In Depth
In Depth
Application security and coding requirements
-
Simplifying cloud integrations with legacy IT
Subscription-based software is easier to integrate than traditional enterprise software, but the challenge for IT leaders is governance for SaaS connectivity Continue Reading
-
Building a secure coding philosophy
A proportion of cyber security spend goes towards securing application development. Software teams are also budgeting for IT security Continue Reading
-
Driving secure-by-design principles
Errors can and will occur in code – the key is to minimise the impact and ensure you streamline remediation Continue Reading
-
Securing your software supply chain
Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains Continue Reading
-
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
API management: Assessing reliability and security
Once an API is published, its developer then has responsibility to ensure it is kept up to date and is secure Continue Reading
-
Challenges of securing a software supply chain
The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain Continue Reading
-
How APAC organisations can mitigate edge security threats
The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks Continue Reading
-
What neurodivergent people really think of working in cyber security
Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
-
Bridging the gender gap in cyber security
Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap Continue Reading
-
Considerations when deciding on a new SIEM or SOAR tool
A successful deployment of any security tool very much depends on the maturity of security processes in the organisation Continue Reading
-
Five ways to ensure remote working security and compliance
A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
-
Tips to minimise vulnerabilities in web and mobile apps
Agile software development can sometimes be at odds with secure by design principles. We look at how organisations are balancing security with coding Continue Reading
-
Toughening up web and mobile apps
We look at how organisations can secure internal and web-facing applications against ransomware and injection-style attacks Continue Reading
-
The rise and rise of supply chain attacks
Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains Continue Reading
-
Dealing with the challenge of beg bounties
The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
-
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading
-
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
Vulnerability assessment done. Now what?
Vulnerability assessment establishes the current state of an organisation’s cyber security, but to meet industry best practices, companies should go beyond that to achieve continuous improvement Continue Reading
-
Debugging bug bounty programmes
Bug bounty programmes have recently become a popular method of vulnerability management, but poor programme management can lead to development teams becoming overwhelmed and bugs being missed Continue Reading
-
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
Inside DevOps, containers and enterprise security
Global corporates are waking up to containers and orchestrated containerisation for software development that is fast and safe. Computer Weekly looks at the best approach to ensure security is not compromised along the way Continue Reading
-
Application security more important than ever
Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge Continue Reading
-
Cyber resilience key to securing industrial control systems
Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures Continue Reading
-
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ... Continue Reading
-
Do website design platforms pose too big a security risk?
Cloud-based website design platforms are booming in popularity because of their simplicity and affordability, but business security should be considered carefully when using such services Continue Reading
-
UK sale of surveillance equipment to Macedonia raises questions over export licence policy
The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision Continue Reading
-
The Macedonian surveillance scandal that brought down a government
Macedonia has been accused of using surveillance technology for covert spying - the subsequent political protests were instrumental in the ruling party losing power after 10 years Continue Reading
-
Secure IoT before it kills us
Experts say more must be done to mitigate the potentially catastrophic threats presented by connected devices Continue Reading
-
Lauri Love: the student accused of hacking the US
How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love Continue Reading
-
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
How the development of standards will affect the internet of things
As the internet of things (IoT) grows, so will the number of applications developed to control internet-connected devices and objects Continue Reading
-
The internet of things is coming: Is your datacentre ready?
Gartner estimates the IoT will see 26 billion units installed by 2020 – channelling huge volumes of data traffic into datacentres Continue Reading
-
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
-
Optimising performance and security of web-based software
On-demand applications are often talked about in terms of how suppliers should be adapting the way their software is provisioned to customers. Continue Reading
-
Why agile development races ahead of traditional testing
Traditional testing practices optimise large, centralised testing but struggle to support the rapid delivery of agile development. Continue Reading
-
Static code analysis tools gain traction in India as SDL models mature
Static analysis tools are gaining popularity with Indian companies as software development models and perspectives mature. Here are some popular choices. Continue Reading