In Depth

In Depth

Business continuity planning

• Disaster recovery for SMEs: Five key areas to consider

  We look at key disaster recovery considerations for SMEs, including why backup is not enough, how to create a disaster recovery plan, best-practice DR testing and DR as a service  Continue Reading

• Five ways to ensure remote working security and compliance

  A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security  Continue Reading

• How the pandemic changed backup

  The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware  Continue Reading

• What the Telecommunications (Security) Bill means for UK industry

  The Telecommunications (Security) Bill is intended to reinforce the security of the UK telecommunications infrastructure, but what are the implications for industry?  Continue Reading

• Buying a VPN? Here’s what you need to know

  VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these  Continue Reading

• How do I get my users to pay attention to security training?

  As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees?  Continue Reading

• Backup failure: Four key areas where backups go wrong

  We look at the key ways that backups can fail – via software issues, hardware problems, trouble in the infrastructure and good old human error – and suggest ways to mitigate them  Continue Reading

• Backup appliances the hot topic for Pas-de-Calais fire brigade

  With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage  Continue Reading

• How to choose the right email security service for your organisation

  With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider  Continue Reading

• Does email security need a human solution or a tech solution?

  People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on  Continue Reading

• Dealing with the challenge of beg bounties

  The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty?  Continue Reading

• Five ways that disaster recovery changes in a pandemic

  Covid-19 has changed IT. Previously, working remotely was a business continuity measure, but now it is the norm. That means disaster recovery has to adapt to new risks and new ways to respond  Continue Reading

• Is it time to ban ransomware insurance payments?

  The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track?  Continue Reading

• Picking the right IAM tools is based on more than today’s needs

  With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure ...  Continue Reading

• The nation state threat to business

  The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated?  Continue Reading

• Security Long Reads: Cyber insiders reveal what’s to come in 2021

  In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021  Continue Reading

• Patching: Balancing technical requirements with business considerations

  With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented  Continue Reading

• Post-pandemic approaches to IAM for cloud security

  Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal  Continue Reading

• This Christmas, Covid-19 heightens retail security risks for everyone

  Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works  Continue Reading

• How to build an effective vulnerability management programme

  As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat  Continue Reading

• DDoS mitigation strategies needed to maintain availability during pandemic

  The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions...  Continue Reading

• Why securing the DNS layer is crucial to fight cyber crime

  Domain name system security is often overlooked by organisations, but focusing on this layer could actually improve the effectiveness of cyber security strategies. We explore the latest DNS trends and best practice  Continue Reading

• Baking adaptability into the supply chain

  The coronavirus crisis has highlighted the importance of data and automation in supporting an agile supply chain.  Continue Reading

• Top five ways backup can protect against ransomware

  Ransomware threatens to put your data beyond reach, so the best way to prepare is to have good-quality data you can restore from backup. We look at the key things to consider  Continue Reading

• Double extortion ransomware attacks and how to stop them

  As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks  Continue Reading

• Getting physical with datacentre security

  Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre  Continue Reading

• How to achieve resilience – the modern uptime trinity

  IT leaders can take responsibility for ensuring their organisations are resilient during times of crisis. There are no quick fixes, but if you think it is expensive to ensure resilience in your IT systems, try frequent failure instead  Continue Reading

• Drive to improve flash reliability

  Due to its limited write cycles, flash-based storage can corrupt data. Computer Weekly looks at how flash reliability is being addressed  Continue Reading

• APT groups’ mobile momentum finally faces resistance

  State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back  Continue Reading

• Coronavirus: How to go back to the office safely and securely

  Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them.  Continue Reading

• GDPR at two: How far we’ve come, how far we still have to go

  Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change  Continue Reading

• Malaysia’s data protection practices still have some way to go

  Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach  Continue Reading

• What are the security priorities for the post-coronavirus world?

  The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising?  Continue Reading

• Storage 101: Replication vs backup, and synchronous vs asynchronous

  Storage 101: Can replication replace backup? What are the pros and cons of synchronous and asynchronous backup? What’s the best way to mix backup and replication?  Continue Reading

• A carrot-and-stick approach to fixing cyber security complacency

  With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it  Continue Reading

• Australian firms soldier on amid Covid-19 outbreak

  From the largest financial institutions to small companies, Aussie firms have been dialling up their use of technology tools to keep their businesses humming during the coronavirus pandemic  Continue Reading

• How APAC firms are coping with the Covid-19 outbreak

  The air of change looms large in companies operating in the Asia-Pacific region, with some doing better than others in keeping the lights on amid the coronavirus pandemic  Continue Reading

• Why security validation matters

  FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape  Continue Reading

• Coronavirus: How to implement safe and secure remote working

  Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves  Continue Reading

• Is this Netflix-style thriller the future of security training?

  Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training  Continue Reading

• DRaaS decisions: Key choices in disaster recovery as a service

  We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources  Continue Reading

• Five ways that backup has changed since the days of tape

  Back in the day, all this was tape, but times have changed, with cloud-to-cloud backup, cloud storage, virtual and physical backup appliances and myriad endpoint hardware  Continue Reading

• Five essential steps to a sound disaster recovery plan

  We walk through the key steps to develop a disaster recovery plan – from risk assessment and setting recovery objectives, to the plan itself and a testing regime to keep it fresh  Continue Reading

• Data management strategies are evolving – so must enterprises

  A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management  Continue Reading

• Disaster planning: How to expect the unexpected

  Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities  Continue Reading

• Protecting your digital assets: Why it pays to invest in cyber insurance

  Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without  Continue Reading

• Disaster recovery as a service: what you need to know 

  Technological advances make disaster recovery as a service possible, but Computer Weekly investigates whether it is practical option for all businesses  Continue Reading

• Matching disaster recovery to cyber threats

  While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical  Continue Reading

• Cyber resilience key to securing industrial control systems

  Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures  Continue Reading

• DR 101: The disaster recovery plan and disaster recovery strategy

  We walk through the key steps and essential building blocks required to develop a disaster recovery strategy and how to write a disaster recovery plan  Continue Reading

• Disaster recovery testing: A vital part of the DR plan

  Disaster recovery provision is worthless unless you test out your plans. In this two-part series, Computer Weekly looks at disaster recovery testing in virtualised datacentres  Continue Reading

• DDoS attack threat cannot be ignored

  Criminal activity has become the top motivation for distributed denial of service attacks as the average attack become strong enough to down most businesses – so taking no action is not an option  Continue Reading

• How to deal with the aftermath of a data breach

  Considering that a data breach could happen to any company, at any time, a plan of action is the best tactic  Continue Reading

• Disaster recovery planning: Where virtualisation can help

  The disaster recovery planning process is not fundamentally technology-centric, so when can virtualisation make it quicker and easier to restore services after an unplanned outage?  Continue Reading

• How to avoid being caught out by ransomware

  Businesses are still getting caught by ransomware, despite the fact that there are fairly straightforward methods to avoid it  Continue Reading

• The true cost of a cyber security breach in Australia

  The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting.  Continue Reading

• Mobile security -- what works and what doesn't?

  Experts told the CW500 Security Club how mobility brings new challenges to security departments and an opportunity to go beyond building walls around the enterprise  Continue Reading

• Asean organizations braced for cyber attack

  As an emerging economic power bloc, Asean is bracing itself for an influx of cyber crimes as hackers look for lucrative targets  Continue Reading

• Australian businesses under cyber attack

  What are the cyber security risks facing businesses in Australia and New Zealand and how are organisations addressing them?  Continue Reading

• CW500: Dealing with disaster - how do companies cope?

  At some point businesses will need to invoke a disaster recovery plan, but does it cover everything the modern digital company needs?  Continue Reading

• Preparing for mainstream cloud IT

  2015 is set to become the breakthrough year for cloud computing – and now the challenge of making the IT department cloud-ready begins  Continue Reading

• How to secure the SDN infrastructure

  As more enterprises look to deploy software-defined networking, the need for security from the ground up should not be underestimated  Continue Reading

• How to make applications resilient on AWS

  Cloud services are susceptible to network and other outages. There is no silver bullet to boost the resilience of an AWS-hosted application  Continue Reading

• Companies must act quickly to tackle cyber crime

  With cyber attacks becoming more sophisticated and widespread, companies must take stronger measures to prevent and tackle them  Continue Reading

• Companies must act quickly to combat cyber crime

  With cyber attacks becoming more sophisticated and widespread, companies must take stronger measures to prevent and tackle them  Continue Reading

• Time is running out for Windows Server 2003 migration

  Support for Windows Server 2003 will end next year, but careful planning can ease operating system migration  Continue Reading

• Meet the men and women who keep AT&T's network running

  Somewhere in the UK, a crack team sits waiting to spring into action to support, protect and repair AT&T’s global network  Continue Reading

• Microsoft vies with VMware in the virtual machine market

  VMware launched live migration in 2003. Since then, its capabilities have seen many enhancements, but Microsoft is starting to catch up  Continue Reading

• CW 500 Security Club: Securing the end point: a key challenge for business

  With multitudes of devices connecting businesses and their customers to interlinking systems, securing the end point has never been more vital  Continue Reading

• Erasure coding vs Raid as a data protection method

  Erasure coding is mooted as a potential successor to Raid and backup software  Continue Reading

• Where next for the new EU data protection regulation?

  For many people in business, the proposed new EU data protection regulation has become obscured by a storm of controversy  Continue Reading

• Hacktivism: good or evil?

  IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics  Continue Reading

• How to make your datacentre BYOD-ready

  BYOD is changing how employees interact with corporate data. Datacentre managers should follow these steps to prepare their infrastructure for BYOD  Continue Reading

• VMware and Hyper-V virtual machine disaster recovery

  VMware and Microsoft Hyper-V have a number of features aimed at virtual machine disaster recovery. Computer Weekly surveys some of the key hypervisor features for data protection  Continue Reading

• How to create a good information security policy

  Information security policies provide vital support to security professionals, yet few organisations take the time to create decent policies  Continue Reading

• How to tackle big data from a security point of view

  Before leaping into big data, companies must be clear what they are trying to achieve, otherwise their investment will be wasted  Continue Reading

• How to find the most vulnerable systems on your internal network

  Most corporate networks share common vulnerabilities, but many could be mitigated with education in “hacker thinking” for technical staff  Continue Reading

• Business priorities: what to protect, monitor and test

  How information security professionals can prioritise what to protect, monitor and test in the light of current budget and resource constraints  Continue Reading

• How to preserve forensic evidence in the golden hour after a breach

  There is a golden hour at the outset where a clear head and good planning can make or break any subsequent forensic investigation  Continue Reading

• CW500: The legal risks of migrating to the cloud

  Experts from the public and private sectors discuss the legal challenges of moving to the cloud  Continue Reading

• CW500: Managing the mobile workforce (part 2)

  Glenn Morgan, head of service transformation at British Airways, explains how the airline is harnessing consumer technology  Continue Reading

• How to make your business Flame-proof

  Advanced threats such as Flame can show CIOs what cyber attack tools of the future could look like  Continue Reading

• BYOD: Can enterprise mitigate the risks?

  What can businesses do to mitigate the risks of employees using their own devices as the trend for IT consumerisation gathers momentum?  Continue Reading

• Interview: Angela Tucci, chief strategy officer, Symantec

  Angela Tucci, chief strategy officer at Symantec, talks to Computer Weekly about the company's strategic plans  Continue Reading

• How to formulate an effective smartphone security policy

  The mobile revolution offers new ways of working, but what are the challenges and how can they be overcome?  Continue Reading

• Computer Weekly / TechTarget IT priorities survey 2012

  Learn which IT priorities are at the top of UK IT managers lists for 2012. Coverage from across our network includes cloud, budget cuts, networking, security, disaster recovery and more.  Continue Reading

• When X.509 security certificates fail, servers break

  Why are X.509 certificates causing computers to stop dead?  Continue Reading

• Security Think Tank: Top five issues in taking a structured approach to security in the cloud

  Last week, experts discussed the need to focus on the basics of security in the cloud. Here, the security think tank expert panel covers a structured approach to cloud computing security.  Continue Reading

• Security Think Tank: What is the most important nut for infosec to crack in 2012?

  What is the most important nut for infosec to crack in 2012?  Continue Reading

• Professional advice on sharing data responsibility

  Information is the lifeblood of most organisations. It can take one of many forms, such as physical files, digital files or databases. Furthermore, computer systems allow us to keep data almost indefinitely, and as we generate even more every year, ...  Continue Reading

• Eight top tips to ensure your business continuity plan is upto scratch

  In the event of a widespread outbreak of swine flu expected this autumn is your IT department ready and what are your business planning assumptions? Here are eight top tips to ensuring business continuity.  Continue Reading

• Plan B Disaster Recovery lowers the cost of business continuity

  Most users must have had one of those bad PC days, when you arrive at work enthused to complete a task, only to end up spending the day waiting for IT to fix your newly broken PC, or in a small business often doing it yourself.  Continue Reading

• Business continuity: the expert view

  Business continuity is about expecting the unexpected and preparing for a system failure.  Continue Reading

• WAN clustering for disaster recovery

  This tip provides information about WAN clustering for disaster recovery, its pros and cons, and what you need to watch out for.  Continue Reading

• When disaster recovery and data classification collide

  Attendees at a disaster recovery seminar discussed the complex application dependencies when disaster recovery and data classification combine.  Continue Reading

• Law firm revamps continuity plans

  International law firm Norton Rose has moved its disaster recovery centre from central London to Uxbridge following London's bomb attacks.  Continue Reading

• Teachers save with VMware project

  The Association of Teachers and Lecturers (ATL) has completed a six-month virtualisation project to cut overheads and improve its disaster recovery capability.  Continue Reading

• Merrill Lynch on the grid in race to speed up apps

  Merrill Lynch has developed an enterprise computing grid that allows it to run applications 800 times faster than previously by putting to work the power of disaster recovery servers and other under-utilised resources.  Continue Reading

• Scottish Power aims for a first with new business continuity standard

  Scottish Power is aiming to tighten its response to business interruptions by applying for accreditation under a new British Standard for business continuity.  Continue Reading

• Test your IQ: Business continuity -- ANSWER

  This type of plan specifies a means of maintaining essential services at the crisis location.  Continue Reading