In Depth
In Depth
IT governance
-
How GCHQ proposes to implement and use ethical AI
The rise of cyber crime and the escalating threat vectors facing the UK have led GCHQ to invest in automated threat detection and response systems to meet this challenge, as well as liaising with the private sector for the first time Continue Reading
-
Why some jobseekers have turned to cyber crime during the pandemic
Research shows that many people have been seeking cyber crime-related work on the dark web, but why? Continue Reading
-
Ecolabels and data sanitisation key to recycling and reusing IT assets
Ecolabels on hardware and data sanitisation of devices are key to recycling and reusing old IT equipment respectively, helping enterprises avoid unnecessary asset destruction and contributing to increasingly high levels of electronic waste globally Continue Reading
-
Backup appliances the hot topic for Pas-de-Calais fire brigade
With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
-
The 3-2-1 backup rule: Has cloud made it obsolete?
The 3-2-1 backup rule was made for small-scale use in the pre-cloud era when tape still ruled. Is it relevant in the 2020s, or can we repurpose its fundamental principles? Continue Reading
-
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on Continue Reading
-
Dealing with the challenge of beg bounties
The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
-
Is it time to ban ransomware insurance payments?
The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track? Continue Reading
-
How can healthcare organisations fight increased cyber crime in 2021?
As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
-
Data Dynamics aims at single view of unstructured data
Data volume is ballooning, and storage is becoming more disparate, which makes the need for a single platform to manage storage and compliance a key requirement for organisations Continue Reading
-
Picking the right IAM tools is based on more than today’s needs
With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure ... Continue Reading
-
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
How to monitor remote workers humanely
Monitoring employees who work remotely has taken on a whole extra dimension in the Covid-19 pandemic year of 2020. Financial services firms are among those which suggest ways of doing it humanely and legally Continue Reading
-
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
Post-pandemic approaches to IAM for cloud security
Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading
-
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
How to build an effective vulnerability management programme
As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat Continue Reading
-
DDoS mitigation strategies needed to maintain availability during pandemic
The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions... Continue Reading
-
Credential stuffing: When DDoS isn’t DDoS
Ten years ago, credential stuffing attacks posed a comparatively minor threat, but with an escalating number of data breaches, the threat posed has now increased. What are the solutions to this very human problem? Continue Reading
-
Double extortion ransomware attacks and how to stop them
As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks Continue Reading
-
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
Intelligent ways to tackle cyber attack
Artificial intelligence-powered security tools should enable IT security teams to achieve more with less Continue Reading
-
Automating IT security
IT security’s battle with the hacking community has always been a game of cat and mouse, but it’s becoming increasingly automated Continue Reading
-
Drive to improve flash reliability
Due to its limited write cycles, flash-based storage can corrupt data. Computer Weekly looks at how flash reliability is being addressed Continue Reading
-
Auditing for algorithmic discrimination
Despite the abundance of decision-making algorithms with social impacts, many companies are not conducting specific audits for bias and discrimination that can help mitigate their potentially negative consequences Continue Reading
-
Black Lives Matter, but do bots know that?
The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed Continue Reading
-
APT groups’ mobile momentum finally faces resistance
State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back Continue Reading
-
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading
-
Dealing in data
Lessons learned from pandemic data reporting will help forge new analytics techniques to improve data quality Continue Reading
-
Accurate data in, better insights out
The coronavirus pandemic has propelled data into the headlines, but it has also shown the challenges of dealing with incomplete datasets Continue Reading
-
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
Surveillance capitalism in the age of Covid-19
Could the Covid-19 coronavirus pandemic further consolidate surveillance capitalist practices and enterprises? Author Shoshana Zuboff warns Computer Weekly it is possible Continue Reading
-
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
A carrot-and-stick approach to fixing cyber security complacency
With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it Continue Reading
-
Top five compliance concerns for UK business in 2020
We look at the top five legal and regulatory compliance concerns for UK businesses in 2020. It’s a list that includes GDPR, the DPA, PECR, PCI-DSS and the CCPA Continue Reading
-
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
Upcoming conflict minerals regulation does not cover major technology companies
A forthcoming regulation designed to stem the flow of conflict minerals is unlikely to change the behaviour of technology companies because loopholes in the new rules mean they are not covered Continue Reading
-
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
Zero trust: Taking back control of IT security
Trust on the network is a crucial factor in security risk, and zero trust changes the traditional model of ‘trust but verify’ Continue Reading
-
How IT can back up ESG efforts to do environmental and social good
Organisations’ environmental, social and governance programmes depend on IT leaders for technological backup Continue Reading
-
Caribbean island hospital rebuilds after hurricane with DataCore
Hurricane Irma tore the roof off a server room and flooded IT hardware, but that was an opportunity to rebuild redundant IT using DataCore’s SANsymphony software-defined storage Continue Reading
-
Top four compliance considerations for SMEs
We look at the key data compliance regulations that affect smaller companies – such as GDPR, the Data Protection Act, PCI-DSS and PECR – and some key industry-specific frameworks Continue Reading
-
DRaaS decisions: Key choices in disaster recovery as a service
We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources Continue Reading
-
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
What are the key issues facing healthcare CIOs?
Six healthcare IT leaders give their views on the major challenges for digital transformation across the NHS Continue Reading
-
Five essential steps to a sound disaster recovery plan
We walk through the key steps to develop a disaster recovery plan – from risk assessment and setting recovery objectives, to the plan itself and a testing regime to keep it fresh Continue Reading
-
SME disaster recovery made easy with cloud, hybrid and HCI
Disaster recovery is a lot easier for small businesses than it used to be, with use of the cloud, hybrid cloud, physical and virtual appliances, and hyper-converged infrastructure all among the choices on offer Continue Reading
-
Making the case for integrated risk management
Security experts discuss how an integrated approach to risk and governance can be effectively managed Continue Reading
-
Security puzzle calls for some joined-up thinking
The age of digitisation brings new risks to organisations, so security needs to be more integrated Continue Reading
-
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
EBA outsourcing guidelines: What banks, fintechs and cloud providers need to know
The regulatory landscape for financial services and outsourcing will undergo a refresh this month with new guidance from the European Banking Authority. We look at what banks, fintechs and cloud firms need to do Continue Reading
-
Inside blockchain and its various applications
We explore the technology around blockchain shaping how businesses use data Continue Reading
-
Think beyond tick-box compliance
A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value Continue Reading
-
GDPR one year in
Until recently, no one assumed the ICO would issue large fines for GDPR non-compliance. But that has all changed now that it plans to fine BA Continue Reading
-
Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data
Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading
-
How to get the basics of mobile device management right the first time
When adopting mobile device management, there are often fears around implementation and whether or not the strategy is even required Continue Reading
-
Unstructured data compliance: Obstacles and solutions
Stored unstructured data could be a black hole full of unknown risk. We look at the key dangers to compliance in unstructured data and some ways of mitigating the risks Continue Reading
-
Blackout after Brexit: UK datacentres brace for post-EU power supply and cost changes
As the uncertainty over how the UK intends to extricate itself from the European Union rumbles on, datacentre operators are weighing up how Brexit might affect the availability and cost of the power they need to run their facilities in future Continue Reading
-
Steering a safe course through hybrid cloud
We look at why hybrid cloud can create a tricky infrastructure to manage Continue Reading
-
How to create a great strategy in the digital age
What are the best ways for technology leaders to create a strategy that is fit for the digital age? Computer Weekly asks the experts Continue Reading
-
A cloud compliance checklist for the GDPR age
The cloud is supposed to make things simpler, but when it comes to compliance, things can get complex. Here is a look at the essential elements of a cloud compliance strategy Continue Reading
-
The future of network-connected device security
The proliferation of poorly secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough? Continue Reading
-
Data protection, backup and replication in the age of the cloud
A data protection and backup strategy has to take account of the expansion of the sphere of IT, from the datacentre to the public cloud to devices and locations at the edge Continue Reading
-
Tips on reducing unnecessary cloud service costs
As IT departments prepare their 2019 budgets, we assess how to avoid paying too much for cloud services Continue Reading
-
The value of unified endpoint management
Given the diversity of devices people can use for work, IT needs to look at how it can unify device security Continue Reading
-
GDPR: An overview of the latest data protection legislation
The forthcoming General Data Protection Regulation (GDPR) will have wide-ranging implications for every organisation that processes personal data. This comprehensive overview tells you what you need to know Continue Reading
-
Smart security: Go beyond the basics with biometrics
With smartphone makers offering new features such as biometrics, there are lots of options available to businesses when putting mobile security into practice Continue Reading
-
The rights and wrongs about GDPR compliance
We explore some common myths surrounding the forthcoming General Data Protection Regulation Continue Reading
-
Why GDPR is great for SMEs
SME laggards facing potential fines for non-compliance should wake up and smell the tasty carrot of a leaner, smarter business post-GDPR Continue Reading
-
Get tooled up to meet GDPR requirements
We look at options for tools to help organisations comply with the EU’s General Data Protection Regulation Continue Reading
-
How Cyient streamlined its HR functions with the cloud
The India-based supplier of engineering services is counting on a cloud-based human resource management system to improve efficiency and support its growing business Continue Reading
-
GDPR brings serious implications for data storage
New European Union data protection regulations put tough requirements on organisations that store “personally identifiable data”. We look at what is needed to achieve compliance Continue Reading
-
GDPR: a quick start guide
We look at how UK organisations can prepare for the General Data Protection Regulation Continue Reading
-
Backup testing: What to test, when to test, how often to test
We run the rule over what’s involved in backup testing in virtual and physical server environments, how often you should test and the key pitfalls to avoid Continue Reading
-
Time to restore from backup: Do you know where your data is?
Making a backup is only the start of the process. You must be sure you can restore, that backups contain what you need, and that they will work with the applications that need them Continue Reading
-
Cloud contracts are still a minefield
Cloud computing is maturing in the enterprise space, but the contracts that underpin cloud services have not evolved at the same pace Continue Reading
-
Disaster recovery testing: technology systems to test DR
In this concluding part of a two-part series, Computer Weekly looks at ways of testing disaster recovery plans, with methods including array-based replication and hypervisor-based approaches Continue Reading
-
Disaster recovery testing: A vital part of the DR plan
Disaster recovery provision is worthless unless you test out your plans. In this two-part series, Computer Weekly looks at disaster recovery testing in virtualised datacentres Continue Reading
-
Value chain mapping – finding a path
In the second extract from his forthcoming book, Simon Wardley explains how to draw a map to describe the changing nature of your business Continue Reading
-
How to beat Oracle licence audits
An eight-step guide to tame the Oracle auditors. Don't take the bait... Continue Reading
-
Lauri Love: the student accused of hacking the US
How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love Continue Reading
-
Blockchain and the promise of cooperative cloud storage
Blockchain technology allows distributed retention of encrypted data and is at the heart of cooperative cloud storage Continue Reading
-
Make fictional expense claims a thing of the past
Some executives think that travel and entertainment (T&E) expense claims are a licence to practise their creative fiction skills Continue Reading
-
CW@50: A history of IT outsourcing
Computer Weekly looks at where and when IT outsourcing was invented and considers the changes the sector has gone through since Continue Reading
-
Isle of Man: From seaside getaway to tech startup hub
The Isle of Man government is stepping up efforts to position itself as the low-tax jurisdiction of choice for the startup community. But what's it like to do business there? Continue Reading
-
CW@50: From ICL to ITIL
Standardisation helps industries to grow. Here in the UK, a number of highly influential standards emerged that have become building blocks for the modern computer industry Continue Reading
-
How to manage IT access for external users
Identity and access management has extended from being solely an internal IT management process to focus on external business engagement too Continue Reading
-
Five CIO tips for building an IT strategy in the digital age
CIOs and strategy experts share their experiences of creating an IT strategy that makes the most of the digital revolution Continue Reading
-
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
Acquire new skills for technology management
The age of the customer requires organisations to focus on both the business technology and IT agendas Continue Reading
-
How CIOs can raise their 'IT clock speed' as pressure to innovate grows
CIOs are facing pressure from the board to roll out IT projects increasingly quickly. How can they do that without running unacceptable risks? This article, based on cutting-edge research among leading businesses, offers some answers Continue Reading
-
EU Data Protection Regulation: What the EC legislation means for cloud providers
With the European Commission's data protection rules set to drop before 2016, take a look at what the changes mean for the cloud and datacentre community Continue Reading
-
SaaS criteria to track for business outcomes
Organisations should evolve their SaaS selection criteria to focus on newer metrics that are better indicators of supplier performance Continue Reading
-
Better user acceptance testing through log management
Application log management provides insight into application behaviour, which can be used to build better software and gain a better hold of user acceptance testing Continue Reading
-
How to write supplier contracts for agile software development
Typical supplier contracts are not suited to agile software projects where there is no requirements specification – so what should IT leaders do? Continue Reading
-
Digital customer experience: Beyond the website
Organisations are faced with the challenge of delivering their customers with an online experience that goes far beyond just a website Continue Reading
-
NHS data security: Lessons to be learned
The NHS does not always provide a trusted repository for patient data, but some trusts are examples of good practice in action Continue Reading
-
Interview: Ed Vaizey MP talks digital economy and digital skills
Minister for the digital economy Ed Vaizey discusses his new role and the future of digital policy Continue Reading
-
Demystifying Kubernetes: the tool to manage Google-scale workloads in the cloud
We are witnessing a new technology wave in the form of immutable infrastructure and micro-services Continue Reading