Security policy and user awareness
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
Opinion
19 Nov 2024
Underfunded, under pressure: We must act to support cyber teams
With almost half of cyber pros experiencing more incidents this year, security leaders say their teams are coming under increasing strain. Businesses must be more proactive approach about building a resilient, future-ready workforce Continue Reading
-
News
17 Oct 2019
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service Continue Reading
-
Opinion
17 Oct 2019
Security Think Tank: Focus on metrics to manage risk
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
News
16 Oct 2019
Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack Continue Reading
-
Opinion
16 Oct 2019
Security Think Tank: Embed security professionals in your risk strategy
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
15 Oct 2019
Attackers hunt iPhone jailbreakers in click fraud campaign
Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices Continue Reading
-
Opinion
15 Oct 2019
Security Think Tank: Risk management must go beyond spreadsheets
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Opinion
14 Oct 2019
Security Think Tank: Consider risk holistically, not just from an IT angle
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Feature
11 Oct 2019
McAfee’s push for secure cloud adoption
Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee Continue Reading
-
Feature
10 Oct 2019
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Opinion
09 Oct 2019
Small business guide: How to keep your organisation secure from fraudsters and hackers
Doing a few things well can keep your organisation protected from common cyber attacks and fraudsters Continue Reading
-
Opinion
09 Oct 2019
Security Think Tank: The operational approach to integrated risk management
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Opinion
08 Oct 2019
Security Think Tank: Get basic security policy right, and the rest will follow
Paying attention to basic aspects of cyber security such as policy and permission will give you a sold base to build from Continue Reading
-
Opinion
07 Oct 2019
Security Think Tank: Risk is unavoidable in digital transformation
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
03 Oct 2019
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year Continue Reading
-
News
03 Oct 2019
New threat group behind Airbus cyber attacks, claim researchers
Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore Continue Reading
-
News
27 Sep 2019
Nodersok malware campaign is infecting thousands, Microsoft warns
Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks Continue Reading
-
News
27 Sep 2019
Five million DoorDash customers’ details lost in data breach
Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen Continue Reading
-
News
27 Sep 2019
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to Continue Reading
-
News
24 Sep 2019
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee Continue Reading
-
News
24 Sep 2019
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading
-
News
18 Sep 2019
Universities tempting targets for cyber criminals, warns NCSC
As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack Continue Reading
-
News
18 Sep 2019
WannaCry variants accidentally protecting against WannaCry
New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection Continue Reading
-
News
18 Sep 2019
Emotet phishing botnet returns from summer vacation
The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers Continue Reading
-
News
17 Sep 2019
Ecuador citizens’ data breach holds lessons for enterprises
What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it? Continue Reading
-
Blog Post
17 Sep 2019
PSD2 security deadline extension is not a reason for further can kicking
The extension of a compliance deadline for PSD2 should not be a signal for banks to reduce preperations Continue Reading
-
News
16 Sep 2019
Ensign InfoSecurity opens global headquarters in Singapore
The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence Continue Reading
-
News
13 Sep 2019
European court to decide on legality of bulk phone and internet surveillance
The European Court of Justice will decide whether intelligence agencies across Europe can continue to lawfully collect the telephone and internet communications data of citizens, following a two-day hearing this week Continue Reading
-
Blog Post
12 Sep 2019
A Cybercommunity Safety Partnership to address On-line Harms and Abuse
We need voluntary co-operation to join up cybercommunity safety across silo boundaries without waiting for governments, regulators and lobbyists Continue Reading
-
News
11 Sep 2019
Nordic countries deepen collaboration with Estonia-based cyber security operation
Nordic countries are now working closer with Nato’s Estonia-based centre of excellence in cyber security Continue Reading
-
News
11 Sep 2019
GDPR non-compliance worse than feared
Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts Continue Reading
-
News
10 Sep 2019
UK calls for cyber capacity-building at UN security group
The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security Continue Reading
-
News
09 Sep 2019
Social engineering a factor in virtually all cyber attacks, report claims
Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint Continue Reading
-
News
06 Sep 2019
Australia government to chart 2020 cyber security strategy
Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint Continue Reading
-
News
05 Sep 2019
Singapore’s SecureAge eyes US market
The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan Continue Reading
-
News
02 Sep 2019
CISOs turn to AI, detection, response and education
Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows Continue Reading
-
News
30 Aug 2019
Social media and enterprise apps pose big security risks
The lack of security policies in many business applications is putting enterprise data at risk and social media apps are the biggest source of malware, a poll of IT professionals reveals Continue Reading
-
Blog Post
29 Aug 2019
Towards a joined-up Cybersecurity Policy
It is not enough to have policies that satisfy the conflicting requirements of the EU and US for data protection, including notification to attract fraudsters to the victims of a breach, like ... Continue Reading
-
News
29 Aug 2019
Finland’s security agencies collaborate after cyber attacks
National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure Continue Reading
-
News
28 Aug 2019
Targeted cyber attacks, including ransomware, on the rise
Governments and healthcare institutions are prime targets of ransomware operators, a report shows Continue Reading
-
Feature
28 Aug 2019
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading
-
News
28 Aug 2019
Most UK firms ignore security in tech investments
Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals Continue Reading
-
News
23 Aug 2019
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials Continue Reading
-
E-Zine
22 Aug 2019
CW Nordics: Copenhagen woos tech startups
Copenhagen offers all the advantages startups need to get off the ground and many are setting up with the intention of staying there for the long haul. Also read how shipping giant Maersk is employing a cloud-first strategy to disrupt competition and build innovation, and why three Finnish banks are sharing a core IT platform. Continue Reading
-
News
21 Aug 2019
Box aims to shield businesses from data loss threat
Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders Continue Reading
-
News
20 Aug 2019
Malware still top security threat, say infosec pros
Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows Continue Reading
-
Blog Post
19 Aug 2019
From Action Fraud to Action Plans
1 Action Fraud had an impossible task The Times undercover investigation at Action Fraud has led to a rash of publicity, both tabloid and professional . The only surprise is that it has taken so ... Continue Reading
-
News
15 Aug 2019
Australia needs to get digital identity right
A top Ping Identity executive urges Australia to put more focus on digital identity management following the government’s efforts to lay the groundwork for an open banking regime Continue Reading
-
News
15 Aug 2019
Most UK financial firms hit by cyber attack in the past year
The majority of UK financial companies are failing to prevent cyber security incidents, mainly because of employees failing to follow security policies and a lack of security budget, a survey reveals Continue Reading
-
News
14 Aug 2019
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading
-
News
14 Aug 2019
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading
-
Blog Post
13 Aug 2019
A new look at the Cybersecurity Skills Market
Hence the need to address the cyberskills for justice and deterrence , not just those for cyberwarfare, protection and surveillance. And the more widespread those skills, the more dangerous the ... Continue Reading
-
News
30 Jul 2019
Australian firms grappling with “train-smash” of security legislation
While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators Continue Reading
-
News
26 Jul 2019
86 million reasons to support No More Ransom
Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world Continue Reading
-
News
25 Jul 2019
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC
Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated Continue Reading
-
News
24 Jul 2019
Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine
Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission Continue Reading
-
E-Zine
23 Jul 2019
How Apollo 11 influenced modern computing
In this week’s Computer Weekly, on the 50th anniversary of the Moon landings we look at the influence Apollo 11 had on modern hardware and software. Our latest buyer’s guide examines data protection. And we find out how retailers with physical stores are using technology to respond to the rise of online shopping. Read the issue now. Continue Reading
-
Feature
19 Jul 2019
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
News
19 Jul 2019
HID weighs in the glacial move towards digital ID
There are still concerns over data integrity, security and privacy of digital identities, but the convenience of the technology outweighs the risks, says a HID expert Continue Reading
-
E-Zine
18 Jul 2019
CW ASEAN: Trend Watch – Security
Artificial intelligence tools are becoming a vital part of the security arsenal for organizations and cyber criminals alike. In this handbook, Computer Weekly looks at how ASEAN firms are using AI to combat cyber threats and experts discuss the latest smart cyber security tools. Continue Reading
-
E-Zine
18 Jul 2019
CW ANZ: Trend Watch – Security
With regulations pushing data protection up the business agenda, we look at how Australia’s Notifiable Data Breaches scheme has been received and consider why a survey that found Australian firms are experiencing fewer cyber breach incidents appears to conflict with anecdotal evidence that suggests the opposite. Continue Reading
-
News
18 Jul 2019
UK poor cyber security practice undermining controls
UK firms investing in the latest cyber security products and services risk this being undermined by poor security practices, a survey reveals Continue Reading
-
News
18 Jul 2019
Lateral phishing used to attack organisations on global scale
Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 email accounts Continue Reading
-
News
16 Jul 2019
Digital safety skills initiative launched against cyber crime
Security industry partners have launched an initiative aimed at raising individuals’ digital safety skills to enable them to protect themselves and their families from most common cyber attacks Continue Reading
-
News
15 Jul 2019
Organisations turn to AI in race against cyber attackers
Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks Continue Reading
-
News
15 Jul 2019
UK boards ignoring £30bn cyber risk
Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds Continue Reading
-
Podcast
02 Jul 2019
Podcast: The Computer Weekly Downtime Upload – Episode 22
In this week’s episode of the Computer Weekly Downtime Upload podcast, Brian McKenna, Caroline Donnelly and Clare McDonald talk about digital transformation in the NHS, Sky’s efforts to get more women working in tech and how big businesses could be risking extinction by ignoring IT Continue Reading
-
News
01 Jul 2019
Symantec gearing up for future cyber security
Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson Continue Reading
-
Feature
01 Jul 2019
Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data
Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading
-
News
28 Jun 2019
TIN coalition calls for industry action against cyber fraud
An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud Continue Reading
-
News
24 Jun 2019
Hospitality industry at highest risk of phishing
Benchmarking report shows average phish-prone percentage across all industries and sizes of organisations at 29.6% – up 2.6% since 2018 Continue Reading
-
Opinion
18 Jun 2019
Security Think Tank: Business needs to see infosec pros as trusted advisers
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
17 Jun 2019
Inside F5’s cyber security playbook
F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading
-
News
13 Jun 2019
UK firms need to address risky user habits
McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers Continue Reading
-
Blog Post
07 Jun 2019
Threat vs trust: the overlooked power of words
Words have power – in particular, your choice of words modifies how your readers or listeners react to what you write or say. Politicians do this sort of thing all the time, swapping one word or ... Continue Reading
-
Opinion
05 Jun 2019
Joining the dots to deliver effective cyber security
In too many organisations, cyber security is dislocated and siloed. Security chiefs need to take a more joined-up approach, but that is likely to mean a rethink of how the security team operates Continue Reading
-
Opinion
05 Jun 2019
Making threat intelligence greater than the sum of its parts
Organisations can become more secure if they join up their varied sources of intelligence about business threats, and avoid losing valuable information within individual silos Continue Reading
-
News
04 Jun 2019
Businesses investing blindly in cyber security
Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker Continue Reading
-
Blog Post
31 May 2019
Passing the baton on Cybersecurity Skills
This year will be the first time I visit Infosec with no agenda. Or to be more precise I will have a Community Safety rather than a Cybersecurity Skills Agenda. This has caused me to take a cool ... Continue Reading
-
Blog Post
29 May 2019
IT in the Tory Candidates' Manifestos
I added a comment on Dominic Rabb's inclusion of degree apprenticeships in his call for Fairness and Choice to my recent blog on the IfA apprenticeship review. In his opening campaign letter Rory ... Continue Reading
-
News
28 May 2019
Dutch IT security firm dumps corporate structure
Boss of Netherlands-based Computest turns to self-management model to make company more nimble Continue Reading
-
News
21 May 2019
Planned UK age verification checks risky for internet users
Proposed controversial online age verification checks could increase the risk of identity theft and other cyber crimes, warn security experts, who advise parents to set technological boundaries and ensure their families are aware of risks Continue Reading
-
News
16 May 2019
Trump bans ‘adversary’ tech from US telecoms in blow at Huawei
US president announced ban on telecoms equipment from designated “adversary” states, including China Continue Reading
-
Opinion
16 May 2019
Security Think Tank: Proper segregation is more important than ever
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
News
15 May 2019
Implement multifactor authentication, urges expert panel
Multifactor authentication should be a top priority for organisations to defend users from cyber attacks, coupled with zero-trust architecture and artificial intelligence-based technologies, says expert panel Continue Reading
-
News
14 May 2019
APAC firms on the back foot in cyber security
Most Asia-Pacific organisations did not consider cyber security until after their digital transformation projects had begun, new survey finds Continue Reading
-
News
10 May 2019
Key lessons from an ethical hacker
Understanding hacker techniques and processes is the best way to defend against cyber attacks, and focusing on business risks is the best way to get security budget, according to an ethical hacker Continue Reading
-
News
08 May 2019
Some Australian firms still in the dark about cyber security
A report suggesting Australian firms are experiencing fewer cyber incidents has left its co-author perplexed with the findings Continue Reading
-
News
08 May 2019
Cyber criminals targeting C-suite, DBIR shows
Executives and cloud-based services are gaining popularity as targets for cyber criminals, according to the latest data breach investigations report Continue Reading
-
News
07 May 2019
Privileged access management moving to cloud
Survey shows nearly half of information security professionals are either planning to move privileged access management to the cloud or are exploring the possibility Continue Reading
-
News
06 May 2019
AWS to power Australia’s 2021 online census
PwC Australia, one of two firms appointed by the government to run the next Census, will build and operate an online form and a website on Amazon Web Services Continue Reading
-
News
02 May 2019
Why IT departments miss basic IT security hygiene
IT departments are failing to patch security holes in software because of a disconnect between security and operations teams, survey finds Continue Reading
-
News
30 Apr 2019
Nearly half of UK IT pros report serious data breaches
Integration of security systems and employee training recognised as key ways to reduce the growing severity of data breaches Continue Reading
-
News
29 Apr 2019
Australians lost half a billion dollars to scams in 2018
Most of the losses went to investment scams as tricksters found innovative ways to dupe victims into parting with their money Continue Reading
-
News
26 Apr 2019
GDPR cases drive bigger budgets for Nordic regulators
High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding Continue Reading
-
News
20 Apr 2019
NCSC urges better online security practices
UK cyber security agency is urging citizens to improve online safety and password security after research reveals most-hacked passwords and a survey exposes gaps in online security Continue Reading
-
News
18 Apr 2019
Facebook leaks: Zuckerberg turned data into dollars in ruthless battle with competitors
Facebook’s CEO ruthlessly exploited personal data shared by its users to turn Facebook into the biggest social network, but internal documents show that privacy appeared to be an afterthought for executives Continue Reading
-
News
15 Apr 2019
How Palo Alto Networks fends off its cyber adversaries
Palo Alto Networks CIO Naveen Zutshi talks up the company’s approach in keeping threat actors at bay Continue Reading
-
Opinion
10 Apr 2019
Why cyber security needs to be prioritised at board level
Despite the rising number of headline-grabbing security breaches, many company executives are still not prioritising cyber security in the boardroom Continue Reading
-
News
08 Apr 2019
UK plans for online safety laws not enough, says BCS
Government plans for online safety laws need to be complemented with a national cyber safety programme in schools, according to IT and computer science professional and educational body Continue Reading
-
News
05 Apr 2019
London council fined by the ICO for disclosing personal information held on Met Police Gangs Matrix
The London Borough of Newham has been fined for disclosing the sensitive personal information of more than 200 individuals that police held information on Continue Reading