In Depth
In Depth
IT risk management
-
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
LLMs explained: A developer’s guide to getting started
A guide to help enterprise developers use large language models securely, efficiently and cost-effectively in their applications Continue Reading
-
Gartner: Three top trends in cyber security for 2024
IT security will be influenced by generative AI, identity and access management, and continuous threat exposure management Continue Reading
-
Trends driving cyber security in 2024
While cyber security breaches are not going away, emerging threats are driving new and innovative approaches to IT security Continue Reading
-
UK police facial recognition explained: What you need to know
In this essential guide, Computer Weekly looks at the use of facial recognition technology by UK police forces, including the points of contention around its deployment so far and where it’s heading next Continue Reading
-
Biometric revolution in IAM: The future of authentication
The IAM landscape is experiencing profound change thanks to the advent of biometrics. Learn about the latest advantages and key benefits of biometrics in identity Continue Reading
-
Cloud-to-cloud backup: What it is and why you (probably) need it
Basic cloud data protection is just not enough. Several loopholes leave business data vulnerable and that means additional cloud-to-cloud backup should be seriously considered Continue Reading
-
British Library cyber attack explained: What you need to know
In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
-
Decoding zero trust in endpoint security: A practical guide for CISOs
The exponential increase in endpoints has vastly expanded the average organisation’s attack surface – address this by applying zero-trust best practice to endpoints Continue Reading
-
How to recover systems in the event of a cyber attack
Recovering compromised systems after a cyber attack isn’t easy, but understanding industry best practice offers a template for the key processes to follow Continue Reading
-
Five key questions about disaster recovery as a service
Disaster recovery as a service builds recovery data and systems into the cloud, accessible from anywhere. We look at the difference vs cloud backup, DRaaS use cases, the cost, and the firms that provide it Continue Reading
-
Ransomware: All the ways you can protect storage and backup
We survey the key methods of ransomware protection, including immutable snapshots, anomaly detection, air-gapping, anomaly detection, and supplier monetary guarantees Continue Reading
-
Automated cloud IR: Empowering cyber with AI-powered playbooks
As cyber threats increasingly target cloud infrastructure, demand for robust and reliable incident response measures is through the roof. Find out why you might want to consider bringing artificial intelligence into play Continue Reading
-
Toyota car plant outage shows database capacity planning is vital
How could database deletes and re-organisation take out car production for 36 hours at 14 plants? We drill down into the details of database capacity planning Continue Reading
-
AI-powered cloud SIEM: Real-time threat intel boosts defences
Thanks to their advanced data analysis and predictive capabilities, AI and ML will be valuable protective tools going forward. Learn about the potential of AI-backed cloud SIEM technology Continue Reading
-
SME disaster recovery: Five key points to consider
We look at key DR considerations for SMEs, including RPOs, RTOs, infrastructure needed for effective continuity and the right combination of cloud and in-house provision Continue Reading
-
Handbook helps Dutch organisations migrate to quantum-safe communication
Organisations must start implementing new cryptography standards – as migration is a lengthy process Continue Reading
-
What the Product Security and Telecommunications Infrastructure Act means for UK industry
For years, many network-connected devices have lacked adequate security, putting their users and others at risk of cyber attacks. The UK’s PSTI Act aims to prevent this by mandating minimum security requirements, but what impact will this have on ... Continue Reading
-
Generative AI: Data privacy, backup and compliance
We look at generative AI and the risks it poses to data privacy for the enterprise, implications for backup, and potentially dangerous impacts on compliance Continue Reading
-
ChatGPT is creating a legal and compliance headache for business
ChatGPT’s increased use in the workplace has led many to question its legal and compliance implications for businesses. Experts warn that the software poses major security and copyright risks Continue Reading
-
Building a secure coding philosophy
A proportion of cyber security spend goes towards securing application development. Software teams are also budgeting for IT security Continue Reading
-
Why we need advanced malware detection with AI-powered tools
AI-powered cyber security tools have now developed to a point where they are becoming an effective approach to protecting the organisation. Learn how you can benefit from adopting them Continue Reading
-
How AI ethics is coming to the fore with generative AI
The hype around ChatGPT and other large language models is driving more interest in AI and putting ethical considerations surrounding their use to the fore Continue Reading
-
Data classification tools: What they do and who makes them
Data classification is necessary for all organisations for reasons that range from simply putting data on the most cost-efficient media to ensuring legal and regulatory compliance Continue Reading
-
Why IAM systems are crucial for securing multicloud architecture
As business tools evolve into cloud-based services, organisations are finding themselves becoming ever more reliant on the cloud, but how can data be secured across so many different platforms? Continue Reading
-
Securing your software supply chain
Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains Continue Reading
-
What can security teams learn from a year of cyber warfare?
With the passing of the first anniversary of Russia’s invasion of Ukraine, we reflect on the ongoing cyber war, and ask what security leaders can learn from the past 12 months Continue Reading
-
Accreditation key to enterprise security
We look at how industry-recognised certification enables security chiefs to improve the strength of their security team Continue Reading
-
The one problem with AI content moderation? It doesn’t work
The use of artificial intelligence for content moderation is likely to become more pronounced with the passage of the Online Safety Bill, but practitioners and experts question the efficacy of this approach Continue Reading
-
APAC buyer’s guide to SASE
In this buyer’s guide on secure access service edge services, we look at the benefits of the technology, key considerations and the market landscape Continue Reading
-
IT’s shift to the cloud: Veeam’s data protection report in detail
With half of servers in the cloud, most backup and nearly all disaster recovery cloud-centric, the shift to the cloud is significant – but container backup is one area that is yet to settle down Continue Reading
-
Securing low Earth orbit represents the new space race
The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges Continue Reading
-
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
A sticky story: How, and why, hackers love stickers on laptops
We’ve all seen laptops adorned with security stickers and in-jokes, but how did this cyber community trend get started, what does it signify, and what does it say about the humans behind the screens? Continue Reading
-
How gamifying cyber training can improve your defences
Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading
-
Ransomware: Practical tips to improve resiliency
With ransomware attacks on organisations increasing, the question is not if an attack will happen, but when. We look at ways to minimise the impact of such an attack Continue Reading
-
How to prepare for ransomware
What are the best practices you should use to protect against ransomware attacks and manage such attacks when they do happen? Continue Reading
-
Will the OCSF create an open and collaborative cyber industry?
The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption Continue Reading
-
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
Air gaps for backup and how they help against ransomware
The air gap is a basic of backups and storage. We look at what’s meant by an air gap, the rise of the logical air gap, and its place in the fight against ransomware Continue Reading
-
What to look for when taking out a cyber insurance policy
We look at the steps organisations need to take when buying cyber insurance Continue Reading
-
Cyber insurance: Tips for keeping the right level of cover
Transferring risk to an insurer doesn’t mean you are risk-free – so what is not included in your cyber insurance cover? Continue Reading
-
Cyber insurance: What does a CISO need to know?
We look at how the market for cyber insurance is evolving and how IT security chiefs can avoid buying the wrong level of cover Continue Reading
-
The cyber security impact of Operation Russia by Anonymous
The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading
-
Secure everything, not just the weakest link
The rise in cyber attacks on supply chains has expanded the role of IT security chiefs and the complexity of keeping organisations secure Continue Reading
-
What the world can learn from Saudi Arabia’s fight against industrial control system attacks
Iran learned from attacks on its infrastructure and unleashed similar malware on Saudi Arabia. The world has now gained valuable lessons from the Saudi response Continue Reading
-
Challenges of securing a software supply chain
The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain Continue Reading
-
What the EU’s content-filtering rules could mean for UK tech
EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector Continue Reading
-
IT departments need holistic circular economies to fight climate change
With sustainability moving up the boardroom agenda, IT managers should revamp procurement strategies to align with the principles of the circular economy, but what does this mean for managing the IT lifecycle? Continue Reading
-
Attack of the clones: the rise of identity theft on social media
The proliferation of social media has resulted in the rise of identity theft on these platforms, with accounts copied for fraudulent or malicious purposes. What can be done to mitigate it? Continue Reading
-
How to retain cyber talent in the Great Resignation
The cyber security industry is experiencing alarming rates of resignations, leaving organisations vulnerable to cyber attacks. How can we better retain cyber talent? Continue Reading
-
Recruitment risks: Avoiding the dangers of fraudulent candidates
Tech companies are seeing an increase in fraudulent job applications, with associated impacts on risk and cyber security. So how can organisations protect themselves from fraudulent applicants while ensuring they recruit the best talent? Continue Reading
-
How APAC organisations can mitigate edge security threats
The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks Continue Reading
-
Define RPO and RTO tiers for storage and data protection strategy
We look at RPO and RTO in defining data protection and disaster recovery strategies and how to specify tiers that reflect the importance of different systems in your organisation Continue Reading
-
It takes a village: Protecting kids online is everyone’s responsibility
The rapid uptake of smartphones among children has contributed to the increasing number of cases of cyber bullying and online grooming. Is this an educational issue or a cultural problem, and can modern enterprise help? Continue Reading
-
What neurodivergent people really think of working in cyber security
Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
-
Navigating PIPL: European businesses plot their next steps into China
How does China’s strict new Personal Information Protection Law impact European businesses? Continue Reading
-
Cloud-era disaster recovery planning: Assessing risk and business impact
In the first in a series on cloud-era disaster recovery, we provide a step-by-step guide to building firm foundations for the disaster recovery plan, with risk assessment and business impact analysis Continue Reading
-
Is the IT sector beset by fear-mongering?
The arms race between hackers and security teams has led to a plethora of new technologies, but it can be hard to differentiate between sensible cyber purchases and those that are promoted by exaggerating risk Continue Reading
-
Digital surveillance of remote workers may increase enterprise risk
From productivity tools to security threats, we explore how digital surveillance is forcing remote workers towards shadow IT Continue Reading
-
How to manage endpoint security in a hybrid work environment
The future of the workplace is clearly hybrid, but this has untold implications around endpoint security. How can businesses overcome these? Continue Reading
-
Immutable snapshots aim to neutralise ransomware
Snapshots – usually immutable anyway – get functionality to stop ransomware intruders moving or deleting snapshots, so customers know they have clean copies of data to restore from Continue Reading
-
Online Safety Bill puts user protection onus on platform providers
The Online Safety Bill will place new duties and responsibilities on online platforms accessible from the UK, but as it currently stands, it contains several grey areas Continue Reading
-
Back on the office network: What are the risks for mobile users?
Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading
-
Bridging the gender gap in cyber security
Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap Continue Reading
-
How do SOAR and SIEM services fare in a rapidly changing cyber threat landscape?
Given that cyber risks are rapidly growing in sophistication and number, we look at whether SIEM and SOAR security tools are still effective Continue Reading
-
Making a mark in cyber security
Claudean Zheng’s knack for hacking landed her a career in cyber security, one that has been dotted by stints in both public and private sectors Continue Reading
-
Considerations when deciding on a new SIEM or SOAR tool
A successful deployment of any security tool very much depends on the maturity of security processes in the organisation Continue Reading
-
When is SIEM the right choice over SOAR?
Better instrumentation leads to better IT security but monitoring can quickly overload IT teams. Automation can help, but it may not always be needed Continue Reading
-
Five ways to ensure remote working security and compliance
A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
-
Best practices for secure printing
The reality of a paperless office remains some way off, so printers are here to stay for a while. But their increasingly connected status means securing them should be a priority Continue Reading
-
How the pandemic changed backup
The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading
-
The rise and rise of supply chain attacks
Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains Continue Reading
-
What the Telecommunications (Security) Bill means for UK industry
The Telecommunications (Security) Bill is intended to reinforce the security of the UK telecommunications infrastructure, but what are the implications for industry? Continue Reading
-
How do I get my users to pay attention to security training?
As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees? Continue Reading
-
How GCHQ proposes to implement and use ethical AI
The rise of cyber crime and the escalating threat vectors facing the UK have led GCHQ to invest in automated threat detection and response systems to meet this challenge, as well as liaising with the private sector for the first time Continue Reading
-
Ecolabels and data sanitisation key to recycling and reusing IT assets
Ecolabels on hardware and data sanitisation of devices are key to recycling and reusing old IT equipment respectively, helping enterprises avoid unnecessary asset destruction and contributing to increasingly high levels of electronic waste globally Continue Reading
-
Backup appliances the hot topic for Pas-de-Calais fire brigade
With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
-
How to choose the right email security service for your organisation
With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider Continue Reading
-
Anti-money laundering technology must operate in a collaborative ecosystem
With new technologies making it easier for banks to spot money laundering activity, we look at why the problem persists at scale, finding that ecosystems and collaborative processes need to be built Continue Reading
-
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on Continue Reading
-
Dealing with the challenge of beg bounties
The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
-
Is it time to ban ransomware insurance payments?
The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track? Continue Reading
-
How can healthcare organisations fight increased cyber crime in 2021?
As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
-
Picking the right IAM tools is based on more than today’s needs
With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure ... Continue Reading
-
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
Post-pandemic approaches to IAM for cloud security
Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading
-
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
How to build an effective vulnerability management programme
As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat Continue Reading
-
DDoS mitigation strategies needed to maintain availability during pandemic
The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions... Continue Reading
-
Why securing the DNS layer is crucial to fight cyber crime
Domain name system security is often overlooked by organisations, but focusing on this layer could actually improve the effectiveness of cyber security strategies. We explore the latest DNS trends and best practice Continue Reading
-
Double extortion ransomware attacks and how to stop them
As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks Continue Reading
-
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
How to achieve resilience – the modern uptime trinity
IT leaders can take responsibility for ensuring their organisations are resilient during times of crisis. There are no quick fixes, but if you think it is expensive to ensure resilience in your IT systems, try frequent failure instead Continue Reading
-
Intelligent ways to tackle cyber attack
Artificial intelligence-powered security tools should enable IT security teams to achieve more with less Continue Reading
-
Black Lives Matter, but do bots know that?
The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed Continue Reading
-
APT groups’ mobile momentum finally faces resistance
State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back Continue Reading
-
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading