In Depth

In Depth

Regulatory compliance and standard requirements

• The one problem with AI content moderation? It doesn’t work

  The use of artificial intelligence for content moderation is likely to become more pronounced with the passage of the Online Safety Bill, but practitioners and experts question the efficacy of this approach  Continue Reading

• Securing low Earth orbit represents the new space race

  The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges  Continue Reading

• Cyber security professionals share their biggest lessons of 2022

  In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022  Continue Reading

• How gamifying cyber training can improve your defences

  Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience  Continue Reading

• Ransomware, storage and backup: Impacts, limits and capabilities

  We look at the impact of ransomware on storage and backup, how storage and data protection can best be used to combat ransomware, and how they fit in the fight against it  Continue Reading

• Will the OCSF create an open and collaborative cyber industry?

  The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption  Continue Reading

• What do the US’s new software security rules mean for UK organisations?

  The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors?  Continue Reading

• Ransomware and backup: Overcoming the challenges

  Ransomware attacks that exfiltrate data don’t nullify the value of backups to restore from, but the challenges – such as not restoring corrupted data – require careful planning  Continue Reading

• Cyber insurance: Tips for keeping the right level of cover

  Transferring risk to an insurer doesn’t mean you are risk-free – so what is not included in your cyber insurance cover?  Continue Reading

• Tech sector efforts to root out forced labour are failing

  Digitally mapping supply chains to identify forced labour and slavery is no longer a technology problem for the IT sector, but a lack of government enforcement and corporate inaction are major barriers to effective change  Continue Reading

• Backup maintenance: Five key points to consider

  Effective backups need to ensure all data is protected, and to track media and software changes. We look at five key things to consider  Continue Reading

• What the world can learn from Saudi Arabia’s fight against industrial control system attacks

  Iran learned from attacks on its infrastructure and unleashed similar malware on Saudi Arabia. The world has now gained valuable lessons from the Saudi response  Continue Reading

• What the EU’s content-filtering rules could mean for UK tech

  EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector  Continue Reading

• APAC buyer’s guide to backup and recovery software

  In this buyer’s guide, learn more about the market for backup and recovery software and key data protection capabilities to look for  Continue Reading

• Disaster recovery is an essential service for EDF with Phenix-IT

  EDF has built disaster recovery tracking, planning and testing software on a six-month upgrade cycle based on governance, risk and compliance functionality in Mega’s Hopex platform  Continue Reading

• Cloud-era disaster recovery planning: Maintenance and continuous improvement

  In the final article in this four-part guide to disaster recovery planning, we look at how and when to update, maintain, audit, review and continually improve the DR plan  Continue Reading

• Define RPO and RTO tiers for storage and data protection strategy

  We look at RPO and RTO in defining data protection and disaster recovery strategies and how to specify tiers that reflect the importance of different systems in your organisation  Continue Reading

• It takes a village: Protecting kids online is everyone’s responsibility

  The rapid uptake of smartphones among children has contributed to the increasing number of cases of cyber bullying and online grooming. Is this an educational issue or a cultural problem, and can modern enterprise help?  Continue Reading

• How Dutch hackers are working to make the internet safe

  We hear how the personal mission of a Dutch hacker grew into a serious organisation with international ambitions  Continue Reading

• What neurodivergent people really think of working in cyber security

  Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn  Continue Reading

• Navigating PIPL: European businesses plot their next steps into China

  How does China’s strict new Personal Information Protection Law impact European businesses?  Continue Reading

• Cloud-era disaster recovery planning: Setting strategy and developing plans

  In the second in a series on cloud-era disaster recovery, we look at how to formulate a DR strategy and develop detailed DR plans for your organisation, while taking cloud services into account  Continue Reading

• Cloud-era disaster recovery planning: Assessing risk and business impact

  In the first in a series on cloud-era disaster recovery, we provide a step-by-step guide to building firm foundations for the disaster recovery plan, with risk assessment and business impact analysis  Continue Reading

• Cloud storage compliance pitfalls: Post-pandemic and post-Brexit

  We look at the key areas of cloud storage compliance that can trip you up, with shared responsibility with cloud providers and data residency among the most important  Continue Reading

• Digital surveillance of remote workers may increase enterprise risk

  From productivity tools to security threats, we explore how digital surveillance is forcing remote workers towards shadow IT  Continue Reading

• How to manage endpoint security in a hybrid work environment

  The future of the workplace is clearly hybrid, but this has untold implications around endpoint security. How can businesses overcome these?  Continue Reading

• Online Safety Bill puts user protection onus on platform providers

  The Online Safety Bill will place new duties and responsibilities on online platforms accessible from the UK, but as it currently stands, it contains several grey areas  Continue Reading

• Back on the office network: What are the risks for mobile users?

  Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this?  Continue Reading

• Making a mark in cyber security

  Claudean Zheng’s knack for hacking landed her a career in cyber security, one that has been dotted by stints in both public and private sectors  Continue Reading

• Disaster recovery for SMEs: Five key areas to consider

  We look at key disaster recovery considerations for SMEs, including why backup is not enough, how to create a disaster recovery plan, best-practice DR testing and DR as a service  Continue Reading

• Five ways to ensure remote working security and compliance

  A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security  Continue Reading

• Europe’s proposed AI regulation falls short on protecting rights

  The European Commission’s proposal for artificial intelligence regulation focuses on creating a risk-based, market-led approach replete with self-assessments, transparency procedures and technical standards, but critics warn it falls short of being ...  Continue Reading

• How the pandemic changed backup

  The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware  Continue Reading

• Buying a VPN? Here’s what you need to know

  VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these  Continue Reading

• How Bureau Veritas migrated 85% of its applications to the AWS cloud

  In six years, France-based services giant BV has migrated 115 applications to the AWS cloud, mostly using in-house expertise. We talk to the company’s IT director  Continue Reading

• How do I get my users to pay attention to security training?

  As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees?  Continue Reading

• How GCHQ proposes to implement and use ethical AI

  The rise of cyber crime and the escalating threat vectors facing the UK have led GCHQ to invest in automated threat detection and response systems to meet this challenge, as well as liaising with the private sector for the first time  Continue Reading

• Deploying productivity monitoring software ethically

  While software that tracks the activities of staff can be helpful to companies with a remote workforce, managers must consider employees’ concerns and privacy  Continue Reading

• Backup failure: Four key areas where backups go wrong

  We look at the key ways that backups can fail – via software issues, hardware problems, trouble in the infrastructure and good old human error – and suggest ways to mitigate them  Continue Reading

• Backup appliances the hot topic for Pas-de-Calais fire brigade

  With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage  Continue Reading

• Anti-money laundering technology must operate in a collaborative ecosystem

  With new technologies making it easier for banks to spot money laundering activity, we look at why the problem persists at scale, finding that ecosystems and collaborative processes need to be built  Continue Reading

• India is becoming a hotspot for IoT

  India is set to be a cradle for internet of things deployments thanks to its vibrant economy and its potential to play a bigger role in global manufacturing  Continue Reading

• Does email security need a human solution or a tech solution?

  People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on  Continue Reading

• Interview: Uber driver Yaseen Aslam on his Supreme Court battle and what’s next for gig workers

  Private hire driver and union organiser Yaseen Aslam speaks to Computer Weekly about his legal battle with Uber and what the UK Supreme Court ruling means to workers in the gig economy  Continue Reading

• Top five threats to compliance during the pandemic

  We survey the top five pandemic compliance threats – remote working, Covid tracking, criminal exploits, compliance measures slipping, and heightened enforcement to come  Continue Reading

• Five ways that disaster recovery changes in a pandemic

  Covid-19 has changed IT. Previously, working remotely was a business continuity measure, but now it is the norm. That means disaster recovery has to adapt to new risks and new ways to respond  Continue Reading

• Is it time to ban ransomware insurance payments?

  The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track?  Continue Reading

• How can healthcare organisations fight increased cyber crime in 2021?

  As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care  Continue Reading

• Picking the right IAM tools is based on more than today’s needs

  With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure ...  Continue Reading

• Security Long Reads: Cyber insiders reveal what’s to come in 2021

  In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021  Continue Reading

• How to build an effective vulnerability management programme

  As cyber criminals increasingly look to exploit vulnerabilities in software and hardware, businesses must build and implement an effective vulnerability management programme to counter this growing threat  Continue Reading

• Tackling multicloud deployments with intelligent cloud management

  Organisations are moving to hybrid and multicloud deployments, which complicates software assets tracking and workload management  Continue Reading

• Top five ways to benefit from tape today

  We look at the benefits that tape can bring, including in backup and recovery, long-term and ‘warm’ archiving, compliance and WORM use cases and ‘air gapping’ to protect data  Continue Reading

• Getting physical with datacentre security

  Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre  Continue Reading

• How to achieve resilience – the modern uptime trinity

  IT leaders can take responsibility for ensuring their organisations are resilient during times of crisis. There are no quick fixes, but if you think it is expensive to ensure resilience in your IT systems, try frequent failure instead  Continue Reading

• Black Lives Matter, but do bots know that?

  The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed  Continue Reading

• How to apply zero-trust models to container security

  Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them?  Continue Reading

• GDPR at two: How far we’ve come, how far we still have to go

  Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change  Continue Reading

• Malaysia’s data protection practices still have some way to go

  Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach  Continue Reading

• Surveillance capitalism in the age of Covid-19

  Could the Covid-19 coronavirus pandemic further consolidate surveillance capitalist practices and enterprises? Author Shoshana Zuboff warns Computer Weekly it is possible  Continue Reading

• What are the security priorities for the post-coronavirus world?

  The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising?  Continue Reading

• Contact tracing: The privacy vs protection debate

  The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far?  Continue Reading

• A carrot-and-stick approach to fixing cyber security complacency

  With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it  Continue Reading

• Multicloud storage 101: Pros, cons, pitfalls and strategies

  Not putting all your eggs in one basket can be helpful to an enterprise’s resilience strategy. We look at multicloud storage and the benefits and pitfalls it brings  Continue Reading

• Top five compliance concerns for UK business in 2020

  We look at the top five legal and regulatory compliance concerns for UK businesses in 2020. It’s a list that includes GDPR, the DPA, PECR, PCI-DSS and the CCPA  Continue Reading

• Why security validation matters

  FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape  Continue Reading

• The AWS bucket list: Keep your cloud secure

  Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter  Continue Reading

• Coronavirus: How to implement safe and secure remote working

  Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves  Continue Reading

• Is this Netflix-style thriller the future of security training?

  Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training  Continue Reading

• Top four compliance considerations for SMEs

  We look at the key data compliance regulations that affect smaller companies – such as GDPR, the Data Protection Act, PCI-DSS and PECR – and some key industry-specific frameworks  Continue Reading

• Six disaster recovery pitfalls and how to avoid them

  We look at some key pitfalls in disaster recovery, such as failing to plan, not testing the plan, not protecting backups, poor communication and neglecting the human element  Continue Reading

• Startup uses machine learning to support GDPR’s right to be forgotten

  Non-intrusive algorithms enable users to track which companies hold their data, so they can take it back  Continue Reading

• DRaaS decisions: Key choices in disaster recovery as a service

  We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources  Continue Reading

• Whisper it… but could a cyber attack be good for your career?

  All too often it’s the CISO who carries the can for an enterprise security failure, but this might not be a bad thing. There’s lots of evidence to suggest that falling victim to a cyber attack may actually enhance your CV  Continue Reading

• Five ways that backup has changed since the days of tape

  Back in the day, all this was tape, but times have changed, with cloud-to-cloud backup, cloud storage, virtual and physical backup appliances and myriad endpoint hardware  Continue Reading

• Get ready for CCPA: Implications for UK businesses

  The California Consumer Privacy Act, a wide-ranging data privacy and consumer protection law, comes into effect on 1 January 2020. How does CCPA differ from the EU GDPR regulations and what are the responsibilities for UK businesses operating in the...  Continue Reading

• What the EU’s decision on Facebook means for social media

  Recent ruling by the Court of Justice of the European Union will have global implications for social media companies and any organisations that host online content  Continue Reading

• Taking responsibility for security in the cloud

  From accidental leaks to full-on data breaches, maintaining security across cloud services is becoming a headache for enterprises. What questions should organisations be asking of their cloud service provider and, ultimately, whose responsibility is...  Continue Reading

• Making the case for integrated risk management

  Security experts discuss how an integrated approach to risk and governance can be effectively managed  Continue Reading

• ICO says UK police must ‘slow down’ use of facial recognition

  The Information Commissioner’s Office is calling for a statutory code of practice to govern how police in the UK deploy live facial recognition technology while controversy surrounding its use continues  Continue Reading

• Data management strategies are evolving – so must enterprises

  A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management  Continue Reading

• Enhancing business purpose with privacy compliance

  Computer Weekly looks at the importance of building on basic GDPR compliance and making privacy a key foundation of business culture  Continue Reading

• Think beyond tick-box compliance

  A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value  Continue Reading

• GDPR one year in

  Until recently, no one assumed the ICO would issue large fines for GDPR non-compliance. But that has all changed now that it plans to fine BA  Continue Reading

• How IT pros are building resilience against email security threats

  For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen  Continue Reading

• Data protection: How privacy can be a benefit, not a burden

  With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features  Continue Reading

• Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

  Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation  Continue Reading

• How facial recognition technology threatens basic privacy rights

  As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check  Continue Reading

• Disaster planning: How to expect the unexpected

  Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities  Continue Reading

• Big tech chiefs boycott parliamentarians investigating citizens’ privacy

  An International Grand Committee on Big Data, Privacy and Democracy considers whether failure to protect citizens’ privacy constitutes grounds for anti-trust regulation against Facebook and other big tech companies  Continue Reading

• Data governance: The importance of getting it right

  With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed  Continue Reading

• Protecting your digital assets: Why it pays to invest in cyber insurance

  Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without  Continue Reading

• Politics, privacy and porn: the challenges of age-verification technology

  The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges  Continue Reading

• A guide to choosing cloud-based security services

  Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security  Continue Reading

• A cloud compliance checklist for the GDPR age

  The cloud is supposed to make things simpler, but when it comes to compliance, things can get complex. Here is a look at the essential elements of a cloud compliance strategy  Continue Reading

• The rise of DevSecOps

  The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations  Continue Reading

• Brexit implications for data protection

  Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place  Continue Reading

• It’s complicated: How enterprises are approaching IAM challenges

  Identity and access management challenges are evolving with digital transformation. Computer Weekly explores some of the ways organisations are ensuring the right people gain the right access to the right resources  Continue Reading

• Prepare now for quantum computers, QKD and post-quantum encryption

  The predicted processing power of quantum computers is likely to make existing encryption algorithms obsolete. Quantum key distribution (QKD) is a possible solution - we investigate whether QKD is viable  Continue Reading

• Matching disaster recovery to cyber threats

  While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical  Continue Reading