In Depth
In Depth
Network security management
-
Ivanti vulnerabilities explained: Everything you need to know
A series of vulnerabilities in Ivanti products have caused concern worldwide. Delve into some of the key issues arising from the Ivanti disclosures, looking at the vulnerabilities and their impact, what affected users should do, and learn about new... Continue Reading
-
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
Ransomware: All the ways you can protect storage and backup
We survey the key methods of ransomware protection, including immutable snapshots, anomaly detection, air-gapping, anomaly detection, and supplier monetary guarantees Continue Reading
-
AI-powered cloud SIEM: Real-time threat intel boosts defences
Thanks to their advanced data analysis and predictive capabilities, AI and ML will be valuable protective tools going forward. Learn about the potential of AI-backed cloud SIEM technology Continue Reading
-
What the Product Security and Telecommunications Infrastructure Act means for UK industry
For years, many network-connected devices have lacked adequate security, putting their users and others at risk of cyber attacks. The UK’s PSTI Act aims to prevent this by mandating minimum security requirements, but what impact will this have on ... Continue Reading
-
Securing your software supply chain
Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains Continue Reading
-
APAC buyer’s guide to SASE
In this buyer’s guide on secure access service edge services, we look at the benefits of the technology, key considerations and the market landscape Continue Reading
-
Securing low Earth orbit represents the new space race
The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges Continue Reading
-
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
How gamifying cyber training can improve your defences
Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading
-
Will the OCSF create an open and collaborative cyber industry?
The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption Continue Reading
-
Air gaps for backup and how they help against ransomware
The air gap is a basic of backups and storage. We look at what’s meant by an air gap, the rise of the logical air gap, and its place in the fight against ransomware Continue Reading
-
The cyber security impact of Operation Russia by Anonymous
The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading
-
What the EU’s content-filtering rules could mean for UK tech
EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector Continue Reading
-
How APAC organisations can mitigate edge security threats
The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks Continue Reading
-
What neurodivergent people really think of working in cyber security
Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
-
Is the IT sector beset by fear-mongering?
The arms race between hackers and security teams has led to a plethora of new technologies, but it can be hard to differentiate between sensible cyber purchases and those that are promoted by exaggerating risk Continue Reading
-
Digital surveillance of remote workers may increase enterprise risk
From productivity tools to security threats, we explore how digital surveillance is forcing remote workers towards shadow IT Continue Reading
-
Immutable snapshots aim to neutralise ransomware
Snapshots – usually immutable anyway – get functionality to stop ransomware intruders moving or deleting snapshots, so customers know they have clean copies of data to restore from Continue Reading
-
Back on the office network: What are the risks for mobile users?
Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading
-
Five ways to ensure remote working security and compliance
A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
-
How the pandemic changed backup
The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading
-
The rise and rise of supply chain attacks
Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains Continue Reading
-
What the Telecommunications (Security) Bill means for UK industry
The Telecommunications (Security) Bill is intended to reinforce the security of the UK telecommunications infrastructure, but what are the implications for industry? Continue Reading
-
Buying a VPN? Here’s what you need to know
VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading
-
How do I get my users to pay attention to security training?
As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees? Continue Reading
-
Top five threats to compliance during the pandemic
We survey the top five pandemic compliance threats – remote working, Covid tracking, criminal exploits, compliance measures slipping, and heightened enforcement to come Continue Reading
-
How can healthcare organisations fight increased cyber crime in 2021?
As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
-
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
Post-pandemic approaches to IAM for cloud security
Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading
-
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
How to build an effective vulnerability management programme
As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat Continue Reading
-
DDoS mitigation strategies needed to maintain availability during pandemic
The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions... Continue Reading
-
Credential stuffing: When DDoS isn’t DDoS
Ten years ago, credential stuffing attacks posed a comparatively minor threat, but with an escalating number of data breaches, the threat posed has now increased. What are the solutions to this very human problem? Continue Reading
-
Why securing the DNS layer is crucial to fight cyber crime
Domain name system security is often overlooked by organisations, but focusing on this layer could actually improve the effectiveness of cyber security strategies. We explore the latest DNS trends and best practice Continue Reading
-
Top five ways backup can protect against ransomware
Ransomware threatens to put your data beyond reach, so the best way to prepare is to have good-quality data you can restore from backup. We look at the key things to consider Continue Reading
-
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
Automating IT security
IT security’s battle with the hacking community has always been a game of cat and mouse, but it’s becoming increasingly automated Continue Reading
-
APT groups’ mobile momentum finally faces resistance
State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back Continue Reading
-
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading
-
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
A carrot-and-stick approach to fixing cyber security complacency
With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it Continue Reading
-
The AWS bucket list: Keep your cloud secure
Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter Continue Reading
-
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
Coronavirus: Can the networks take the strain?
It was predicted that the mass roll-out of computer networks would mean at some point that there was no difference between work and home as a working location. These assumptions are about to be tested to the full Continue Reading
-
Trusty methods to keep out intruders
Today’s hyper-connected world means trust can no longer be taken for granted to keep networks secure – enter the zero-trust model Continue Reading
-
Zero trust: Taking back control of IT security
Trust on the network is a crucial factor in security risk, and zero trust changes the traditional model of ‘trust but verify’ Continue Reading
-
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
Taking responsibility for security in the cloud
From accidental leaks to full-on data breaches, maintaining security across cloud services is becoming a headache for enterprises. What questions should organisations be asking of their cloud service provider and, ultimately, whose responsibility is... Continue Reading
-
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Developing innovative security analytics approaches in the digital age
With security threats growing in scale and complexity, security analytics provide a way for IT teams to stay one step ahead of cyber attackers. The challenge is to ensure this technology continues to be effective in the face of new security ... Continue Reading
-
APAC IoT adoption improves amid challenges
More enterprises across the region are using the internet of things to track fleet vehicles and improve operations, but technology integration and security concerns are still holding back widespread adoption Continue Reading
-
Securing your mobile estate – best practice for CIOs
The prevalence of mobile devices in every part of daily life is shaping how enterprises make choices about software and network infrastructure, but how do businesses go about securing these vast new endpoint estates? Continue Reading
-
How to get the basics of mobile device management right the first time
When adopting mobile device management, there are often fears around implementation and whether or not the strategy is even required Continue Reading
-
Vulnerability assessment done. Now what?
Vulnerability assessment establishes the current state of an organisation’s cyber security, but to meet industry best practices, companies should go beyond that to achieve continuous improvement Continue Reading
-
What are the CDN options for enterprises?
We look at how content delivery networks can give your organisation’s web presence a literal edge Continue Reading
-
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
Break free from traditional network security
Highly connected businesses put pressure on traditional network security. We look at how corporate networks are breaking out of their boundaries Continue Reading
-
Security without borders
Perimeterless security offers a way to secure each point of connectivity and every device, rather than relying on perimeter protection Continue Reading
-
What does the 802.11ax wireless standard mean for your network?
The publication of the 802.11ax standard will pave the way for the next generation of wireless technology, but what does it mean for enterprise networks? Continue Reading
-
The future of network-connected device security
The proliferation of poorly secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough? Continue Reading
-
Securing the SD-WAN: The next network challenge
Every time an enterprise weighs up whether or not to try SD-WAN, security is an essential part of the picture Continue Reading
-
It’s complicated: How enterprises are approaching IAM challenges
Identity and access management challenges are evolving with digital transformation. Computer Weekly explores some of the ways organisations are ensuring the right people gain the right access to the right resources Continue Reading
-
An insider’s look into the dark web
A principal research scientist at Sophos offers a glimpse into the abysses of the dark web in a bid to uncover what cyber crooks are up to Continue Reading
-
How Australia is keeping pace with ICS threats
Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading
-
Cyber resilience key to securing industrial control systems
Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures Continue Reading
-
Network security in the digital transformation era
Network security has always been a core focus for CISOs and IT security managers, but in an era of digital transformation, we examine if network security strategies are keeping up with new and emerging cyber threats Continue Reading
-
Network security in the age of the internet of things
Wireless devices and smart technologies are increasingly being brought into the workplace, and pose a growing risk to company data Continue Reading
-
Businesses need to take cryptojacking seriously
Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading
-
Navigating ASEAN’s patchy cyber security landscape
Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows Continue Reading
-
How secure are smart energy grids?
The improved efficiency of smart grids need to be weighed against the cost of security - presenting a unique opportunity for the tech sector and a new market for security companies Continue Reading
-
UK sale of surveillance equipment to Macedonia raises questions over export licence policy
The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision Continue Reading
-
Where the device hits the network – a mobile device management update
As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge Continue Reading
-
What it takes for the internet of things to take off in ASEAN
Besides lowering adoption costs, an ecosystem of governments, technology suppliers and telcos is necessary for the internet of things to flourish in Southeast Asia Continue Reading
-
Secure IoT before it kills us
Experts say more must be done to mitigate the potentially catastrophic threats presented by connected devices Continue Reading
-
Lauri Love: the student accused of hacking the US
How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love Continue Reading
-
My first IoT project: A guide for businesses
We’ve all had a good giggle about having our fridges hacked – but now it’s time to get real. What are the first steps enterprises should take when implementing their first internet of things project? Continue Reading
-
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
The security dangers of home networks
Most companies take reasonable steps to protect their networks from virus attacks, but one area of vulnerability that is often overlooked is infection from employees’ home networks Continue Reading
-
How to ensure strong passwords and better authentication
Five steps to ensure stronger passwords and better authentication to reduce the threat of business data theft Continue Reading
-
How to fully test IT networks for vulnerabilities
Making sure a company network is secure is a very important task, and one that should be scheduled regularly Continue Reading
-
Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance
Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden Continue Reading
-
How to secure the SDN infrastructure
As more enterprises look to deploy software-defined networking, the need for security from the ground up should not be underestimated Continue Reading
-
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
-
Big data journalism exposes offshore tax dodgers
How journalists harnessed big data to challenge offshore financial secrecy Continue Reading
-
The internet of things is set to change security priorities
IT leaders must protect against the security risks introduced by the growing interaction between technology and the physical world. Continue Reading
-
How to tackle big data from a security point of view
Before leaping into big data, companies must be clear what they are trying to achieve, otherwise their investment will be wasted Continue Reading
-
How to find the most vulnerable systems on your internal network
Most corporate networks share common vulnerabilities, but many could be mitigated with education in “hacker thinking” for technical staff Continue Reading
-
Business priorities: what to protect, monitor and test
How information security professionals can prioritise what to protect, monitor and test in the light of current budget and resource constraints Continue Reading