Opinion
Opinion
IT project management
-
Questions for IT and cyber leaders from the CSRB Microsoft report
The US government's CSRB report on last year's state sponsored cyber attacks on Microsoft raises significant concerns for Redmond and its customers. Expert Owen Sayers outlines five key questions IT and cyber security leaders should now consider Continue Reading
-
Startups: how to navigate at high velocity
When up to 90% of startups fail, tech entrepreneurs must do something different to get a different result and to be part of the 10% Continue Reading
-
Digital government: problems on the horizon
Are government’s digital programmes becoming the next Post Office Horizon scandal? Continue Reading
-
Navigating digital transformation in healthcare
Beverley Bryant, The CDIO of of Guy’s and St Thomas NHS Foundation Trust and King’s College Hospital NHS Foundation Trust, shares insights from their joint digital transformation journey: the Apollo project Continue Reading
-
Why AI will push enterprises to eliminate the silos that slow innovation
Generative AI offers a way to transform developer productivity, by expediting a cultural shift in the way enterprises organise themselves Continue Reading
-
A decade after breaking HMRC’s Aspire deal, the Post Office scandal exposes glaring similarities
HM Revenue & Customs finally broke from its £800m a year Aspire contract in 2016 - and the reasons have parallels with the Post Office scandal. Will government ever learn? Continue Reading
-
The human toll of ransomware: how IT pros suffer during incidents
Any ransomware attack causes significant challenges for a business or organisation going through such incident. But ransomware attacks also have tremendous impact on the staff – especially IT teams – working on mitigating the attack’s effect Continue Reading
-
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Governance best practices for citizen developers
The rise of citizen developers is revolutionising the way organisations approach software development. Here is a guide to supporting them Continue Reading
-
Ending the cycle of rush and burnout in software development
Instead of focusing on speed in software delivery, addressing risks affecting on-time delivery is the secret to preventing burnout Continue Reading
-
How to manage the cultural and operational impact of AI
Organisations will need to address workplace fears of potential job losses, manage change and improve their talent mix to drive success in AI adoption Continue Reading
-
Incident response planning requires constant testing
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
Use existing structures to build your incident response plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
Incident response planning is vulnerable to legacy thinking
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
Insights from launching a developer-led bank
A software developer's approach to building a bank in the digital age. Continue Reading
-
Security Think Tank: A user’s guide to encryption
The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
-
Ethical perspectives on ChatGPT
In the final of three essays, Marc Steen uses ChatGPT as a case study for how to use different ethical perspectives, and practical steps people can take to start incorporating ethics into their projects Continue Reading
-
Alternative perspectives: relational and virtue ethics in tech
In the second of three essays, Marc Steen explores the benefits of grounding ethical considerations in an understanding of social and power dynamics, and how relational and virtue ethics can help Continue Reading
-
Ethics as a process of reflection and deliberation
In the first of three essays, Marc Steen outlines a three-step process for how organisations can practically integrate ethics into their IT projects and how different ethical perspectives can inform tech development Continue Reading
-
IT Sustainability Think Tank: Recruitment and the regulatory landscape
There is an ever-growing list of rules and regulations for enterprises to get their heads around when it comes to sustainability, but what can they do to keep on top of things? Continue Reading
-
AI-enhanced cyber has potential, but watch out for marketing hype
As AI is a hot topic right now, it is no surprise there are some cyber solutions coming to market that have been thrown together in haste, but that said, genuine AI-powered security products do exist and their abilities could yet prove ... Continue Reading
-
Transforming the financial system's plumbing
Executive heading up the Bank of England’s core system replacement project says the financial services sector plumbing is getting the attention it deserves. Continue Reading
-
Hello ChatGPT, RIP software developer?
How generative AI will change the lives of software developers and the shape of the IT department Continue Reading
-
The problem with ‘secure’ messaging
Secure instant messaging is becoming a norm for business communications but it raises three important security and compliance questions Continue Reading
-
Five non-traditional talent pools that will help CIOs plug skills gaps
Some alternative ways for CIOs to fill talent gaps when its hard to find people with the right technology skills in the jobs market Continue Reading
-
Security Think Tank: To secure code effectively, verify at every step
Verification at every step is an important part of ensuring your code is secure, writes Petra Wenham Continue Reading
-
Could your employees’ use of ChatGPT put you in breach of GDPR?
Following Italy's run-in with OpenAI’s ChatGPT, legal expert Richard Forrest emphasises the necessity for additional scrutiny while using AI tools in a work environment, and practical guidance on doing so safely Continue Reading
-
Cloud identity: Are you who you say you are?
As identity, rather than networking segmentation, becomes the primary determining factor in accessing cloud resources. ISACA’s Ser Yoong Goh highlights three trends driving cloud IAM Continue Reading
-
Three outsourcing trends to look out for in 2023
ISG's Andreas Fahr outlines three IT sourcing trends to look out for in the coming year. Continue Reading
-
Europe’s cyber security strategy must be clear about open source
Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem Continue Reading
-
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
Gartner: Three key tasks needed to decommission applications
A guide to slimming down a full portfolio of applications that are expensive to maintain and difficult to adapt to business needs Continue Reading
-
Currency markets causing choppy waters for UK outsourcing
Anthony Drake, director at tech advisory ISG, explains how the UK government’s botched mini-Budget announcement raised the cost of IT outsourcing Continue Reading
-
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
-
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access ... Continue Reading
-
Why you should start your post-quantum encryption migration now
Some say we have the best part of a decade to prepare for the security risks that quantum computing presents to current encryption tech, but PA Consulting experts believe that timeframe is shrinking dramatically Continue Reading
-
Reimagining ethical digital technology
With ever-increasing digitisation leading to greater dependence on a range of digital technologies, enterprises need to urgently look at how they can incorporate ethical and social considerations into the tech they develop Continue Reading
-
Lots to consider when buying cyber insurance, so do your homework
When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading
-
The evolution of threat modelling as a DevSecOps practice
Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process Continue Reading
-
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
Naivety of computer evidence leaves door ajar for more miscarriages of justice
Barrister Paul Marshall explains why the government’s lack of action on reforming the legal rules around computer evidence, which presume it is correct, mean the Post Office Horizon scandal could be the tip of a miscarriages of justice iceberg Continue Reading
-
The importance of making information security more accessible
Robin Smith, CSO of Aston Martin Lagonda, talks about how an accessible approach to cyber is helping him to keep the organisation secure Continue Reading
-
Security Think Tank: Understanding attack paths is a question of training
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ... Continue Reading
-
Security Think Tank: To follow a path, you need a good map
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ... Continue Reading
-
Building distributed systems requires effective developer teams
Technologies edge computing and containerisation call for teams capable of building distributed systems Continue Reading
-
Why diversity in AI remains a challenge and how to fix it
With artificial intelligence set for a global economic explosion, its development must put diversity at its core to avoid discriminating systems Continue Reading
-
2022 must be a big year for sustainability in the tech sector
As the pandemic might be easing, many organisations have an opportunity to refocus on core strategic goals and aims. For the tech sector, one of these must be sustainability Continue Reading
-
Subpostmasters won their David and Goliath battle, but initial goal still not reached
Despite exposing the Post Office Horizon scandal, Alan Bates, the former subpostmaster who drove the campaign for the truth, says the goal of repaying people what they lost has not yet been achieved Continue Reading
-
Security Think Tank: How to build a human firewall
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
A trial relying on computer evidence should start with a trial of the computer evidence
Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history Continue Reading
-
Security Think Tank: In the cloud, anti-human approaches set us up to fail
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
Security Think Tank: SASE – more than the sum of its parts?
Airbus Cybersecurity’s Paddy Francis asks what makes an integration of the various components of SASE more the sum of their parts, and what are the benefits and pitfalls? Continue Reading
-
Security Think Tank: What to find out before investing in SASE
Petra Wenham of the BCS shares her thoughts on what organisations need to consider as they investigate whether or not to invest in secure access service edge technology Continue Reading
-
Security Think Tank: SASE – marketing buzz or the future of security?
SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading
-
How to prevent developer burnout
The pandemic has led to more pressure on software developers, many of whom have reported increased levels of stress and anxiety Continue Reading
-
IR35 reforms: Tech firms warned off relying on high-risk compliance workarounds
Several months have passed since the onset of the IR35 reforms in the private sector, but compliance with the rules remains an ongoing process, warns Brookson Legal’s Matt Fryer Continue Reading
-
How the cyber security market is evolving
The cyber security market has gained even greater importance in the post-Covid era and continues to grow and evolve. But what factors are driving trends in that market and what should your organisation consider when making cyber security investments? Continue Reading
-
Firms struggle to manage their innovation ecosystems
A lack of governance and performance mechanisms is hindering firms from getting the most out of suppliers in their innovation ecosystems Continue Reading
-
The unintended consequences of digital transformation
Digital transformation offers organisations a way to change fundamentally the way they operate Continue Reading
-
Security Think Tank: Consider cyber policies and procedures as you welcome employees back
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Can a web app ever be truly secure?
Despite the wealth of vulnerability detection tools and practices, there remains a vast array of web application security breaches Continue Reading
-
Choose the right ITSM tool for digital era success
IT service management (ITSM) tools are essential for many organisations to help optimise the design, delivery, support, use and governance of IT, but not all ITSM solutions are created equal, therefore selecting the right one is crucial Continue Reading
-
Security Think Tank: Hydration, hiring, hacking – lessons in post-Covid risk
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Universal Credit: What went wrong, and what we learned
The architect of one of the biggest and most controversial government policies – and IT failures – of the past decade gives his inside view of the project, and how Computer Weekly was a thorn in their side Continue Reading
-
Security Think Tank: To secure printers think process, technology and people
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Why agility is the key to secure software
Continuous delivery of software product releases demands continuous security. Businesses and regulators are right to wonder whether organisations are valuing cyber security by the design of their products Continue Reading
-
NHS Digital’s GP data-scraping plan must be publicised and delayed
The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman Continue Reading
-
Policies key to revolutionising Identity Governance and Administration
The proliferation of digital identities, applications, data, security threats and compliance requirements means that Identity Governance and Administration (IGA) has never been more important, but not all organisations are approaching it in an ... Continue Reading
-
The shape of fraud and cyber crime: 10 things we learned from 2020
While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises Continue Reading
-
Security Think Tank: Vaccine passports must be secure by design
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Moving from VMs to a container-based enterprise architecture
As organisations move to a cloud-native architecture, they will need to consider what to do with their existing virtual server estate Continue Reading
-
Why the London Data Charter could be a foundation stone in the city’s recovery
London First’s director of connectivity and competitiveness, David Lutton, explains why data is at the core of the capital’s recovery plan Continue Reading
-
Data-driven innovation needs trustworthy governance
The pandemic has given us a glimpse of what data-driven technology can do for society – and we cannot go back to the status quo Continue Reading
-
Fixing government digital transformation – lessons from the early days of GDS
As a new organisation is formed to lead UK digital government, three former government digital leaders share the lessons they learned from the early days of the Government Digital Service Continue Reading
-
The ransomware routine: pages from the Secret IR Insider’s diary
The Secret Incident Response Insider shares behind-the-scenes stories of what really happens after organisations are hit by cyber attacks – and shows how they could have been avoided Continue Reading
-
Security Think Tank: Plan for hybrid working to become normal
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Time for security teams to learn from Covid
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: The year of the work-from-home hangover
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
How to manage non-human identities
Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach Continue Reading
-
HANA or ‘na’?
With alternatives abundant, many organisations are holding off on enterprise software upgrades Continue Reading
-
Security Think Tank: SOAR to the next level with automation
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
SIEM or SOAR or both? Consider your business complexity first
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
Security Think Tank: SIEM and SOAR are far from mutually exclusive
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
Security Think Tank: Alerts are great, it’s what you do with them that counts
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
How to modernise identity governance and administration
Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure Continue Reading
-
Why automation isn’t always an improvement
Automation can help organisations run more efficiently, but only if the most inefficient steps in a business process are fixed first Continue Reading
-
From front line to back office – how supporting the cyber community keeps the NHS safe
NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care Continue Reading
-
Brexit and risks to data privacy and governance
EY privacy specialists assess the risks to data privacy, protection and governance on the table for businesses, with less than two months until Brexit Continue Reading
-
Five steps to build an artificial intelligence strategy
Artificial intelligence is the next frontier for IT in businesses, helping to increase competitive advantage. A truly successful AI strategy needs careful planning Continue Reading
-
How to write an executive CV for IT leadership jobs
Knowing how to write an IT executive CV requires a deep knowledge and skillset that not everyone has. Find out how to set yourself apart from the competition Continue Reading
-
Risk and reward: How to succeed in digital transformation
Most organisations are seeking to step up their digital transformation efforts, but history has shown that such efforts can be doomed to failure if they take the wrong approach Continue Reading
-
Lapsing ISO certifications: Myth versus risk
Allowing ISO certifications to lapse presents businesses with serious risks when workarounds are possible Continue Reading
-
Tech executives need new skills to lead in a remote world
After helping organisations adapt to new ways of working during the Covid-19 pandemic, IT leaders worldwide are now enjoying greater influence, according to this year’s Harvey Nash/KPMG CIO Survey Continue Reading
-
Digital leaders and the widening divide
This year’s Harvey Nash/KPMG CIO Survey shows a widening of the digital business divide, with companies that have already adopted digital technologies more likely to accelerate those investments than those still in the planning stage Continue Reading
-
Why business resilience management should be high on the agenda
Business resilience management is key to business survival in the face of rapidly changing IT, cyber threat and regulatory environments Continue Reading
-
Security Think Tank: Edge datacentre security depends on specific needs
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ... Continue Reading
-
Security Think Tank: Beware security blind spots at the edge
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ... Continue Reading