In Depth
In Depth
Regulatory compliance and standard requirements
-
Enhancing business purpose with privacy compliance
Computer Weekly looks at the importance of building on basic GDPR compliance and making privacy a key foundation of business culture Continue Reading
-
Think beyond tick-box compliance
A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value Continue Reading
-
GDPR one year in
Until recently, no one assumed the ICO would issue large fines for GDPR non-compliance. But that has all changed now that it plans to fine BA Continue Reading
-
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
Data protection: How privacy can be a benefit, not a burden
With the growing number of data breaches, consumers are becoming increasingly concerned about how their data is used. Organisations can take advantage of this trend by treating data protection and user privacy as product features Continue Reading
-
Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data
Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading
-
How facial recognition technology threatens basic privacy rights
As adoption of facial recognition systems continues to grow worldwide, there is increasing concern that this technology could undermine fundamental privacy rights and how it can be kept in check Continue Reading
-
Disaster planning: How to expect the unexpected
Focusing too much on specific disasters rather than considering an organisation’s data protection, network security and process requirements, can lead to unpredicted vulnerabilities Continue Reading
-
Big tech chiefs boycott parliamentarians investigating citizens’ privacy
An International Grand Committee on Big Data, Privacy and Democracy considers whether failure to protect citizens’ privacy constitutes grounds for anti-trust regulation against Facebook and other big tech companies Continue Reading
-
Data governance: The importance of getting it right
With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed Continue Reading
-
Protecting your digital assets: Why it pays to invest in cyber insurance
Cyber insurance offers financial protection against the worst happening to a company’s data and digital assets, and is something few businesses can afford to be without Continue Reading
-
Politics, privacy and porn: the challenges of age-verification technology
The age-verification requirements of the Digital Economy Act are to come into force in July this year, but registering people’s personal details for accessing age-restricted content carries significant risks and challenges Continue Reading
-
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
A cloud compliance checklist for the GDPR age
The cloud is supposed to make things simpler, but when it comes to compliance, things can get complex. Here is a look at the essential elements of a cloud compliance strategy Continue Reading
-
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
Brexit implications for data protection
Leaving the European Union will have serious implications for data protection in the UK unless adequate steps are taken, so businesses are advised to have contingency plans in place Continue Reading
-
It’s complicated: How enterprises are approaching IAM challenges
Identity and access management challenges are evolving with digital transformation. Computer Weekly explores some of the ways organisations are ensuring the right people gain the right access to the right resources Continue Reading
-
Prepare now for quantum computers, QKD and post-quantum encryption
The predicted processing power of quantum computers is likely to make existing encryption algorithms obsolete. Quantum key distribution (QKD) is a possible solution - we investigate whether QKD is viable Continue Reading
-
Matching disaster recovery to cyber threats
While it is important to take steps to prevent cyber attacks, they can still happen. That is why disaster recovery practices are equally critical Continue Reading
-
Cyber crime: why business should report it as soon as possible
Cyber crime is affecting a growing number of businesses, yet few are reporting it. Computer Weekly lifts the veil on cyber crime reporting, looking at the who, what, when, where, how and why Continue Reading
-
How Australia is keeping pace with ICS threats
Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading
-
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, ... Continue Reading
-
GDPR compliance: Addressing the overlooked in enterprise IT infrastructures
As the GDPR compliance deadline approaches, enterprises need to ensure they have looked beyond the headline-grabbing aspects of the regulation so they do not fall foul of the incoming data protection regulations Continue Reading
-
Data protection is critical for all businesses
Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many reasons good data practice is essential Continue Reading
-
Business needs to keep up with Investigatory Powers Act
All indications are that the obligations on communication service providers under the controversial Investigatory Powers Act will change, and affected companies must ensure they are constantly up to date Continue Reading
-
Getting a handle on mobile security in your enterprise
Everyone now has a mobile device at work, so how can enterprises ensure they are secure? Continue Reading
-
Navigating ASEAN’s patchy cyber security landscape
Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows Continue Reading
-
GDPR: Not too late to ensure real risks will be addressed
With just four months to go before the General Data Protection Regulation compliance deadline, there is a growing anxiety in many parts of the regulated community that their GDPR plans may not be fit for purpose Continue Reading
-
The rights and wrongs about GDPR compliance
We explore some common myths surrounding the forthcoming General Data Protection Regulation Continue Reading
-
Why GDPR is great for SMEs
SME laggards facing potential fines for non-compliance should wake up and smell the tasty carrot of a leaner, smarter business post-GDPR Continue Reading
-
Get tooled up to meet GDPR requirements
We look at options for tools to help organisations comply with the EU’s General Data Protection Regulation Continue Reading
-
GDPR brings serious implications for data storage
New European Union data protection regulations put tough requirements on organisations that store “personally identifiable data”. We look at what is needed to achieve compliance Continue Reading
-
The Macedonian surveillance scandal that brought down a government
Macedonia has been accused of using surveillance technology for covert spying - the subsequent political protests were instrumental in the ruling party losing power after 10 years Continue Reading
-
GDPR: a quick start guide
We look at how UK organisations can prepare for the General Data Protection Regulation Continue Reading
-
Backup testing: What to test, when to test, how often to test
We run the rule over what’s involved in backup testing in virtual and physical server environments, how often you should test and the key pitfalls to avoid Continue Reading
-
Challenges of complying with the Investigatory Powers Act
Despite opposition by civil liberties groups and technology companies, the UK government has passed the controversial Investigatory Powers Act, adding a host of security and contingency requirements that UK businesses need to consider Continue Reading
-
Lauri Love: the student accused of hacking the US
How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love Continue Reading
-
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
Disaster recovery planning: Where virtualisation can help
The disaster recovery planning process is not fundamentally technology-centric, so when can virtualisation make it quicker and easier to restore services after an unplanned outage? Continue Reading
-
Avoiding security issues when recycling hardware
What are the options for the environmentally and ethically responsible recycling of end-of-life hardware, without compromising data security? Continue Reading
-
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
Max Schrems: The man who broke Safe Harbour
Schrems has persuaded a high court judge to confirm that Edward Snowden’s evidence is acceptable in court and that the US is engaged in mass surveillance of European citizens Continue Reading
-
SaaS criteria to track for business outcomes
Organisations should evolve their SaaS selection criteria to focus on newer metrics that are better indicators of supplier performance Continue Reading
-
How to cull old, potentially risky data
Unused data is a potential security risk, with old spreadsheets, reports and email containing industry secrets and laced with company gossip. If it's no longer useful, it's time to delete it Continue Reading
-
Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance
Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden Continue Reading
-
NHS data security: Lessons to be learned
The NHS does not always provide a trusted repository for patient data, but some trusts are examples of good practice in action Continue Reading
-
Principles of compliance in the financial services industry
Compliance in financial services can appear a staggeringly complex web of laws and regulations, but some key principles apply, says Mathieu Gorge of Vigitrust Continue Reading
-
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
-
An introduction to cyber liability insurance cover
Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists Continue Reading
-
How to create a good information security policy
Information security policies provide vital support to security professionals, yet few organisations take the time to create decent policies Continue Reading
-
Social media: A security challenge and opportunity
Generation Y workers are posing increasing security challenges to their employers as they share data unreservedly Continue Reading