In Depth
In Depth
IT risk management
-
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
Malaysia’s data protection practices still have some way to go
Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach Continue Reading
-
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
A carrot-and-stick approach to fixing cyber security complacency
With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it Continue Reading
-
How APAC firms are coping with the Covid-19 outbreak
The air of change looms large in companies operating in the Asia-Pacific region, with some doing better than others in keeping the lights on amid the coronavirus pandemic Continue Reading
-
Malaysia’s business continuity planning readiness a mixed bag
Larger Malaysian enterprises have BCP in place, but SMEs lag behind and will find it harder to weather the Covid-19 storm Continue Reading
-
Why security validation matters
FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape Continue Reading
-
The AWS bucket list: Keep your cloud secure
Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter Continue Reading
-
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
Choosing the right disaster recovery for your business
We look at the various options available when implementing disaster recovery, and how much they’re worth Continue Reading
-
DRaaS decisions: Key choices in disaster recovery as a service
We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources Continue Reading
-
Whisper it… but could a cyber attack be good for your career?
All too often it’s the CISO who carries the can for an enterprise security failure, but this might not be a bad thing. There’s lots of evidence to suggest that falling victim to a cyber attack may actually enhance your CV Continue Reading
-
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
Get ready for CCPA: Implications for UK businesses
The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the... Continue Reading
-
Taking responsibility for security in the cloud
From accidental leaks to full-on data breaches, maintaining security across cloud services is becoming a headache for enterprises. What questions should organisations be asking of their cloud service provider and, ultimately, whose responsibility is... Continue Reading
-
Making the case for integrated risk management
Security experts discuss how an integrated approach to risk and governance can be effectively managed Continue Reading
-
Security puzzle calls for some joined-up thinking
The age of digitisation brings new risks to organisations, so security needs to be more integrated Continue Reading
-
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Inside blockchain and its various applications
We explore the technology around blockchain shaping how businesses use data Continue Reading
-
How to mitigate IoT security risks to tap business benefits
Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk Continue Reading
-
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading
-
How to bolster IAM strategies using automation
Identity and access management processes and technologies play an important role in security strategies, but organisations and IT professionals need to ensure these strategies are robust enough to deal with new threats Continue Reading
-
Enhancing business purpose with privacy compliance
Computer Weekly looks at the importance of building on basic GDPR compliance and making privacy a key foundation of business culture Continue Reading
-
Developing innovative security analytics approaches in the digital age
With security threats growing in scale and complexity, security analytics provide a way for IT teams to stay one step ahead of cyber attackers. The challenge is to ensure this technology continues to be effective in the face of new security ... Continue Reading
-
Think beyond tick-box compliance
A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value Continue Reading
-
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
APAC IoT adoption improves amid challenges
More enterprises across the region are using the internet of things to track fleet vehicles and improve operations, but technology integration and security concerns are still holding back widespread adoption Continue Reading
-
Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data
Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading
-
How to get the basics of mobile device management right the first time
When adopting mobile device management, there are often fears around implementation and whether or not the strategy is even required Continue Reading
-
How facial recognition technology threatens basic privacy rights
As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check Continue Reading
-
Disaster planning: How to expect the unexpected
Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities Continue Reading
-
Data governance: The importance of getting it right
With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed Continue Reading
-
Vulnerability assessment done. Now what?
Vulnerability assessment establishes the current state of an organisation’s cyber security, but to meet industry best practices, companies should go beyond that to achieve continuous improvement Continue Reading
-
Debugging bug bounty programmes
Bug bounty programmes have recently become a popular method of vulnerability management, but poor programme management can lead to development teams becoming overwhelmed and bugs being missed Continue Reading
-
Protecting your digital assets: Why it pays to invest in cyber insurance
Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without Continue Reading
-
How botnets pose a threat to the IoT ecosystem
While connected devices are transforming our personal and working lives in a multitude of ways, they are also a growing security risk – attackers are hijacking these devices and turning them into internet of things botnets Continue Reading
-
What are the CDN options for enterprises?
We look at how content delivery networks can give your organisation’s web presence a literal edge Continue Reading
-
Collaborative security approaches underpin container success
Containers are helping organisations to accelerate age-old software development approaches, but success is underpinned by a constant and team-wide attention to security Continue Reading
-
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
Trusted nodes: The next generation in quantum key distribution
QKD is a form of protection against interception by quantum computers, but cost and technical limitations have made the technology impractical. Could trusted nodes make all the difference? Continue Reading
-
Prepare now for quantum computers, QKD and post-quantum encryption
The predicted processing power of quantum computers is likely to make existing encryption algorithms obsolete. Quantum key distribution (QKD) is a possible solution - we investigate whether QKD is viable Continue Reading
-
Outcomes-based security is the way forward
Every security technology is effective for a limited time, but understanding data assets and their value to attackers is key to effective cyber defence, according to an industry veteran of 20 years’ experience Continue Reading
-
Inside DevOps, containers and enterprise security
Global corporates are waking up to containers and orchestrated containerisation for software development that is fast and safe. Computer Weekly looks at the best approach to ensure security is not compromised along the way Continue Reading
-
Disaster recovery as a service: what you need to know
Technological advances make disaster recovery as a service possible, but Computer Weekly investigates whether it is practical option for all businesses Continue Reading
-
Matching disaster recovery to cyber threats
While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical Continue Reading
-
How Australia is keeping pace with ICS threats
Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading
-
Application security more important than ever
Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge Continue Reading
-
Cyber resilience key to securing industrial control systems
Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures Continue Reading
-
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ... Continue Reading
-
Data protection is critical for all businesses
Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many reasons good data practice is essential Continue Reading
-
Businesses need to take cryptojacking seriously
Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading
-
Getting a handle on mobile security in your enterprise
Everyone now has a mobile device at work, so how can enterprises ensure they are secure? Continue Reading
-
How AI will underpin cyber security in the next few years
Cyber security risks are growing in complexity and volume, but artificial intelligence techniques can help businesses track and fight them in real time Continue Reading
-
Navigating ASEAN’s patchy cyber security landscape
Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows Continue Reading
-
The rights and wrongs about GDPR compliance
We explore some common myths surrounding the forthcoming General Data Protection Regulation Continue Reading
-
How secure are smart energy grids?
The improved efficiency of smart grids need to be weighed against the cost of security - presenting a unique opportunity for the tech sector and a new market for security companies Continue Reading
-
Get tooled up to meet GDPR requirements
We look at options for tools to help organisations comply with the EU’s General Data Protection Regulation Continue Reading
-
Steal a march on cyber criminals through security by deception
Security by obscurity, although a common and tempting practice, is generally not recommended, but security by deception offers a way for defenders to make it more difficult for attackers to succeed and easier for defenders to catch them Continue Reading
-
UK sale of surveillance equipment to Macedonia raises questions over export licence policy
The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision Continue Reading
-
Where the device hits the network – a mobile device management update
As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge Continue Reading
-
Why immutable buckets are a worthy risk management tool
Immutable buckets offer businesses benefits in terms of data compliance, backup, archiving and security Continue Reading
-
What it takes for the internet of things to take off in ASEAN
Besides lowering adoption costs, an ecosystem of governments, technology suppliers and telcos is necessary for the internet of things to flourish in Southeast Asia Continue Reading
-
The Macedonian surveillance scandal that brought down a government
Macedonia has been accused of using surveillance technology for covert spying - the subsequent political protests were instrumental in the ruling party losing power after 10 years Continue Reading
-
GDPR: a quick start guide
We look at how UK organisations can prepare for the General Data Protection Regulation Continue Reading
-
How UK organisations are leaving themselves open for cyber attack
UK organisations are leaving themselves wide open to cyber attack despite huge investments in cyber security systems, according to two former hackers now working in cyber defence Continue Reading
-
Breaking the cyber kill chain
Traditional antivirus is no longer good enough for fileless malware attacks that don’t leave a trace Continue Reading
-
How information security professionals can help business understand cyber risk
Information security is continually moving up business and board agendas, but information security professionals find it challenging to help business leaders to understand fully the cyber risks across increasingly digital businesses. Continue Reading
-
Secure IoT before it kills us
Experts say more must be done to mitigate the potentially catastrophic threats presented by connected devices Continue Reading
-
The cyber threats lurking within every company
Insider threats have been around for a long time, but it is only recently that people have begun to acknowledge the true danger they pose Continue Reading
-
Lauri Love: the student accused of hacking the US
How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love Continue Reading
-
The problem of passwords and how to deal with it
Security experts have long recognised passwords as inadequate, but finally technology is offering some viable alternative authentication methods that businesses can explore to keep their data safe Continue Reading
-
My first IoT project: A guide for businesses
We’ve all had a good giggle about having our fridges hacked – but now it’s time to get real. What are the first steps enterprises should take when implementing their first internet of things project? Continue Reading
-
Hunters: a rare but essential breed of enterprise cyber defenders
They wait, they watch, they search the outer reaches of networks and the darkest corners of the web, setting traps, crafting tools, collecting evidence and going in pursuit: they are the hunters Continue Reading
-
How to manage IT access for external users
Identity and access management has extended from being solely an internal IT management process to focus on external business engagement too Continue Reading
-
IAM is the future for managing data security
Why identity and access management is taking centre stage in companies’ access policies Continue Reading
-
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
How to deal with the aftermath of a data breach
Considering that a data breach could happen to any company, at any time, a plan of action is the best tactic Continue Reading
-
Disaster recovery planning: Where virtualisation can help
The disaster recovery planning process is not fundamentally technology-centric, so when can virtualisation make it quicker and easier to restore services after an unplanned outage? Continue Reading
-
The next stage in quantum key distribution
Authentication schemes based on quantum physics are emerging to address the growing number of ways to compromise data traffic Continue Reading
-
Avoiding security issues when recycling hardware
What are the options for the environmentally and ethically responsible recycling of end-of-life hardware, without compromising data security? Continue Reading
-
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
The security dangers of home networks
Most companies take reasonable steps to protect their networks from virus attacks, but one area of vulnerability that is often overlooked is infection from employees’ home networks Continue Reading
-
How to ensure strong passwords and better authentication
Five steps to ensure stronger passwords and better authentication to reduce the threat of business data theft Continue Reading
-
How to fully test IT networks for vulnerabilities
Making sure a company network is secure is a very important task, and one that should be scheduled regularly Continue Reading
-
How to reduce the risk of social engineering attacks
Implement simple checks to reduce the risk of the main types of social engineering attacks Continue Reading
-
Top tips for remote and mobile workers to improve their cyber security
Steps remote and mobile workers can take to improve cyber security on mobile devices, using public Wi-Fi and computers, and handling USB devices Continue Reading
-
Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance
Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden Continue Reading
-
How to secure the SDN infrastructure
As more enterprises look to deploy software-defined networking, the need for security from the ground up should not be underestimated Continue Reading
-
The internet of things is coming: Is your datacentre ready?
Gartner estimates the IoT will see 26 billion units installed by 2020 – channelling huge volumes of data traffic into datacentres Continue Reading
-
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
-
Big data journalism exposes offshore tax dodgers
How journalists harnessed big data to challenge offshore financial secrecy Continue Reading
-
An introduction to cyber liability insurance cover
Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists Continue Reading
-
Manage identity and access to improve business processes
Streamlining identity and access management is essential to exploiting your organisation’s assets and employees’ productivity. Continue Reading
-
How to create a good information security policy
Information security policies provide vital support to security professionals, yet few organisations take the time to create decent policies Continue Reading
-
Windows XP end of support: What to do next
CIOs may not wish to carry on running a 12-year-old desktop OS, but thousands of incompatible applications leave many with no choice Continue Reading