Opinion
Opinion
IT for small and medium-sized enterprises (SME)
-
How can we adapt work practices to protect CISO mental health?
Cyber leaders are finding it harder to keep up with security requirements than just two years ago, risking a domino effect of dissatisfaction, burnout and eventually, resignation Continue Reading
-
Security Think Tank: The phishing forecast for 2024
Egress' Jack Chapman and James Dyer explore how phishing attacks are set to grow in their scope and sophistication this year, with generative AI playing a big role Continue Reading
-
The human toll of ransomware: how IT pros suffer during incidents
Any ransomware attack causes significant challenges for a business or organisation going through such incident. But ransomware attacks also have tremendous impact on the staff – especially IT teams – working on mitigating the attack’s effect Continue Reading
-
Beyond the office walls: Safeguarding remote workers from attack
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Evolving best practice: What next for securing remote work?
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Security Think Tank: Testing to improve remote worker security
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Security Think Tank: Anytime, anywhere access is achievable
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
AI vs software outsourcing: An opportunity or a threat?
While artificial intelligence offers unprecedented opportunities for growth, efficiency and automation, it also raises pertinent questions about the future of software outsourcing Continue Reading
-
Ethical perspectives on ChatGPT
In the final of three essays, Marc Steen uses ChatGPT as a case study for how to use different ethical perspectives, and practical steps people can take to start incorporating ethics into their projects Continue Reading
-
Alternative perspectives: relational and virtue ethics in tech
In the second of three essays, Marc Steen explores the benefits of grounding ethical considerations in an understanding of social and power dynamics, and how relational and virtue ethics can help Continue Reading
-
Ethics as a process of reflection and deliberation
In the first of three essays, Marc Steen outlines a three-step process for how organisations can practically integrate ethics into their IT projects and how different ethical perspectives can inform tech development Continue Reading
-
Security Think Tank: Training can no longer be a compliance exercise
Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading
-
Cyber training in 2023 needs to drive measurable change
2023 will see more focus on security training programmes that not only provide employees with an understanding of the risks they face but more importantly drive measurable behavioural change, says PA Consulting’s Richard Allen Continue Reading
-
Cyber security training: Insights for future professionals
Future cyber security professionals need soft skills as well as technical ones, says security educator Sudeep Subramanian Continue Reading
-
Security Think Tank: New trends and drivers in cyber security training
Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading
-
How to protect your business from fraud during a recession
This winter, the chilly winds of a global recession have fraudsters turning up the heat. PJ Rohall of SEON Fraud Fighters shares some guidance on how to bundle up against fraud Continue Reading
-
Security Think Tank: Poor training is worse than no training at all
Bad security training is a betrayal of users, a security risk, and ultimately a waste of money, but there are some reasons to be optimistic about the future, say Mike Gillespie and Ellie Hurst of Advent IM Continue Reading
-
Security Think Tank: In 2023, we need a new way to cultivate better habits
Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress Continue Reading
-
Security Think Tank: Getting the training and development mix right
Rob Dartnall, CEO at SecAlliance and chair of Crest’s UK Council, describes the need for formal, varied and continuous development in the cyber security sector Continue Reading
-
How does red teaming test the ultimate limits of cyber security?
An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading
-
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
Security Think Tank: Embrace prioritisation, people, imperfections
Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading
-
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
Ransomware: Is there hope beyond the overhyped?
Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading
-
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
Your staff are the frontline in your ransomware fight
As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading
-
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
Cyber insurance: The good, the bad and the ugly
Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee Continue Reading
-
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
Security Think Tank: Anti-ransomware strategies should be as easy as ABC
When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading
-
To fight ransomware, we must treat digital infrastructure as critical
Ransomware defence is failing because we don’t view our digital infrastructure in the same way as our physical infrastructure, argues Elastic’s Mandy Andress Continue Reading
-
Security Think Tank: Ransomware and CISOs’ balancing act
Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection but also response and recovery Continue Reading
-
Security Think Tank: Know your networks, know your suppliers
To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights Continue Reading
-
Security Think Tank: Container security: why so different?
Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas Continue Reading
-
How has container security changed since 2020, and have we taken it too far?
While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up Continue Reading
-
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access ... Continue Reading
-
Security Think Tank: Don’t rely on insurance alone
Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables Continue Reading
-
Cyber insurance: An effective use of your scant security budget?
The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading
-
Lots to consider when buying cyber insurance, so do your homework
When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading
-
Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it
In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading
-
Security Think Tank: Now is the time to think about cyber insurance
Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs Continue Reading
-
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
What will the Data Reform Bill mean for UK businesses operating in the EU?
Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading
-
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
Consider governance, coordination and risk to secure supply chain
A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
-
Security Think Tank: Best practices for boosting supply chain security
In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading
-
Security Think Tank: Basic steps to secure your supply chain
When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading
-
Security Think Tank: Don’t trust the weakest link? Don’t trust any link
Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must Continue Reading
-
Strong internal foundations are key to withstanding external threats
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ... Continue Reading
-
Security Think Tank: To follow a path, you need a good map
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ... Continue Reading
-
Revised scope of UK security strategy reflects digitised society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF Continue Reading
-
UK Cyber Strategy a welcome injection of progress
The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber Continue Reading
-
National Cyber Strategy will enhance UK’s cyber power status
The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of ... Continue Reading
-
How cyber security teams can conquer the four-day working week
The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition Continue Reading
-
National Cyber Strategy misses the mark in one important way
The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way Continue Reading
-
Security Think Tank: Good training is all about context
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
Phishing tests are a useful exercise, but don’t overdo it
The vast majority of cyber attacks start with a phish, so it’s not surprising that phishing tests form part of cyber training plans. But sometimes these tests go too far. Cyberis’ Gemma Moore looks at how to avoid the pitfalls Continue Reading
-
Five key tech trends for digital leaders in 2022
The past two years have seen a surge in investment that will bring new challenges to digital leaders over the next year Continue Reading
-
Security Think Tank: How to build a human firewall
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
Understand your cyber training ‘need’ before committing to a programme
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service? Continue Reading
-
Security Think Tank: Focus on ‘nudging’ to build effective cyber training
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service? Continue Reading
-
A trial relying on computer evidence should start with a trial of the computer evidence
Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history Continue Reading
-
Security Think Tank: Reframing CISO-boardroom relations
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
Security Think Tank: Attackers leveraging the supply chain
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months Continue Reading
-
Security Think Tank: Think people, processes and systems
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
Security Think Tank: SASE – marketing buzz or the future of security?
SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading
-
Security Think Tank: Consider cyber policies and procedures as you welcome employees back
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Government-led innovation can help cyber startups find a market
There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path Continue Reading
-
Security Think Tank: Reopening is an opportunity to reassess wider security posture
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
IR35 private sector reforms: What firms need to do now the start date has passed
While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do Continue Reading
-
Employees must be given the right to disconnect
As enterprises increasingly turn to workplace monitoring technologies and more of the workforce moves to remote or hybrid working, unions are campaigning for workers’ ‘right to disconnect’ and not engage in digitally enabled work after hours Continue Reading
-
Why the London Data Charter could be a foundation stone in the city’s recovery
London First’s director of connectivity and competitiveness, David Lutton, explains why data is at the core of the capital’s recovery plan Continue Reading
-
SMEs poised to reap tech and agility advantage in wake of Covid-19
The UK’s small and medium-sized businesses have, in some respects, reacted more nimbly to Covid-19 than larger organisations. As a result, they have put themselves in a better position to take advantage of growth opportunities Continue Reading
-
Overhaul business support with a focus on tech to help SMEs weather the Covid crisis
The more digitally capable businesses have come through the pandemic in better shape - government needs to ensure that UK SMEs have the support in place to use tech to survive Covid-19 Continue Reading
-
Top 10 skills to include in your IT CV
Find out what skills and keywords you should include on your CV to stand out as an IT professional in a competitive market Continue Reading
-
Making Tax Digital will boost business resilience in case of future Covid crises
HMRC is expanding the digitisation of income and corporation tax in a move that will benefit businesses, the self-employed and the economy, writes the government's financial secretary to the Treasury Continue Reading
-
EC publishes approach to human and ethical implications of AI, but what will UK do?
The European Commission has published a guide to the EU’s approach to the human and ethical effects that artificial intelligence might bring Continue Reading
-
The super-resilient IT function
IT functions don’t have to continue taking the blame for organisational failures, they can take the lead in transforming the business Continue Reading
-
Small business guide: How to keep your organisation secure from fraudsters and hackers
Doing a few things well can keep your organisation protected from common cyber attacks and fraudsters Continue Reading
-
Innovative supplier selection is the key to government procurement success
The government has improved its procurement processes for SMEs and acknowledges the importance of small suppliers, but there are important steps that still need to be taken Continue Reading
-
The five software testing techniques every software developer should know about
Five simple testing techniques that will help developers test their software systematically, thoroughly and quickly Continue Reading
-
The right way to get on with building UK tech success is to get a Brexit deal now
The UK technology sector does not want a no-deal Brexit, and recognises the damage it would cause. If we're leaving the EU, the Prime Minister needs to get a deal Continue Reading
-
Security Think Tank: The case for blockchain-based identity
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Too soon to dismiss blockchain in cyber security
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Use blockchain for integrity and immutability checks
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Blockchain is not for everyone, so look carefully before you leap
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Blockchain utility depends on business type and cost
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Businesses need to keep investing in tech and hope to avoid a no-deal Brexit
A no-deal Brexit could have serious consequences for the UK tech sector and skills base, making it more difficult to recruit technology specialists and hire freelancers Continue Reading
-
Security Think Tank: Risk mitigation is key to blockchain becoming mainstream
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Blockchain – balance risk and opportunity for smart security
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Data architecture and security must evolve in parallel
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Data architects should be key allies of infosec pros
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Balancing data accessibility with security controls
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Communication, processes and tech: A new beginning for security
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Security is a business, not an IT function
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading