In Depth
In Depth
Privacy and data protection
-
Picking the right IAM tools is based on more than today’s needs
With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure ... Continue Reading
-
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
How to monitor remote workers humanely
Monitoring employees who work remotely has taken on a whole extra dimension in the Covid-19 pandemic year of 2020. Financial services firms are among those which suggest ways of doing it humanely and legally Continue Reading
-
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
Credential stuffing: When DDoS isn’t DDoS
Ten years ago, credential stuffing attacks posed a comparatively minor threat, but with an escalating number of data breaches, the threat posed has now increased. What are the solutions to this very human problem? Continue Reading
-
Why securing the DNS layer is crucial to fight cyber crime
Domain name system security is often overlooked by organisations, but focusing on this layer could actually improve the effectiveness of cyber security strategies. We explore the latest DNS trends and best practice Continue Reading
-
Top five ways backup can protect against ransomware
Ransomware threatens to put your data beyond reach, so the best way to prepare is to have good-quality data you can restore from backup. We look at the key things to consider Continue Reading
-
Top five ways to benefit from tape today
We look at the benefits that tape can bring, including in backup and recovery, long-term and ‘warm’ archiving, compliance and WORM use cases and ‘air gapping’ to protect data Continue Reading
-
Double extortion ransomware attacks and how to stop them
As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks Continue Reading
-
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
Black Lives Matter, but do bots know that?
The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed Continue Reading
-
APT groups’ mobile momentum finally faces resistance
State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back Continue Reading
-
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
Malaysia’s data protection practices still have some way to go
Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach Continue Reading
-
Surveillance capitalism in the age of Covid-19
Could the Covid-19 coronavirus pandemic further consolidate surveillance capitalist practices and enterprises? Author Shoshana Zuboff warns Computer Weekly it is possible Continue Reading
-
Storage 101: Replication vs backup, and synchronous vs asynchronous
Storage 101: Can replication replace backup? What are the pros and cons of synchronous and asynchronous backup? What’s the best way to mix backup and replication? Continue Reading
-
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
A carrot-and-stick approach to fixing cyber security complacency
With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it Continue Reading
-
Why security validation matters
FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape Continue Reading
-
The AWS bucket list: Keep your cloud secure
Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter Continue Reading
-
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
Top four compliance considerations for SMEs
We look at the key data compliance regulations that affect smaller companies – such as GDPR, the Data Protection Act, PCI-DSS and PECR – and some key industry-specific frameworks Continue Reading
-
Six disaster recovery pitfalls and how to avoid them
We look at some key pitfalls in disaster recovery, such as failing to plan, not testing the plan, not protecting backups, poor communication and neglecting the human element Continue Reading
-
Startup uses machine learning to support GDPR’s right to be forgotten
Non-intrusive algorithms enable users to track which companies hold their data, so they can take it back Continue Reading
-
DRaaS decisions: Key choices in disaster recovery as a service
We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources Continue Reading
-
Whisper it… but could a cyber attack be good for your career?
All too often it’s the CISO who carries the can for an enterprise security failure, but this might not be a bad thing. There’s lots of evidence to suggest that falling victim to a cyber attack may actually enhance your CV Continue Reading
-
Five ways that backup has changed since the days of tape
Back in the day, all this was tape, but times have changed, with cloud-to-cloud backup, cloud storage, virtual and physical backup appliances and myriad endpoint hardware Continue Reading
-
Can the UK government’s efforts solve the cyber skills gap?
There has been an active effort by the UK government to tackle the lack of skills in the cyber security space – but is it enough? Continue Reading
-
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
Get ready for CCPA: Implications for UK businesses
The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the... Continue Reading
-
What the EU’s decision on Facebook means for social media
Recent ruling by the Court of Justice of the European Union will have global implications for social media companies and any organisations that host online content Continue Reading
-
Taking responsibility for security in the cloud
From accidental leaks to full-on data breaches, maintaining security across cloud services is becoming a headache for enterprises. What questions should organisations be asking of their cloud service provider and, ultimately, whose responsibility is... Continue Reading
-
ICO says UK police must ‘slow down’ use of facial recognition
The Information Commissioner’s Office is calling for a statutory code of practice to govern how police in the UK deploy live facial recognition technology while controversy surrounding its use continues Continue Reading
-
McAfee’s push for secure cloud adoption
Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee Continue Reading
-
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
How to mitigate IoT security risks to tap business benefits
Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk Continue Reading
-
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading
-
Developing innovative security analytics approaches in the digital age
With security threats growing in scale and complexity, security analytics provide a way for IT teams to stay one step ahead of cyber attackers. The challenge is to ensure this technology continues to be effective in the face of new security ... Continue Reading
-
GDPR one year in
Until recently, no one assumed the ICO would issue large fines for GDPR non-compliance. But that has all changed now that it plans to fine BA Continue Reading
-
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
Securing your mobile estate – best practice for CIOs
The prevalence of mobile devices in every part of daily life is shaping how enterprises make choices about software and network infrastructure, but how do businesses go about securing these vast new endpoint estates? Continue Reading
-
Data protection: How privacy can be a benefit, not a burden
With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features Continue Reading
-
Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data
Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading
-
How to get the basics of mobile device management right the first time
When adopting mobile device management, there are often fears around implementation and whether or not the strategy is even required Continue Reading
-
How privacy could breathe new life into personalisation
As much of the advertising technology used by marketers to deliver personalised content online is deemed unlawful, there are signs regulation could actually be a win-win for both consumers and business – as long as the industry embraces change Continue Reading
-
How facial recognition technology threatens basic privacy rights
As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check Continue Reading
-
Disaster planning: How to expect the unexpected
Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities Continue Reading
-
Big tech chiefs boycott parliamentarians investigating citizens’ privacy
An International Grand Committee on Big Data, Privacy and Democracy considers whether failure to protect citizens’ privacy constitutes grounds for anti-trust regulation against Facebook and other big tech companies Continue Reading
-
Data governance: The importance of getting it right
With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed Continue Reading
-
Protecting your digital assets: Why it pays to invest in cyber insurance
Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without Continue Reading
-
Politics, privacy and porn: the challenges of age-verification technology
The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges Continue Reading
-
Using simulated disaster management to tackle the security skills gap
With the increasing need for cyber security professionals, organisations are turning to new ways to address the skills gap facing the security sector Continue Reading
-
Collaborative security approaches underpin container success
Containers are helping organisations to accelerate age-old software development approaches, but success is underpinned by a constant and team-wide attention to security Continue Reading
-
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
Brexit implications for data protection
Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place Continue Reading
-
The future of network-connected device security
The proliferation of poorly secured network-connected devices has prompted the UK government to publish new best practice guidelines. Do these go far enough? Continue Reading
-
It’s complicated: How enterprises are approaching IAM challenges
Identity and access management challenges are evolving with digital transformation. Computer Weekly explores some of the ways organisations are ensuring the right people gain the right access to the right resources Continue Reading
-
Trusted nodes: The next generation in quantum key distribution
QKD is a form of protection against interception by quantum computers, but cost and technical limitations have made the technology impractical. Could trusted nodes make all the difference? Continue Reading
-
Prepare now for quantum computers, QKD and post-quantum encryption
The predicted processing power of quantum computers is likely to make existing encryption algorithms obsolete. Quantum key distribution (QKD) is a possible solution - we investigate whether QKD is viable Continue Reading
-
Employers turn to wearable technology to help staff manage work-life balance
Companies are realising that there are sound business reasons for ensuring their employees get enough sleep and exercise, so they are turning to wearable technology to help their staff stay healthy, despite the pressures of work Continue Reading
-
Outcomes-based security is the way forward
Every security technology is effective for a limited time, but understanding data assets and their value to attackers is key to effective cyber defence, according to an industry veteran of 20 years’ experience Continue Reading
-
Inside DevOps, containers and enterprise security
Global corporates are waking up to containers and orchestrated containerisation for software development that is fast and safe. Computer Weekly looks at the best approach to ensure security is not compromised along the way Continue Reading
-
The value of unified endpoint management
Given the diversity of devices people can use for work, IT needs to look at how it can unify device security Continue Reading
-
An insider’s look into the dark web
A principal research scientist at Sophos offers a glimpse into the abysses of the dark web in a bid to uncover what cyber crooks are up to Continue Reading
-
Disaster recovery as a service: what you need to know
Technological advances make disaster recovery as a service possible, but Computer Weekly investigates whether it is practical option for all businesses Continue Reading
-
Matching disaster recovery to cyber threats
While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical Continue Reading
-
An exciting time to be in cyber security innovation
Cyber security innovation has received a £1.35m shot in the arm from the UK government with the opening of a new innovation centre in London. Computer Weekly looks at why now is a good time to be working and innovating in this industry Continue Reading
-
How Australia is keeping pace with ICS threats
Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading
-
Application security more important than ever
Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge Continue Reading
-
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ... Continue Reading
-
GDPR compliance: Addressing the overlooked in enterprise IT infrastructures
As the GDPR compliance deadline approaches, enterprises need to ensure they have looked beyond the headline-grabbing aspects of the regulation so they do not fall foul of the incoming data protection regulations Continue Reading
-
Data protection is critical for all businesses
Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many reasons good data practice is essential Continue Reading
-
Business needs to keep up with Investigatory Powers Act
All indications are that the obligations on communication service providers under the controversial Investigatory Powers Act will change, and affected companies must ensure they are constantly up to date Continue Reading
-
Network security in the digital transformation era
Network security has always been a core focus for CISOs and IT security managers, but in an era of digital transformation, we examine if network security strategies are keeping up with new and emerging cyber threats Continue Reading
-
Businesses need to take cryptojacking seriously
Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading
-
Getting a handle on mobile security in your enterprise
Everyone now has a mobile device at work, so how can enterprises ensure they are secure? Continue Reading
-
How AI will underpin cyber security in the next few years
Cyber security risks are growing in complexity and volume, but artificial intelligence techniques can help businesses track and fight them in real time Continue Reading
-
Smart security: Go beyond the basics with biometrics
With smartphone makers offering new features such as biometrics, there are lots of options available to businesses when putting mobile security into practice Continue Reading
-
Navigating ASEAN’s patchy cyber security landscape
Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows Continue Reading
-
GDPR: Not too late to ensure real risks will be addressed
With just four months to go before the General Data Protection Regulation compliance deadline, there is a growing anxiety in many parts of the regulated community that their GDPR plans may not be fit for purpose Continue Reading
-
The rights and wrongs about GDPR compliance
We explore some common myths surrounding the forthcoming General Data Protection Regulation Continue Reading
-
How secure are smart energy grids?
The improved efficiency of smart grids need to be weighed against the cost of security - presenting a unique opportunity for the tech sector and a new market for security companies Continue Reading
-
Get tooled up to meet GDPR requirements
We look at options for tools to help organisations comply with the EU’s General Data Protection Regulation Continue Reading
-
Australian organisations unprepared for GDPR
Faced with the double whammy of complying with Australia’s upcoming data breach notification requirement and Europe’s new data protection regime, Australian firms are behind where they need to be in their compliance efforts Continue Reading
-
Steal a march on cyber criminals through security by deception
Security by obscurity, although a common and tempting practice, is generally not recommended, but security by deception offers a way for defenders to make it more difficult for attackers to succeed and easier for defenders to catch them Continue Reading
-
Content filtering a potential challenge in digital single market
The proposed digital single market directive is intended to harmonise e-commerce and copyright throughout the European Union, but concerns have been raised over the technological impact this would have on UK industry Continue Reading
-
UK sale of surveillance equipment to Macedonia raises questions over export licence policy
The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision Continue Reading
-
UK Data Protection Bill vs EU General Data Protection Regulation
The UK Data Protection Bill is due to come into force this year, ahead of the EU General Data Protection Regulation in May 2018 - we look at the differences between the two Continue Reading
-
Where the device hits the network – a mobile device management update
As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge Continue Reading
-
Firms look to security analytics to keep pace with cyber threats
Traditional approaches to cyber security no longer enable organisations to keep up with cyber threats, but security analytics is an increasingly popular addition to the cyber arsenal Continue Reading
-
How to improve security against email attacks and for GDPR compliance
About 200 billion emails are sent every day, but because of its importance email is constantly exploited by attackers, and yet is often overlooked in cyber security strategies Continue Reading
-
How Wales has evolved into a hotspot for cyber security
Wales may be a small country but, in just a few years, it has become a global hotspot for cyber security innovation Continue Reading
-
GDPR brings serious implications for data storage
New European Union data protection regulations put tough requirements on organisations that store “personally identifiable data”. We look at what is needed to achieve compliance Continue Reading
-
Why immutable buckets are a worthy risk management tool
Immutable buckets offer businesses benefits in terms of data compliance, backup, archiving and security Continue Reading
-
The Macedonian surveillance scandal that brought down a government
Macedonia has been accused of using surveillance technology for covert spying - the subsequent political protests were instrumental in the ruling party losing power after 10 years Continue Reading
-
Getting threat intelligence right
Threat intelligence feeds provide valuable information to help identify incidents quickly, but only if they are part of an intelligence-driven security programme Continue Reading