In Depth

In Depth

Application security and coding requirements

• What do the US’s new software security rules mean for UK organisations?

  The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors?  Continue Reading

• API management: Assessing reliability and security

  Once an API is published, its developer then has responsibility to ensure it is kept up to date and is secure  Continue Reading

• Challenges of securing a software supply chain

  The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain  Continue Reading

• How APAC organisations can mitigate edge security threats

  The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks  Continue Reading

• What neurodivergent people really think of working in cyber security

  Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn  Continue Reading

• Bridging the gender gap in cyber security

  Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap  Continue Reading

• Considerations when deciding on a new SIEM or SOAR tool

  A successful deployment of any security tool very much depends on the maturity of security processes in the organisation  Continue Reading

• Five ways to ensure remote working security and compliance

  A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security  Continue Reading

• Tips to minimise vulnerabilities in web and mobile apps

  Agile software development can sometimes be at odds with secure by design principles. We look at how organisations are balancing security with coding  Continue Reading

• Toughening up web and mobile apps

  We look at how organisations can secure internal and web-facing applications against ransomware and injection-style attacks  Continue Reading

• The rise and rise of supply chain attacks

  Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains  Continue Reading

• Dealing with the challenge of beg bounties

  The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty?  Continue Reading

• Security Long Reads: Cyber insiders reveal what’s to come in 2021

  In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021  Continue Reading

• Patching: Balancing technical requirements with business considerations

  With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented  Continue Reading

• How to apply zero-trust models to container security

  Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them?  Continue Reading

• What are the security priorities for the post-coronavirus world?

  The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising?  Continue Reading

• Contact tracing: The privacy vs protection debate

  The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far?  Continue Reading

• Coronavirus: How to implement safe and secure remote working

  Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves  Continue Reading

• Inside the SOC: the nerve centre of security operations

  Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel  Continue Reading

• Vulnerability assessment done. Now what?

  Vulnerability assessment establishes the current state of an organisation’s cyber security, but to meet industry best practices, companies should go beyond that to achieve continuous improvement  Continue Reading

• Debugging bug bounty programmes

  Bug bounty programmes have recently become a popular method of vulnerability management, but poor programme management can lead to development teams becoming overwhelmed and bugs being missed  Continue Reading

• A guide to choosing cloud-based security services

  Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security  Continue Reading

• The rise of DevSecOps

  The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations  Continue Reading

• Inside DevOps, containers and enterprise security

  Global corporates are waking up to containers and orchestrated containerisation for software development that is fast and safe. Computer Weekly looks at the best approach to ensure security is not compromised along the way  Continue Reading

• Application security more important than ever

  Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge  Continue Reading

• Cyber resilience key to securing industrial control systems

  Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures  Continue Reading

• Application and device security under the spotlight

  The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ...  Continue Reading

• Do website design platforms pose too big a security risk?

  Cloud-based website design platforms are booming in popularity because of their simplicity and affordability, but business security should be considered carefully when using such services  Continue Reading

• UK sale of surveillance equipment to Macedonia raises questions over export licence policy

  The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision  Continue Reading

• The Macedonian surveillance scandal that brought down a government

  Macedonia has been accused of using surveillance technology for covert spying - the subsequent political protests were instrumental in the ruling party losing power after 10 years  Continue Reading

• Secure IoT before it kills us

  Experts say more must be done to mitigate the potentially catastrophic threats presented by connected devices  Continue Reading

• Lauri Love: the student accused of hacking the US

  How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love  Continue Reading

• The true cost of a cyber security breach in Australia

  The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting.  Continue Reading

• How the development of standards will affect the internet of things

  As the internet of things (IoT) grows, so will the number of applications developed to control internet-connected devices and objects  Continue Reading

• The internet of things is coming: Is your datacentre ready?

  Gartner estimates the IoT will see 26 billion units installed by 2020 – channelling huge volumes of data traffic into datacentres  Continue Reading

• Hacktivism: good or evil?

  IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics  Continue Reading

• Optimising performance and security of web-based software

  On-demand applications are often talked about in terms of how suppliers should be adapting the way their software is provisioned to customers.  Continue Reading

• Why agile development races ahead of traditional testing

  Traditional testing practices optimise large, centralised testing but struggle to support the rapid delivery of agile development.  Continue Reading

• Static code analysis tools gain traction in India as SDL models mature

  Static analysis tools are gaining popularity with Indian companies as software development models and perspectives mature. Here are some popular choices.  Continue Reading