-
Opinion
03 Dec 2019
Security Think Tank: In-depth protection is a matter of basic hygiene
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
03 Dec 2019
Chinese web users take more risks than Brits or Americans
A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation Continue Reading
-
News
02 Dec 2019
Top Android apps at risk from StrandHogg vulnerability
Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability Continue Reading
-
News
29 Nov 2019
TfL locks down Oyster accounts to ward off credential stuffing
Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019 Continue Reading
-
News
29 Nov 2019
Hack Friday: This Christmas, fight back against cyber criminals
It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene? Continue Reading
-
Feature
28 Nov 2019
Get ready for CCPA: Implications for UK businesses
The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the US? Continue Reading
-
News
28 Nov 2019
Top APAC security predictions for 2020
More attacks on critical infrastructure, supply chain vulnerabilities and file-less attacks are some of the security threats that enterprises should keep an eye on next year Continue Reading
-
News
26 Nov 2019
Enterprises muddled over cloud security responsibilities
A McAfee study suggests that 2020 will be a big year for cloud adoption, but confusion still persists over who is responsible for securing it Continue Reading
-
News
25 Nov 2019
Uber app exploit posed safety risk to passengers
A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel Continue Reading
-
News
25 Nov 2019
Conservatives propose national cyber crime force
Manifesto also says Tories would “empower the police to safely use new technologies like biometrics and artificial intelligence, along with the use of DNA, within a strict legal framework” Continue Reading
-
News
22 Nov 2019
Some 29,000 UK web domains suspended for criminal activity
Domain suspensions for criminal activity over the past year has dropped for the first time since 2014 Continue Reading
-
Opinion
21 Nov 2019
Security Think Tank: Stopping data leaks in the cloud
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
20 Nov 2019
Mimecast blocked 99 billion suspicious emails in third quarter
Latest threat intelligence report reveals the scale of the threat posed by malicious emails, with the transport, legal and financial sectors hit hardest Continue Reading
-
News
20 Nov 2019
Massive increase in fraud attacks on TSB customers during IT meltdown
There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018 Continue Reading
-
News
20 Nov 2019
Conservatives slammed over social media trickery
The Conservative Party has been caught spreading online disinformation during the General Election campaign for a second time Continue Reading
-
News
19 Nov 2019
Public sector risks downplayed by senior IT leaders
Sophos reveals a significant cyber security perception gap between senior IT and security leaders in the public sector and their front-line teams Continue Reading
-
News
14 Nov 2019
Cyber criminals tool up for Christmas fraud season
Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques Continue Reading
-
News
13 Nov 2019
Business leaders fibbing to cover up lax security posture
Nominet study finds evidence that many businesses tout the robustness of their security posture as a selling point even though their security teams lack confidence in themselves Continue Reading
-
News
13 Nov 2019
Attack on Labour shows need for DDoS defence but should alarm few
After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t Continue Reading
-
Feature
13 Nov 2019
Taking responsibility for security in the cloud
From accidental leaks to full-on data breaches, maintaining security across cloud services is becoming a headache for enterprises. What questions should organisations be asking of their cloud service provider and, ultimately, whose responsibility is cloud security anyway? Continue Reading
-
News
13 Nov 2019
Cyber risk insurance is more than just insurance
Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks Continue Reading
-
News
12 Nov 2019
Nordic SMEs lack the money needed for cyber security
Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country Continue Reading
-
News
12 Nov 2019
PCI DSS payment security compliance drops again
Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling Continue Reading
-
News
12 Nov 2019
‘Robust’ security foils cyber attack on Labour Party
Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked Continue Reading
-
News
12 Nov 2019
Shared responsibility model key to solving 5G security problem
Both buyers and sellers need to cooperate to solve the thorny issues around 5G security Continue Reading
-
News
08 Nov 2019
Security pros urged to get ahead of incoming BlueKeep exploits
The BlueKeep RDP vulnerability is beginning to be exploited in the wild, and security teams have no excuse for not trying to get in front of it, says Microsoft Continue Reading
-
Opinion
08 Nov 2019
Security Think Tank: Base cloud security posture on your data footprint
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
Opinion
07 Nov 2019
Security Think Tank: Cloud security is a shared responsibility
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
07 Nov 2019
Amazon Ring video doorbell flaw left users open to attack
A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks Continue Reading
-
Opinion
07 Nov 2019
Security in the supply chain – a post-GDPR approach
A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher's James Walsh reviews the fundamentals of supply chain security Continue Reading
-
News
06 Nov 2019
Trend Micro insider breach exposes need for data-centric protection
Simple measures could have saved consumer security product supplier from insider breach Continue Reading
-
Opinion
06 Nov 2019
What changes are needed to create a cyber-savvy culture?
PA Consulting's Cate Pye considers the people and process changes that are necessary to build a security aware business culture Continue Reading
-
Opinion
06 Nov 2019
Security Think Tank: Adapt security posture to your cloud model
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
Blog Post
05 Nov 2019
Making sense of the current UK Cybersecurity Skills scene
But that is for the future. For the here and now I strongly recommend participation in the DPA cybersecurity skill sub-group in order to make sense of what it happening and ensure that your needs, ... Continue Reading
-
Opinion
05 Nov 2019
Security Think Tank: The cloud needs security by design
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
05 Nov 2019
ICO launches data security campaign for UK General Election
Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes Continue Reading
-
Opinion
04 Nov 2019
Security Think Tank: Secure the cloud when negotiating contracts
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
04 Nov 2019
Sumo Logic buys into cloud security software market
Jask’s cloud-native autonomous security operations software will be integrated into Sumo Logic’s intelligence platform Continue Reading
-
Blog Post
03 Nov 2019
Insurability is the key to Cybermaturity
Most organisations are uninsurable. They spend large amounts on security products and services technology but they are not doing that which reduces the risk of a successful cyberattack, limits the ... Continue Reading
-
Opinion
01 Nov 2019
Security Think Tank: In the cloud, the buck stops with you
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
01 Nov 2019
Banks let customers down with mixed approaches to security
Treasury Committee report recommends new measures to tackle financial fraud Continue Reading
-
News
30 Oct 2019
What will succeed the National Cyber Security Strategy?
As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures Continue Reading
-
Opinion
28 Oct 2019
Security Think Tank: Embedding security in governance
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Feature
28 Oct 2019
Security puzzle calls for some joined-up thinking
The age of digitisation brings new risks to organisations, so security needs to be more integrated Continue Reading
-
Blog Post
24 Oct 2019
Hack the Kop – the Reds are sitting ducks
Liverpool may be flying high at the top of the Premier League table right now, but when they get home after a hard-fought 90 minutes, their fans are the most likely to have had their personal data ... Continue Reading
-
News
24 Oct 2019
Endpoint security is a procurement issue, says HP, IDC study
Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders Continue Reading
-
News
23 Oct 2019
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading
-
News
22 Oct 2019
Banks move to contain impact of Samsung biometric flaw
NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices Continue Reading
-
News
22 Oct 2019
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets Continue Reading
-
News
22 Oct 2019
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period Continue Reading
-
Blog Post
22 Oct 2019
Secure Bacon Butties With Gherkin But No Gherkins
Had my first visit to The Gherkin recently at a “mini” Netevents security briefing in London. I can certainly recommend the brioche-bun bacon butties with a view of the London rain from the 38th ... Continue Reading
-
News
22 Oct 2019
Over-30s tend to do better at cyber security than younger colleagues
Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security Continue Reading
-
News
21 Oct 2019
Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords Continue Reading
-
News
21 Oct 2019
Trend Micro buys cloud security firm to broaden offering
Acquisition of Cloud Conformity will address often overlooked cloud security fundamentals Continue Reading
-
News
21 Oct 2019
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots Continue Reading
-
News
18 Oct 2019
Huge rise in rogue banking apps driving fraud attacks
Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA Continue Reading