In Depth

In Depth

IT legislation and regulation

• Auditing for algorithmic discrimination

  Despite the abundance of decision-making algorithms with social impacts, many companies are not conducting specific audits for bias and discrimination that can help mitigate their potentially negative consequences  Continue Reading

• Black Lives Matter, but do bots know that?

  The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed  Continue Reading

• GDPR at two: How far we’ve come, how far we still have to go

  Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change  Continue Reading

• Surveillance capitalism in the age of Covid-19

  Could the Covid-19 coronavirus pandemic further consolidate surveillance capitalist practices and enterprises? Author Shoshana Zuboff warns Computer Weekly it is possible  Continue Reading

• A carrot-and-stick approach to fixing cyber security complacency

  With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it  Continue Reading

• Upcoming conflict minerals regulation does not cover major technology companies

  A forthcoming regulation designed to stem the flow of conflict minerals is unlikely to change the behaviour of technology companies because loopholes in the new rules mean they are not covered  Continue Reading

• How to find the right zero trust strategy

  Large tech companies and the US Federal Government have adopted zero trust as their next-generation security model  Continue Reading

• Top four compliance considerations for SMEs

  We look at the key data compliance regulations that affect smaller companies – such as GDPR, the Data Protection Act, PCI-DSS and PECR – and some key industry-specific frameworks  Continue Reading

• Amazon, AWS and antitrust: How tough could US lawmakers be on the tech titan?

  How Amazon conducts its business is coming under close scrutiny from US lawmakers, both from an online retail and cloud perspective, and this is why  Continue Reading

• Get ready for CCPA: Implications for UK businesses

  The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the...  Continue Reading

• What the EU’s decision on Facebook means for social media

  Recent ruling by the Court of Justice of the European Union will have global implications for social media companies and any organisations that host online content  Continue Reading

• EBA outsourcing guidelines: What banks, fintechs and cloud providers need to know

  The regulatory landscape for financial services and outsourcing will undergo a refresh this month with new guidance from the European Banking Authority. We look at what banks, fintechs and cloud firms need to do  Continue Reading

• Cutting the cord: Negotiating cloud contracts with problematic customers

  How accountable should cloud firms be for the actions of the customers that use their platforms, and how much thought should they give to aligning themselves with problematic brands before hosting them?  Continue Reading

• Think beyond tick-box compliance

  A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value  Continue Reading

• Data protection: How privacy can be a benefit, not a burden

  With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features  Continue Reading

• Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

  Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation  Continue Reading

• How facial recognition technology threatens basic privacy rights

  As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check  Continue Reading

• Disaster planning: How to expect the unexpected

  Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities  Continue Reading

• Data governance: The importance of getting it right

  With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed  Continue Reading

• Mobile phones and health: is 5G being rolled out too fast?

  European countries are rolling out 5G mobile communications at breakneck speed as they seek to gain a competitive edge over the US and Asia. But some scientists have raised questions about the effects of 5G mobile phone radiation on public health ...  Continue Reading

• Politics, privacy and porn: the challenges of age-verification technology

  The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges  Continue Reading

• Making unified threat management a key security tool

  As data protection becomes critical to businesses, we look at how unified threat management can be a useful tool, providing it is selected and deployed correctly according to business needs  Continue Reading

• The nightmare driving test: How to make sure self-driving cars are safe

  Simulating realistic environments using deep learning to enable self-driving cars to learn the rules of the road will prove more useful than any amount of real-world practice. We find out why, and meet the people doing something about it  Continue Reading

• A cloud compliance checklist for the GDPR age

  The cloud is supposed to make things simpler, but when it comes to compliance, things can get complex. Here is a look at the essential elements of a cloud compliance strategy  Continue Reading

• Brexit implications for data protection

  Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place  Continue Reading

• The future of network-connected device security

  The proliferation of poorly secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough?  Continue Reading

• IBM pushes boundaries of AI, but insists companies take an ethical approach

  Researchers at IBM are pushing the boundaries of what artificial intelligence and machine learning can do, but remain wary of the ethical implications that accompany the proliferation of this technology  Continue Reading

• National Archives races to create electronic archive of EU law before Brexit

  The National Archives faces challenges converting the EU's enormous library of laws into a publicly accessible UK archive ahead of Brexit. The Archives’ digital director, John Sheridan, explains how  Continue Reading

• Matching disaster recovery to cyber threats

  While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical  Continue Reading

• Cyber crime: why business should report it as soon as possible

  Cyber crime is affecting a growing number of businesses, yet few are reporting it. Computer Weekly lifts the veil on cyber crime reporting, looking at the who, what, when, where, how and why  Continue Reading

• Application and device security under the spotlight

  The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ...  Continue Reading

• GDPR: An overview of the latest data protection legislation

  The forthcoming General Data Protection Regulation (GDPR) will have wide-ranging implications for every organisation that processes personal data. This comprehensive overview tells you what you need to know  Continue Reading

• Data protection is critical for all businesses

  Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many reasons good data practice is essential  Continue Reading

• Business needs to keep up with Investigatory Powers Act

  All indications are that the obligations on communication service providers under the controversial Investigatory Powers Act will change, and affected companies must ensure they are constantly up to date  Continue Reading

• GDPR: Not too late to ensure real risks will be addressed

  With just four months to go before the General Data Protection Regulation compliance deadline, there is a growing anxiety in many parts of the regulated community that their GDPR plans may not be fit for purpose  Continue Reading

• Content filtering a potential challenge in digital single market

  The proposed digital single market directive is intended to harmonise e-commerce and copyright throughout the European Union, but concerns have been raised over the technological impact this would have on UK industry  Continue Reading

• UK sale of surveillance equipment to Macedonia raises questions over export licence policy

  The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision  Continue Reading

• How innovation in cycling helps Trek-Segafredo create a competitive edge

  Cycling team is using technology from design to the track to improve its business and sporting competitiveness  Continue Reading

• UK Data Protection Bill vs EU General Data Protection Regulation

  The UK Data Protection Bill is due to come into force this year, ahead of the EU General Data Protection Regulation in May 2018 - we look at the differences between the two  Continue Reading

• Where the device hits the network – a mobile device management update

  As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge  Continue Reading

• How to improve security against email attacks and for GDPR compliance

  About 200 billion emails are sent every day, but because of its importance email is constantly exploited by attackers, and yet is often overlooked in cyber security strategies  Continue Reading

• How logic games have advanced AI thinking

  Pitting a chess computer against a chess champion used to be the end goal for machine intelligence. We explore how game play has improved artificial intelligence  Continue Reading

• GDPR brings serious implications for data storage

  New European Union data protection regulations put tough requirements on organisations that store “personally identifiable data”. We look at what is needed to achieve compliance  Continue Reading

• GDPR: One year to compliance and opportunity

  With a year to go before all companies dealing with European Union citizens’ data have to comply with new EU data protection rules, the focus for many is on compliance, but some believe business should be the top priority  Continue Reading

• Australia’s cyber security strategy bearing fruit

  The national blueprint has been a catalyst for improvements in cyber security across the country, but its long-term impact remains to be seen  Continue Reading

• Cloud contracts are still a minefield

  Cloud computing is maturing in the enterprise space, but the contracts that underpin cloud services have not evolved at the same pace  Continue Reading

• Challenges of complying with the Investigatory Powers Act

  Despite opposition by civil liberties groups and technology companies, the UK government has passed the controversial Investigatory Powers Act, adding a host of security and contingency requirements that UK businesses need to consider  Continue Reading

• What happens to data protection when we leave the EU?

  The UK was a keen participant in the formulation of new data protection laws for the European Union, but its electorate has since voted to leave the EU. How is that likely to affect data protection in the UK once Brexit is accomplished?  Continue Reading

• A Good American: Surveillance, 9/11 and the NSA

  Computer Weekly sat down to watch Friedrich Moser's documentary about the NSA whistleblower Bill Binney - A Good American  Continue Reading

• Infosecurity – the GCHQ way

  Balancing privacy and security requires highly developed information security policies and, of the UK intelligence agencies, GCHQ has taken the lead.  Continue Reading

• Lauri Love: the student accused of hacking the US

  How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love  Continue Reading

• Europe fires starting gun for dash to GDPR compliance

  A last dash for compliance with the general data protection regulation (GDPR) has begun across Europe and, despite the two-year warning, some organisations will fall short and for UK firms Brexit is no excuse  Continue Reading

• What the EU’s new data protection laws mean for UK industry

  The General Data Protection Regulation, which will come into force on 25 May 2018, could have a big impact on any company in the world that deals with the personal data of EU citizens  Continue Reading

• CW@50: 1966 - Computer Weekly goes to bat for the British computer industry

  Launched in 1966 as part of a modernising wave to change British society, Computer Weekly battled for the nation’s industry against the US, and saw IT as an entry ticket to the Common Market  Continue Reading

• Virtualisation and the cloud aid disaster recovery in Spain

  As virtualisation and cloud services take hold, Spanish organisations can take advantage of less costly and more flexible responses to the threat of unplanned outages  Continue Reading

• Three steps towards a hierarchy of needs for smart cities

  Smart cities face challenges around network connectivity, standardisation and data governance, say IoT experts, and these needs must be met for them to flourish  Continue Reading

• What the EU’s cyber security bill means for UK industry

  Coming European legislation on network and information security could have cost and organisational implications for a range of UK companies  Continue Reading

• UK immigration rules fly in the face of cyber security skills shortage

  Despite the UK’s shortage of cyber security skills, recent changes to immigration rules make it no less difficult to hire skilled workers from outside the European Union  Continue Reading

• What the Investigatory Powers Bill means for the telecommunications industry

  The draft Investigatory Powers Bill could have major implications for telecommunication companies operating in the UK  Continue Reading

• Avoiding security issues when recycling hardware

  What are the options for the environmentally and ethically responsible recycling of end-of-life hardware, without compromising data security?  Continue Reading

• Why the cloud provider community needs to get on board with ISO 27018

  Despite being published more than a year ago, cloud providers are only really just starting to take notice of ISO 27018. We explore what it is and why it matters to the enterprise  Continue Reading

• EU Data Protection Regulation: What the EC legislation means for cloud providers

  With the European Commission's data protection rules set to drop before 2016, take a look at what the changes mean for the cloud and datacentre community  Continue Reading

• Dutch businesses unaware of impact of new data protection law

  The European Commission is set to introduce data protection rules, but few Dutch companies are aware of the impact the changes will have, according to Sophos managing director Peter Lacroix  Continue Reading

• Journey to the West: Will Huawei make its services ambitions stick?

  As network hardware supplier Huawei enters the services game, we consider if the West is ready to buy IT services from China  Continue Reading

• Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance

  Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden  Continue Reading

• General election 2015: The state of broadband and the future of policy

  With the 2015 election less than a month away, broadband stakeholders set out their manifesto and hopes for broadband policy  Continue Reading

• NHS data security: Lessons to be learned

  The NHS does not always provide a trusted repository for patient data, but some trusts are examples of good practice in action  Continue Reading

• Are privacy laws and regulations strangling Europe’s productivity?

  As Europe moves to new regulations on privacy and data protection, business is concerned that red tape will harm productivity and innovation  Continue Reading

• Mobile device management (MDM) vs backup

  MDM tackles the challenge of mobile devices flooding the enterprise, but it doesn’t mean you can stop worrying about mobile data protection  Continue Reading

• Wi-Fi in the sky: The good, the bad and the ugly

  With in-flight internet options spreading around the world, which services should discerning business travellers try, and which should they avoid?  Continue Reading

• Five tech trends that will change the mobile world in the next 10 years

  Computer scientist Kevin Curran discusses some of the trends that will shape the future of mobile at Mobile World Congress 2015  Continue Reading

• Cyber crime: What every business needs to know

  Computer Weekly gets the low-down on cyber crime from law enforcement officers and investigators  Continue Reading

• TUPE or not TUPE? That is the question

  Designed to enable employees and business units to be transferred from one owner to another, TUPE legislation is now 33 years old  Continue Reading

• Economy, jobs and technology trends on CIOs' minds in 2015

  CIOs gathered at the first CW500 meeting of 2015 to discuss the economy, the technologies driving business and good IT leadership  Continue Reading

• Technology’s growing role in keeping Europe safe

  Technology is playing a growing role in keeping Europe safe, but faces the challenge of ensuring it has the right legal frameworks in place  Continue Reading

• Interview: Ed Vaizey MP on broadband, mobile networks and the internet of things

  Digital economy minister Ed Vaizey MP reflects on the next steps for the BDUK project and talks mobile roll-out, 5G and the internet of things (IoT)  Continue Reading

• Interview: Ed Vaizey MP talks digital economy and digital skills

  Minister for the digital economy Ed Vaizey discusses his new role and the future of digital policy  Continue Reading

• The internet of things is coming: Is your datacentre ready?

  Gartner estimates the IoT will see 26 billion units installed by 2020 – channelling huge volumes of data traffic into datacentres  Continue Reading

• How to use defence in depth to secure endpoint machines

  Go beyond antimalware deployment to use security policies, BYOD strategies and user education to keep your devices and systems safe  Continue Reading

• Co-location services and datacentres feel the CCA heat

  A climate change agreement (CCA) for datacentres has come into force. How will its energy-efficiency rewards shape the industry?  Continue Reading

• Erasure coding vs Raid as a data protection method

  Erasure coding is mooted as a potential successor to Raid and backup software  Continue Reading

• Using public sector open data to benefit local communities

  Tech City’s Flood Hack shows how open data can help communities - an aspect attracting interest in Leeds council and other UK cities.  Continue Reading

• How NSA spying disclosures influence security strategies

  How have whistleblower Edward Snowden’s exposés affected the ways organisations deal with internal and external security threats?  Continue Reading

• An introduction to cyber liability insurance cover

  Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists  Continue Reading

• CW500 in the City: IT innovation in financial services

  Finance firms need to overcome their fears of regulation if they are to innovate and IT must be ready to support them when they do  Continue Reading

• Social media: A security challenge and opportunity

  Generation Y workers are posing increasing security challenges to their employers as they share data unreservedly  Continue Reading

• Mobile banking innovation stimulates banks’ IT spending

  European banks are racing to catch up with the mobile services available in the US but remain twitchy about over-extending budgets.  Continue Reading

• CW500: Inside the government's CloudStore

  The government's cloud store means an end to the big four to five-year IT projects of the past, says the CloudStore lead of the G-Cloud programme  Continue Reading

• CW500: The legal risks of migrating to the cloud

  Experts from the public and private sectors discuss the legal challenges of moving to the cloud  Continue Reading

• Compliance, risk and the coming EU data protection framework: a CISO's perspective

  Compliance and risk managers in Europe are facing one of the biggest challenges for decades as the region moves to a new data protection framework  Continue Reading

• Mandatory carbon reporting: Indirect emissions guidelines for IT managers

  As the UK government announces mandatory carbon reporting for listed companies, how are IT managers to interpret guidelines on indirect emissions?  Continue Reading

• Do not delay, EU data protection changes on the way

  Three or four years is plenty of time to get ready for the new data protection framework in Europe, but the clock is ticking  Continue Reading

• Buyer's Guide: Disclosing security breaches in SMEs

  Protecting regulated data is a big enough headache for many small businesses – now they also need to think about disclosure  Continue Reading

• Capita: the story of where UK public sector outsourcing began

  Capita is a business process outsourcing (BPO) firm focusing heavily on the UK public sector market. With annual revenues over £2.7bn, it has become a lynch pin in public sector outsourcing.  Continue Reading

• Information security superheroes: are we overlooking the obvious?

  In these dark days of professional, organised cyber crime and state-sponsored cyber espionage, the world of business is looking for a cyber superhero to save the day. But in the quest for a cyber superhero, business is failing, Lois Lane-like, to ...  Continue Reading

• The top five SME security challenges

  Best practice in IT security and compliance for small and medium-sized enterprises (SMEs) is often seen as a "grudge purchase", but SMEs face the same threat as larger organisations - just without their budgets.  Continue Reading

• Self-encrypting drives: What's holding back SED hard drive encryption security?

  The self-encrypting drive (SED) provides a high level of data security, is invisible to the user, does not affect workflow or performance and cannot be turned off, yet SED technology has been adopted by relatively few organisations – so what's ...  Continue Reading

• Self-encrypting drives: SED the best-kept secret in hard drive encryption security

  The SED solves many common data loss problems and is easy to use and manage with minimal impact on system performance – yet relatively few businesses and governments use SEDs.  Continue Reading

• Tackling the IT security and compliance challenges for SMEs

  SME IT leaders discussed the cyber threat landscape and its impact on small and medium-sized businesses at a Computer Weekly roundtable  Continue Reading

• The business value of balancing openness with security to manage risk

  The risks to businesses of using social media is a hot topic, but it is indicative of a much broader challenge that is facing not only business, but also government, publishers and regulators, in how to balance openness and collaboration with ...  Continue Reading