News

IT risk management

• January 03, 2025 03 Jan'25

  US Treasury incident a clear warning on supply chain security in 2025

  A cyber incident at the US Department of the Treasury – blamed on a Chinese state actor – raises fresh warnings about supply chain risk after it was found to have originated via vulnerabilities in a remote tech support product

• January 03, 2025 03 Jan'25

  Corporate cover-up behind world-beating cyber security record in Middle East

  Report ranking Gulf corporations ahead of US and EU counterparts for cyber security has sparked debate about the region’s tendency for secrecy and state control

• December 27, 2024 27 Dec'24

  Top 10 ANZ stories of 2024

  The 2024 tech landscape in Australia and New Zealand was dotted with developments spanning cloud migrations and AI adoption to heightened data security and real-time data streaming

• December 24, 2024 24 Dec'24

  Top 10 police technology stories of 2024

  Here are Computer Weekly’s top 10 police technology stories of 2024

• December 20, 2024 20 Dec'24

  Top 10 data and ethics stories of 2024

  Here are Computer Weekly’s top 10 data and ethics stories of 2024

• December 19, 2024 19 Dec'24

  Latest attempt to override UK’s outdated hacking law stalls

  Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee

• December 18, 2024 18 Dec'24

  Top 10 cyber security stories of 2024

  Data breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are ...

• December 18, 2024 18 Dec'24

  Top 10 cyber crime stories of 2024

  From ransomware targeting the NHS to nation-state-backed intrusions, 2024 was another big year for cyber criminals and cyber spooks alike, but they didn't have it all their own way as the good guys fought back

• December 18, 2024 18 Dec'24

  Axon still in possession of Police Scotland encryption keys

  Supplier’s possession of encryption keys for Police Scotland data sharing system opens potential for access and transfer of sensitive data without the knowledge or consent of the force

• December 17, 2024 17 Dec'24

  Conservative MP adds to calls for public inquiry over PSNI police spying

  Conservative MP David Davis calls for a public inquiry following a court ruling that the PSNI and Metropolitan Police unlawfully placed journalists under electronic surveillance

• December 17, 2024 17 Dec'24

  Digital Ethics Summit 2024: recognising AI’s socio-technical nature

  At trade association TechUK’s eighth annual Digital Ethics Summit, public officials and industry figures and civil society groups met to discuss the ethical challenges associated with the proliferation of artificial intelligence tools globally and ...

• December 17, 2024 17 Dec'24

  Tribunal criticises PSNI and Met Police for spying operation to identify journalists’ sources

  The Investigatory Powers Tribunal has criticised the Police Service of Northern Ireland and the Metropolitan Police for unlawfully spying on journalists

• December 17, 2024 17 Dec'24

  How NCS is tackling the enterprise IT market

  The technology service provider is counting on its government experience, global expert network and cyber security capabilities to penetrate the enterprise IT market

• December 16, 2024 16 Dec'24

  The Security Interviews: Stephen McDermid, Okta

  Okta regional chief security officer for EMEA sits down with Dan Raywood to talk about how Okta is pivoting to a secure-by-design champion

• December 13, 2024 13 Dec'24

  How AWS is protecting customers from cyber threats

  Amazon Web Services reveals how its threat intelligence capabilities work under the hood to thwart cyber attacks and keep its customers’ data safe

• December 12, 2024 12 Dec'24

  Emerging Ymir ransomware heralds more coordinated threats in 2025

  A newly observed ransomware strain has the community talking about more collaboration, and blurred lines, between threat groups next year, according to NCC’s monthly cyber barometer

• December 10, 2024 10 Dec'24

  Dangerous CLFS and LDAP flaws stand out on Patch Tuesday

  Microsoft has fixed over 70 CVEs in its final Patch Tuesday update of the year, and defenders should prioritise a zero-day in the Common Log File System Driver, and another impactful flaw in the Lightweight Directory Access Protocol

• December 10, 2024 10 Dec'24

  UK police continue to hold millions of custody images unlawfully

  Annual report from the biometrics and surveillance camera commissioner of England and Wales highlights the ongoing and unlawful retention millions of custody images of innocent people never charged with a crime by police

• December 10, 2024 10 Dec'24

  DWP ‘fairness analysis’ reveals bias in AI fraud detection system

  Information about people’s age, disability, marital status and nationality influences decisions to investigate benefit claims for fraud, but the Department for Work and Pensions says there are ‘no immediate concerns of unfair treatment’

• December 10, 2024 10 Dec'24

  Top IT predictions in APAC in 2025

  Enterprises across the Asia-Pacific region are expected to focus on securing their AI workloads, invest in energy efficient infrastructure and rethink their platform strategy, among other tech trends in the new year

• December 09, 2024 09 Dec'24

  Bahrain faces legal action after planting Pegasus spyware on UK blogger

  A court has given the go-ahead to UK-based blogger Yusuf Al-Jamri to seek damages from the Kingdom of Bahrain after it deployed spyware from Israel’s NSO Group to hack his phone

• December 05, 2024 05 Dec'24

  Government agencies urged to use encrypted messaging after Chinese Salt Typhoon hack

  Chinese hacking of US telecom networks raises questions about the exploitation by hostile hacking groups of government backdoors to provide lawful access to telecoms services

• December 04, 2024 04 Dec'24

  Nordics move to deepen cyber security cooperation

  Nordic countries are increasing collaboration on cyber security amid more sophisticated and aggressive attacks

• December 03, 2024 03 Dec'24

  US updates telco security guidance after mass Chinese hack

  Following the widespread Salt Typhoon hacks of US telecoms operators including AT&T and Verizon, CISA and partner agencies have launched refreshed security guidance for network engineers and defenders alike

• December 02, 2024 02 Dec'24

  APAC businesses face cyber onslaught

  The Asia-Pacific region is a cyber security hotspot, enduring significantly more cyber attacks than the global average, with AI-powered threats and skills shortages exacerbating the problem

• December 02, 2024 02 Dec'24

  NCSC boss calls for ‘sustained vigilance’ in an aggressive world

  NCSC CEO Richard Horne is to echo wider warnings about the growing number and severity of cyber threats facing the UK as he launches the security body’s eighth annual report

• November 29, 2024 29 Nov'24

  Swedish authorities urged to discontinue AI welfare system

  Amnesty International is calling on Sweden’s social insurance agency to immediately discontinue its machine learning-based welfare system, following an investigation by Lighthouse Reports and Svenska Dagbladet that found it to be discriminatory

• November 28, 2024 28 Nov'24

  Energy sector’s digital shift opens door to cyber threats

  The transition to renewable energy and the increasing integration of IT and OT systems in the energy sector are creating new cyber security challenges

• November 26, 2024 26 Nov'24

  Sellafield operator opens dedicated cyber centre

  The UK’s Nuclear Decommissioning Authority has opened a cyber security centre spanning its activities across the nuclear sector

• November 26, 2024 26 Nov'24

  Russian threat actors poised to cripple power grid, UK warns

  UK government escalates cyber rhetoric in a speech at a Nato event, saying Russian advanced persistent threats stand ready to conduct cyber attacks that could ‘turn off the lights for millions’

• November 25, 2024 25 Nov'24

  Metropolitan Police officer dismissed for unlawfully accessing Sarah Everard files

  Over 100 Met Police officers and staff have been investigated for accessing sensitive data related to the Sarah Everard case, leading to the dismissal of a Roads and Transport officer who accessed the information while off-duty

• November 25, 2024 25 Nov'24

  Microsoft calls on Trump to ‘push harder’ on cyber threats

  Microsoft’s Brad Smith urges president-elect Donald Trump to keep the faith when it comes to fighting back against hostile cyber actors from China, Iran and Russia

• November 20, 2024 20 Nov'24

  Government issues strategic priorities for online safety regulator Ofcom

  Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online

• November 19, 2024 19 Nov'24

  AI readiness stalls in APAC

  Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey

• November 18, 2024 18 Nov'24

  AWS widening scope of MFA programme after early success

  AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025

• November 18, 2024 18 Nov'24

  Denmark’s AI-powered welfare system fuels mass surveillance

  Research reveals the automated tools used to flag individuals for benefit fraud violate individuals’ privacy and risk discriminating against marginalised groups

• November 18, 2024 18 Nov'24

  UK consumers losing more than ever to holiday scams

  Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign

• November 18, 2024 18 Nov'24

  Final report on Nats calls for improvements to contingency process

  Suppliers need to be involved much sooner and a review of technical documentation is needed to speed up recovery

• November 14, 2024 14 Nov'24

  Williams Racing F1 team supports kids cyber campaign

  A multi-region campaign will teach pre-teen children cyber security basics – with a little help from Formula 1 star Alex Albon

• November 14, 2024 14 Nov'24

  MPs hold first ever debate on live facial recognition

  MPs have held an open debate on police use of live facial recognition technology for the first time since it was initially deployed by the Met Police in August 2016

• November 14, 2024 14 Nov'24

  Ping CEO on ForgeRock integration and future of identity

  Ping Identity CEO Andre Durand discusses the company’s unified roadmap, commitment to customer stability and growth plans in the evolving identity landscape following the merger with ForgeRock

• November 13, 2024 13 Nov'24

  China’s Volt Typhoon rebuilds botnet in wake of takedown

  Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever

• November 13, 2024 13 Nov'24

  Ex-boxer fights US government over legality of Sky ECC cryptophone intercepts

  Lawyers for former heavyweight boxer Goran Gogic argue that US prosecutors’ reliance on messages obtained by a European police hacking operation into the SKY ECC encrypted phone network breaches the US constitution

• November 12, 2024 12 Nov'24

  Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024

  High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update

• November 12, 2024 12 Nov'24

  Zero-day exploits increasingly sought out by attackers

  Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023

• November 12, 2024 12 Nov'24

  Police cloud project raises data protection concerns despite legal reforms

  Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud

• November 12, 2024 12 Nov'24

  How quantum computing could reshape financial services

  Experts at the Singapore FinTech Festival predict quantum computing will improve risk management, investment strategies and fraud detection in the financial sector, while also posing new challenges for data security

• November 11, 2024 11 Nov'24

  Fresh concerns over NHS England registries procurement

  Clinicians and technologists behind a number of medical devices registries being brought together by NHS England on a new common platform have accused the health service of flouting public sector procurement regulations

• November 07, 2024 07 Nov'24

  Google Cloud MFA enforcement meets with approval

  Latest Google Cloud policy to enforce multifactor authentication across its user base is welcomed by security professionals

• November 07, 2024 07 Nov'24

  AI a force multiplier for the bad guys, say cyber pros

  CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders