In Depth

In Depth

IT legislation and regulation

• Accountability in algorithmic injustice

  Computer Weekly looks at the growing number of injustices involving algorithms and automated decision-making, and what can be done to hold governments and companies accountable for the failures of computer systems they deploy  Continue Reading

• Cyber insurance: What does a CISO need to know?

  We look at how the market for cyber insurance is evolving and how IT security chiefs can avoid buying the wrong level of cover  Continue Reading

• What the world can learn from Saudi Arabia’s fight against industrial control system attacks

  Iran learned from attacks on its infrastructure and unleashed similar malware on Saudi Arabia. The world has now gained valuable lessons from the Saudi response  Continue Reading

• What the EU’s content-filtering rules could mean for UK tech

  EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector  Continue Reading

• English Channel surveillance used ‘to deter and punish migrants’

  Instead of opening safe and legal routes to the UK, the country’s border control ecosystem is deploying surveillance technologies in the English Channel to deter migrant crossings, it is claimed  Continue Reading

• It takes a village: Protecting kids online is everyone’s responsibility

  The rapid uptake of smartphones among children has contributed to the increasing number of cases of cyber bullying and online grooming. Is this an educational issue or a cultural problem, and can modern enterprise help?  Continue Reading

• Cloud-era disaster recovery planning: Staff training, incident and media management

  In the third in a series on cloud-era disaster recovery, we set out the key components of DR staff awareness and training programmes, as well as incident management and dealing with the media  Continue Reading

• Navigating PIPL: European businesses plot their next steps into China

  How does China’s strict new Personal Information Protection Law impact European businesses?  Continue Reading

• Online Safety Bill puts user protection onus on platform providers

  The Online Safety Bill will place new duties and responsibilities on online platforms accessible from the UK, but as it currently stands, it contains several grey areas  Continue Reading

• Ultimate questions require ultimate understanding in the quantum era

  In The Hitchhiker’s Guide to the Galaxy, Deep Thought calculates the answer to the ultimate question of life, the universe and everything as ‘42’. But what of quantum computing?  Continue Reading

• Europe’s proposed AI regulation falls short on protecting rights

  The European Commission’s proposal for artificial intelligence regulation focuses on creating a risk-based, market-led approach replete with self-assessments, transparency procedures and technical standards, but critics warn it falls short of being ...  Continue Reading

• What the Telecommunications (Security) Bill means for UK industry

  The Telecommunications (Security) Bill is intended to reinforce the security of the UK telecommunications infrastructure, but what are the implications for industry?  Continue Reading

• How GCHQ proposes to implement and use ethical AI

  The rise of cyber crime and the escalating threat vectors facing the UK have led GCHQ to invest in automated threat detection and response systems to meet this challenge, as well as liaising with the private sector for the first time  Continue Reading

• Why some jobseekers have turned to cyber crime during the pandemic

  Research shows that many people have been seeking cyber crime-related work on the dark web, but why?  Continue Reading

• Backup appliances the hot topic for Pas-de-Calais fire brigade

  With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage  Continue Reading

• The driving force behind the EU colocation market’s climate-neutral push

  Colocation and hyperscale datacentre providers across Europe are under pressure from governments, regulators and the user community to curb carbon emissions  Continue Reading

• Is it time to ban ransomware insurance payments?

  The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track?  Continue Reading

• Security Long Reads: Cyber insiders reveal what’s to come in 2021

  In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021  Continue Reading

• Auditing for algorithmic discrimination

  Despite the abundance of decision-making algorithms with social impacts, many companies are not conducting specific audits for bias and discrimination that can help mitigate their potentially negative consequences  Continue Reading

• Black Lives Matter, but do bots know that?

  The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed  Continue Reading

• GDPR at two: How far we’ve come, how far we still have to go

  Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change  Continue Reading

• Surveillance capitalism in the age of Covid-19

  Could the Covid-19 coronavirus pandemic further consolidate surveillance capitalist practices and enterprises? Author Shoshana Zuboff warns Computer Weekly it is possible  Continue Reading

• A carrot-and-stick approach to fixing cyber security complacency

  With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it  Continue Reading

• Upcoming conflict minerals regulation does not cover major technology companies

  A forthcoming regulation designed to stem the flow of conflict minerals is unlikely to change the behaviour of technology companies because loopholes in the new rules mean they are not covered  Continue Reading

• How to find the right zero trust strategy

  Large tech companies and the US Federal Government have adopted zero trust as their next-generation security model  Continue Reading

• Top four compliance considerations for SMEs

  We look at the key data compliance regulations that affect smaller companies – such as GDPR, the Data Protection Act, PCI-DSS and PECR – and some key industry-specific frameworks  Continue Reading

• Amazon, AWS and antitrust: How tough could US lawmakers be on the tech titan?

  How Amazon conducts its business is coming under close scrutiny from US lawmakers, both from an online retail and cloud perspective, and this is why  Continue Reading

• Get ready for CCPA: Implications for UK businesses

  The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the...  Continue Reading

• What the EU’s decision on Facebook means for social media

  Recent ruling by the Court of Justice of the European Union will have global implications for social media companies and any organisations that host online content  Continue Reading

• EBA outsourcing guidelines: What banks, fintechs and cloud providers need to know

  The regulatory landscape for financial services and outsourcing will undergo a refresh this month with new guidance from the European Banking Authority. We look at what banks, fintechs and cloud firms need to do  Continue Reading

• Cutting the cord: Negotiating cloud contracts with problematic customers

  How accountable should cloud firms be for the actions of the customers that use their platforms, and how much thought should they give to aligning themselves with problematic brands before hosting them?  Continue Reading

• Think beyond tick-box compliance

  A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value  Continue Reading

• Data protection: How privacy can be a benefit, not a burden

  With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features  Continue Reading

• Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

  Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation  Continue Reading

• How facial recognition technology threatens basic privacy rights

  As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check  Continue Reading

• Disaster planning: How to expect the unexpected

  Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities  Continue Reading

• Data governance: The importance of getting it right

  With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed  Continue Reading

• Mobile phones and health: is 5G being rolled out too fast?

  European countries are rolling out 5G mobile communications at breakneck speed as they seek to gain a competitive edge over the US and Asia. But some scientists have raised questions about the effects of 5G mobile phone radiation on public health ...  Continue Reading

• Politics, privacy and porn: the challenges of age-verification technology

  The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges  Continue Reading

• Making unified threat management a key security tool

  As data protection becomes critical to businesses, we look at how unified threat management can be a useful tool, providing it is selected and deployed correctly according to business needs  Continue Reading

• The nightmare driving test: How to make sure self-driving cars are safe

  Simulating realistic environments using deep learning to enable self-driving cars to learn the rules of the road will prove more useful than any amount of real-world practice. We find out why, and meet the people doing something about it  Continue Reading

• A cloud compliance checklist for the GDPR age

  The cloud is supposed to make things simpler, but when it comes to compliance, things can get complex. Here is a look at the essential elements of a cloud compliance strategy  Continue Reading

• Brexit implications for data protection

  Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place  Continue Reading

• The future of network-connected device security

  The proliferation of poorly secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough?  Continue Reading

• IBM pushes boundaries of AI, but insists companies take an ethical approach

  Researchers at IBM are pushing the boundaries of what artificial intelligence and machine learning can do, but remain wary of the ethical implications that accompany the proliferation of this technology  Continue Reading

• National Archives races to create electronic archive of EU law before Brexit

  The National Archives faces challenges converting the EU's enormous library of laws into a publicly accessible UK archive ahead of Brexit. The Archives’ digital director, John Sheridan, explains how  Continue Reading

• Matching disaster recovery to cyber threats

  While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical  Continue Reading

• Cyber crime: why business should report it as soon as possible

  Cyber crime is affecting a growing number of businesses, yet few are reporting it. Computer Weekly lifts the veil on cyber crime reporting, looking at the who, what, when, where, how and why  Continue Reading

• Application and device security under the spotlight

  The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ...  Continue Reading

• GDPR: An overview of the latest data protection legislation

  The forthcoming General Data Protection Regulation (GDPR) will have wide-ranging implications for every organisation that processes personal data. This comprehensive overview tells you what you need to know  Continue Reading

• Data protection is critical for all businesses

  Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many reasons good data practice is essential  Continue Reading

• Business needs to keep up with Investigatory Powers Act

  All indications are that the obligations on communication service providers under the controversial Investigatory Powers Act will change, and affected companies must ensure they are constantly up to date  Continue Reading

• GDPR: Not too late to ensure real risks will be addressed

  With just four months to go before the General Data Protection Regulation compliance deadline, there is a growing anxiety in many parts of the regulated community that their GDPR plans may not be fit for purpose  Continue Reading

• UK sale of surveillance equipment to Macedonia raises questions over export licence policy

  The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision  Continue Reading

• Where the device hits the network – a mobile device management update

  As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge  Continue Reading

• How logic games have advanced AI thinking

  Pitting a chess computer against a chess champion used to be the end goal for machine intelligence. We explore how game play has improved artificial intelligence  Continue Reading

• GDPR brings serious implications for data storage

  New European Union data protection regulations put tough requirements on organisations that store “personally identifiable data”. We look at what is needed to achieve compliance  Continue Reading

• Cloud contracts are still a minefield

  Cloud computing is maturing in the enterprise space, but the contracts that underpin cloud services have not evolved at the same pace  Continue Reading

• Challenges of complying with the Investigatory Powers Act

  Despite opposition by civil liberties groups and technology companies, the UK government has passed the controversial Investigatory Powers Act, adding a host of security and contingency requirements that UK businesses need to consider  Continue Reading

• Lauri Love: the student accused of hacking the US

  How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love  Continue Reading

• [email protected]: 1966 - Computer Weekly goes to bat for the British computer industry

  Launched in 1966 as part of a modernising wave to change British society, Computer Weekly battled for the nation’s industry against the US, and saw IT as an entry ticket to the Common Market  Continue Reading

• Avoiding security issues when recycling hardware

  What are the options for the environmentally and ethically responsible recycling of end-of-life hardware, without compromising data security?  Continue Reading

• EU Data Protection Regulation: What the EC legislation means for cloud providers

  With the European Commission's data protection rules set to drop before 2016, take a look at what the changes mean for the cloud and datacentre community  Continue Reading

• Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance

  Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden  Continue Reading

• NHS data security: Lessons to be learned

  The NHS does not always provide a trusted repository for patient data, but some trusts are examples of good practice in action  Continue Reading

• Mobile device management (MDM) vs backup

  MDM tackles the challenge of mobile devices flooding the enterprise, but it doesn’t mean you can stop worrying about mobile data protection  Continue Reading

• Wi-Fi in the sky: The good, the bad and the ugly

  With in-flight internet options spreading around the world, which services should discerning business travellers try, and which should they avoid?  Continue Reading

• Cyber crime: What every business needs to know

  Computer Weekly gets the low-down on cyber crime from law enforcement officers and investigators  Continue Reading

• TUPE or not TUPE? That is the question

  Designed to enable employees and business units to be transferred from one owner to another, TUPE legislation is now 33 years old  Continue Reading

• Interview: Ed Vaizey MP talks digital economy and digital skills

  Minister for the digital economy Ed Vaizey discusses his new role and the future of digital policy  Continue Reading

• The internet of things is coming: Is your datacentre ready?

  Gartner estimates the IoT will see 26 billion units installed by 2020 – channelling huge volumes of data traffic into datacentres  Continue Reading

• Erasure coding vs Raid as a data protection method

  Erasure coding is mooted as a potential successor to Raid and backup software  Continue Reading

• An introduction to cyber liability insurance cover

  Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists  Continue Reading

• Social media: A security challenge and opportunity

  Generation Y workers are posing increasing security challenges to their employers as they share data unreservedly  Continue Reading

• The top five SME security challenges

  Best practice in IT security and compliance for small and medium-sized enterprises (SMEs) is often seen as a "grudge purchase", but SMEs face the same threat as larger organisations - just without their budgets.  Continue Reading

• Self-encrypting drives: SED the best-kept secret in hard drive encryption security

  The SED solves many common data loss problems and is easy to use and manage with minimal impact on system performance – yet relatively few businesses and governments use SEDs.  Continue Reading

• EDS report on 'dangerous' Chinook software published for the first time

  Computer Weekly is publishing, for the first time, a technical analysis of the software installed on the Chinook Mk2 helicopter, the Chinook model which featured in the RAF's worst peacetime crash.  Continue Reading

• How the Lorenz machine worked

  In answer to Hitler's demand for a machine that produced unbreakable code, the electrical engineering firm Siemens designed and built the Lorenz SZ40.  Continue Reading

• How to write an online code of conduct for employees

  When you give your employees internet access, you give them a resource that has the potential to deliver enormous business benefits. But it also has enormous potential to be misused and, in some instances, that misuse can be damaging for the business  Continue Reading

• The security implications of green IT

  Green IT has gone mainstream. The past year has seen corporations such as Citigroup establishing their environmental credentials by opening green datacentres. But how do the separate disciplines of green IT and information security come together?  Continue Reading

• Top four government data collection issues

  Since September 11 2001, the volumes of information collected by counter terrorism and law enforcement agencies, and countless organisations on their behalf, has grown by several orders of magnitude.  Continue Reading

• Internet law – Essential Guide

  Internet law is closely related to the laws that relate to other similar areas of broadcasting, retail, and information handling, and in many cases, internet laws are identical to those covering the offline world for such things as data protection, ...  Continue Reading

• Hacker Gary McKinnon - Essential Guide

  UK hacker Gary McKinnon has lost his appeal to the European Court of Human and now faces extradition to the US on charges of causing damage to US military systems when hacking into them to seek information on UFOs. Find out more in our essential ...  Continue Reading

• Surviving e-discovery

  It's been eight months since the Federal Rules of Civil Procedure were amended, and e-discovery rulings are all over the map, creating chaos for companies that must comply.  Continue Reading

• Business intelligence drives compliance for M&S

  BI tools enable financial services company to achieve Basel II legislative compliance and create an environment for assuring the quality of data  Continue Reading

• Does compliance make encryption always necessary?

  Many organisations look to encryption to protect sensitive data. Yet hundreds of millions of people who use the Internet also use encryption, yet most of them don't even know it.  Continue Reading

• ISO 27001 could bridge the regulatory divide, expert says

  Karen Worstell, former CISO at Microsoft and AT&T Wireless, now on the advisory board of Neupart A/S, explains how ISO 27001 can be used to help companies comply with a variety of regulations and standards  Continue Reading

• Storage retrieval strategies: Retrieving data from archives

  Some of the key issues involved with retrieving data from archives, such as data security, indexing and searching, and data retention.  Continue Reading

• Storage Outlook '07: Seeking better backups and archives

  Tom Becchetti, senior infrastructure engineer for a major national financial services company, says compliance, backup and archiving will be top priorities in 2007.  Continue Reading

• Beyond HIPAA and GLBA

  Most firms are familiar with HIPAA, Gramm-Leach-Bliley and Sarbanes-Oxley, but newer regulations are pushing certain industry sectors to adopt strong authentication  Continue Reading

• Why Lloyd's walked away from Kinnect

  Financial services: Lloyd's of London's decision to scrap its £70m electronic trading platform highlights the importance of getting end-user buy-in at the start of a project.  Continue Reading

• Break SLAs down to minimise risk

  A tiered approach means that firms need not confuse the IT specification with expected supplier service levels  Continue Reading

• Is the national programme for NHS IT set to be 'the biggest gamble in the world'?

  The private concerns of clinicians and IT professionals about the national programme are not being addressed, despite the front...  Continue Reading

• The effects of e-legislation on IT

  IT directors have never been more overwhelmed by laws affecting IT - as they heard at a Computer Weekly 500 meeting on the impact...  Continue Reading

• Inland Revenue and EDS: The highs and lows

  HM Inland Revenue’s decision to break its 10-year outsourcing relationship with EDS and Accenture for a Cap Gemini Ernst & Young-led consortium in a £3bn, 10-year contract shocked the IT world  Continue Reading

• Head of the NHS national plan for IT confirms he will retire before the completion of project

  The retirement of Sir John Pattison, the senior officer responsible for the national plan for IT, goes against Cabinet Office...  Continue Reading

• Modernise IT in the health service - but do not discourage full and open discussion

  Computer Weekly responds to criticism of our reporting of More Radical Steps - a BCS/Assist health IT conference - from three...  Continue Reading

• Computer Weekly's response to the letter from Glyn Hayes

  On 21 July, the Department of Health took the extraordinary step of posting on its website three letters that were addressed to...  Continue Reading

• Computer Weekly's response to the letter from Marlene Winfield

  On 21 July, the Department of Health took the extraordinary step of posting on its website three letters that were addressed to...  Continue Reading

• Computer Weekly's response to the letter from David Young

  On 21 July, the Department of Health took the extraordinary step of posting on its website three letters that were addressed to...  Continue Reading