In Depth

In Depth

Web application security

• When is SIEM the right choice over SOAR?

  Better instrumentation leads to better IT security but monitoring can quickly overload IT teams. Automation can help, but it may not always be needed  Continue Reading

• Five ways to ensure remote working security and compliance

  A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security  Continue Reading

• Tips to minimise vulnerabilities in web and mobile apps

  Agile software development can sometimes be at odds with secure by design principles. We look at how organisations are balancing security with coding  Continue Reading

• How software developers can create mobile apps securely and quickly

  The mobile app market is booming, but to achieve success, organisations must develop mobile apps securely and rapidly  Continue Reading

• The rise and rise of supply chain attacks

  Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains  Continue Reading

• Buying a VPN? Here’s what you need to know

  VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these  Continue Reading

• How to choose the right email security service for your organisation

  With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider  Continue Reading

• Does email security need a human solution or a tech solution?

  People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on  Continue Reading

• How can healthcare organisations fight increased cyber crime in 2021?

  As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care  Continue Reading

• Security Long Reads: Cyber insiders reveal what’s to come in 2021

  In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021  Continue Reading

• Patching: Balancing technical requirements with business considerations

  With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented  Continue Reading

• This Christmas, Covid-19 heightens retail security risks for everyone

  Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works  Continue Reading

• DDoS mitigation strategies needed to maintain availability during pandemic

  The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions...  Continue Reading

• Black Lives Matter, but do bots know that?

  The volume of content generated each day necessitates automated moderation to curate everything as it is published, ensuring offensive and objectionable material is blocked. But this only works if systems are adequately configured and reviewed  Continue Reading

• How to apply zero-trust models to container security

  Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them?  Continue Reading

• Coronavirus: How to go back to the office safely and securely

  Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them.  Continue Reading

• What are the security priorities for the post-coronavirus world?

  The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising?  Continue Reading

• Contact tracing: The privacy vs protection debate

  The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far?  Continue Reading

• The AWS bucket list: Keep your cloud secure

  Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter  Continue Reading

• Coronavirus: How to implement safe and secure remote working

  Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves  Continue Reading

• How to mitigate IoT security risks to tap business benefits

  Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk  Continue Reading

• Securing your mobile estate – best practice for CIOs

  The prevalence of mobile devices in every part of daily life is shaping how enterprises make choices about software and network infrastructure, but how do businesses go about securing these vast new endpoint estates?  Continue Reading

• What are the CDN options for enterprises?

  We look at how content delivery networks can give your organisation’s web presence a literal edge  Continue Reading

• A guide to choosing cloud-based security services

  Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security  Continue Reading

• The rise of DevSecOps

  The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations  Continue Reading

• Application security more important than ever

  Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge  Continue Reading

• Lauri Love: the student accused of hacking the US

  How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love  Continue Reading

• Interview: James Bamford on surveillance, Snowden and technology companies

  Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance  Continue Reading

• The true cost of a cyber security breach in Australia

  The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting.  Continue Reading

• Max Schrems: The man who broke Safe Harbour

  Schrems has persuaded a high court judge to confirm that Edward Snowden’s evidence is acceptable in court and that the US is engaged in mass surveillance of European citizens  Continue Reading

• Mobile security -- what works and what doesn't?

  Experts told the CW500 Security Club how mobility brings new challenges to security departments and an opportunity to go beyond building walls around the enterprise  Continue Reading

• Asean organizations braced for cyber attack

  As an emerging economic power bloc, Asean is bracing itself for an influx of cyber crimes as hackers look for lucrative targets  Continue Reading

• Australian businesses under cyber attack

  What are the cyber security risks facing businesses in Australia and New Zealand and how are organisations addressing them?  Continue Reading

• Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance

  Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden  Continue Reading

• SAP bets future on cloud in central and eastern Europe

  SAP’s turn to cloud services for the delivery of its business applications seems especially energetic in central and eastern Europe  Continue Reading

• The state of mobile back end as a service

  Common mobile application services are increasingly being hosted on central back-end servers – but what does that mean for the enterprise?  Continue Reading

• Companies must act quickly to tackle cyber crime

  With cyber attacks becoming more sophisticated and widespread, companies must take stronger measures to prevent and tackle them  Continue Reading

• Companies must act quickly to combat cyber crime

  With cyber attacks becoming more sophisticated and widespread, companies must take stronger measures to prevent and tackle them  Continue Reading

• CW 500 Security Club: Securing the end point: a key challenge for business

  With multitudes of devices connecting businesses and their customers to interlinking systems, securing the end point has never been more vital  Continue Reading

• Businesses are beginning to adopt context-based security

  It is more than 10 years since context-aware security was proposed. We look at how the technology has evolved.  Continue Reading

• Hacktivism: good or evil?

  IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics  Continue Reading

• Optimising performance and security of web-based software

  On-demand applications are often talked about in terms of how suppliers should be adapting the way their software is provisioned to customers.  Continue Reading

• Big data journalism exposes offshore tax dodgers

  How journalists harnessed big data to challenge offshore financial secrecy  Continue Reading

• How to find out who is doing what to your data systems

  Context-aware security cannot replace point technologies, but it can tell you when an attack is imminent and what form it will take.  Continue Reading

• How to make your business Flame-proof

  Advanced threats such as Flame can show CIOs what cyber attack tools of the future could look like  Continue Reading

• Royal Holloway 2012: A framework for preventing cross-site scripting

  Based on his Royal Holloway thesis, Joseph Bugeja proposes a new framework for preventing cross-site scripting attacks.  Continue Reading

• Snapshots from nullcon Tritiya Day 2

  A quick look at what happened during nullcon 2012.  Continue Reading

• BYOD security: Where does India Inc stand?

  With the proliferation of smart devices, BYOD security is a major concern for enterprises today. Find out how the leaders are coping with BYOD security.  Continue Reading

• Sterlite’s firewall implementation: Standardizing perimeter security

  Sterlite Technologies’ novel firewall implementation with centralized control of distributed threat management systems boasts a brass-tacks approach to IT.  Continue Reading

• DNS security best practices to prevent DNS poisoning attacks

  DNS cache poisoning is a threat to any Internet-connected enterprise. Learn how the attack method works and potential mitigation strategies in this thesis from Richard Agar of Royal Holloway University London.  Continue Reading

• Two-factor authentication: Next step to secure online transactions?

  A look at how Indian banks are dealing with RBI's directive to implement two-factor authentication for securing online "card not present" transactions.  Continue Reading

• How to tackle a buffer overflow attack and avoid vulnerabilities

  Despite the research and learned papers on the subject, buffer overflow exploits seem to be as popular – and as successful – as ever  Continue Reading

• Computer crusader - former technology minister Tony Benn

  Tony Benn was the UK's technology minister when Computer Weekly's began in 1966 and he continues to campaign on IT issues  Continue Reading