News

IT risk management

• September 22, 2011 22 Sep'11

  SQL injection attacks increasing in number, sophistication and potency, researchers find

  The prevalence and intensity of SQL injection attacks are increasing, according to Imperva.

• September 21, 2011 21 Sep'11

  Gartner: Best defence against social media threats is monitoring and education

  Blocking social media in the enterprise encourages bad behaviour by employees but does not prevent access, warns Gartner.

• September 20, 2011 20 Sep'11

  Gartner: Keep encryption simple and standardised to cut cost and complexity

  Businesses should consider self-encrypting drives (SEDs) for new installations that hold significant volumes of sensitive data, says Gartner.

• September 19, 2011 19 Sep'11

  Defense in depth a dying philosophy: Eddie Schwartz

  The approach to information security needs to evolve, says Edward Schwartz, CISO at RSA. Agility, dynamism, and fresh security paradigms a need of the hour.

• September 15, 2011 15 Sep'11

  Cyber attacks are becoming lethal, warns US cyber commander

  Cyber attacks are escalating from large-scale theft and disruption of computer operations to more lethal attacks that destroy systems and physical equipment, according to the head of the US Cyber Command.

• September 14, 2011 14 Sep'11

  IT development underpinning Universal Credits comes under fire from MPs and experts

  The delivery of Universal Credits is coming under fire as observers are casting an increasingly critical eye on the IT systems underpinning the politically sensitive project.

• September 14, 2011 14 Sep'11

  Security update: Light Microsoft Patch Tuesday with low application impact plus critical Adobe fixes

  Microsoft's September Patch Tuesday security update is relatively light with only five security updates.

• September 13, 2011 13 Sep'11

  GlobalSign web certificate authority back online after breach by hacker

  Belgian web certificate authority (CA) GlobalSign is back online after investigating claims by the hacker who breached the Dutch DigiNotar CA that its systems had also been breached.

• September 08, 2011 08 Sep'11

  Web security certificate breach widens

  GlobalSign, the fifth largest digital certificate issuer, has suspended the issuing of authentication certificates for websites after the DigiNotar hacker claimed to have breached its systems

• September 08, 2011 08 Sep'11

  University challenge: using IT to improve services and reduce costs

  Universities face a balancing act as they become increasingly expected to improve the experiences of more demanding students while making budgets go further, and IT is a critical tool in finding this balance.

• September 08, 2011 08 Sep'11

  Nike+ problems demonstrate the risk of social media success

  The rewards for creating a customer-focused online community are huge. But success comes at a price, as recent issues encountered by Nike's Nike+ running site illustrate. Matt Scott investigates.

• September 07, 2011 07 Sep'11

  DigiNotar certificate authority breach: Why it matters

  There has been much speculation around the identity and motive of the hacker who was able to breach DigiNotar and issue fraudulent digital certificates for hundreds of websites, but putting such speculation aside, what is the broader significance of...

• September 02, 2011 02 Sep'11

  ICO slams Scottish Children’s Reporter Administration for data breaches

  The Information Commissioner's Office has criticised the Scottish Children's Reporter Administration for twice leaking sensitive personal information about young children in breach of the Data Protection Act.

• August 30, 2011 30 Aug'11

  Orange restores broadband customers' e-mail account access but loses data

  A problem with Orange e-mail – which locked out broadband customers – has been partly fixed as access to the accounts is restored, but weeks of e-mails may be lost.

• August 30, 2011 30 Aug'11

  Facebook pays security bug bounty hunters $40,000 in three weeks

  Facebook has revealed its security bug bounty initiative has paid out more than $40,000 in just three weeks – but has not revealed how many security vulnerabilities have been reported or how many have been fixed.

• August 26, 2011 26 Aug'11

  Lack of soft skills training is curbing IT career progression

  Employers are failing to provide IT professionals with the business...

• August 23, 2011 23 Aug'11

  Why major IT projects are more likely to fail than any others

  Major IT projects are 20 times more likely to fail than other business initiatives because project managers are ignoring unpredictable events, says a major research study by Oxford University.

• August 22, 2011 22 Aug'11

  Failed IT projects demolish big businesses and executive careers, say researchers

  IT projects spinning out of control in the public and private sector are ending the careers of senior executives and causing entire businesses to collapse.

• August 19, 2011 19 Aug'11

  What does HP's Autonomy acquisition mean for the UK tech sector?

  HP's bombshell announcement that it is to acquire Autonomy has left many questioning where this leaves the UK software industry. Computer Weekly asks the experts what the deal means for UK home-grown tech talent and what HP is likely to achieve with...

• August 19, 2011 19 Aug'11

  Customers may think twice about HP as PC business looks uncertain

  As HP announces a major shake-up of its product range and services, analysts warn customers could think twice about HP contracts as a result of uncertainty surrounding its PC business.

• August 18, 2011 18 Aug'11

  NHS trusts already planning a way out of National Programme contracts

  NHS trusts in the National Programme for IT's beleaguered southern region have already begun drafting specifications for systems that may replace those supplied under the controversial project.

• August 16, 2011 16 Aug'11

  Information Commissioner calls for more privacy improvements at Google

  The Information Commissioner's Office says an audit at Google's London office shows the company has taken reasonable steps to improve its privacy policies, but could do more.

• August 10, 2011 10 Aug'11

  Adobe issues security updates for Flash, Shockwave, Photoshop and RoboHelp

  Adobe has issued fixes for vulnerabilities in Flash, Shockwave, Photoshop, RoboHelp and Flash Media Server in the latest security update.

• August 09, 2011 09 Aug'11

  Ten-year-old hacker exposes exploitable flaws in Apple and Android games

  A 10-year-old Californian hacker has exposed a new type of security vulnerability in many mobile games at a hacker conference in Las Vegas.

• August 09, 2011 09 Aug'11

  Blackberry to co-operate with police after youths used BBM to organise riots

  Research in Motion has said that it will co-operate with the police after it was revealed that London rioters used Blackberry Messenger rather than Twitter to organise looting sprees across the capital, with violence later spreading to Birmingham, ...

• August 08, 2011 08 Aug'11

  Customer data privacy program poised to roll out at Airtel

  Airtel’s customer data privacy program will roll out in phases. With the pilot almost completed, Airtel is confident of meeting data privacy regulations.

• August 08, 2011 08 Aug'11

  US standards body issues warning to energy suppliers over cyber attacks

  A US energy industry standards body has warned suppliers to improve their defences against cyber attacks.

• August 08, 2011 08 Aug'11

  Toxic National Programme for IT contracts to be housed under one body

  Billions of pounds of toxic IT contract exposures at the Department for Health could be housed under one central unit, according to reports.

• August 02, 2011 02 Aug'11

  NHS trust forced to adopt National Programme patient records system or face £8.8m fine

  An NHS trust was forced to buy care records software through the National Programme for IT or face the threat of an £8.8m fine - even though it had a longstanding supplier in place.

• August 01, 2011 01 Aug'11

  Former government CIO John Suffolk joins Huawei as head of cybersecurity

  Former government CIO John Suffolk has joined China-based IT company Huawei as global head of cybersecurity.

• July 28, 2011 28 Jul'11

  Highlights from 'A recipe for rip-offs' - the Select Committee report on government IT

  The Public Administration Select Committee has published a scathingly critical report on government's use of IT. We've chosen a selection of the highlights from the report.

• July 27, 2011 27 Jul'11

  Computer glitch halts Post Office card transactions

  Customers have been unable to complete card transactions at the Post Office after a computer glitch across all branches...

• July 25, 2011 25 Jul'11

  US House of Representatives committee approves cybersecurity standards bill

  The US House of Representatives has passed a bill designed to increase education, research and development to counteract cyberthreats.

• July 25, 2011 25 Jul'11

  UK confirms international cyber rules conference

  UK foreign secretary William Hague has confirmed that the government is to host an international conference on cyberspace in London on 1 and 2 November 2011.

• July 22, 2011 22 Jul'11

  British Computer Society – the case for change

  A year on from the BCS extraordinary general meeting (EGM), Amit Bhagwat looks at how BCS has evolved, why the EGM came about and gave the results that it did, what has followed since and, how BCS might consider its future from here.

• July 21, 2011 21 Jul'11

  Trend Micro aims to secure consumer mobile devices for enterprises

  Security firm Trend Micro has announced an enterprise mobile management product to help organisations integrate consumer devices into an enterprise environment in a secure way.

• July 20, 2011 20 Jul'11

  (ISC)² publishes official guide to CSSLP

  Information security body (ISC)² has published the only official guide to the Certified Secure Software Lifecycle Professional (CSSLP) certification.

• July 20, 2011 20 Jul'11

  Data breach at York University highlights urgency of security checks, says ICO

  The University of York's accidental breach of thousands of students' personal data points to a need for improved security checks, according to the Information Commissioner's Office.

• July 13, 2011 13 Jul'11

  Central government staff lack skills in IT

  A significant proportion of civil servants lack skills in areas such as IT, a National Audit Office report has found.

• July 12, 2011 12 Jul'11

  Cyber terrorism set to increase after al-Qaeda calls for more cyber attacks, says government

  Cyber terrorism will become an increasing problem as the tools and techniques needed for cyber attacks become more widely available, according to a report on the government's new counter-terrorism strategy.

• July 11, 2011 11 Jul'11

  Microsoft packs a lot into July’s four Patch Tuesday security updates

  Microsoft is to release only four security updates in this month's Patch Tuesday security update, but these will cover 22 vulnerabilities in Windows and Office.

• July 08, 2011 08 Jul'11

  Businesses understand social media risks but fail to take precautions, says survey

  Businesses are using social media without taking adequate measures to monitor staff activity, which could open them up to security attacks and create compliance risks.

• July 07, 2011 07 Jul'11

  FireControl project failed because of inadequate EADS contract, MPs told

  The failure of the canned £469m FireControl project was due to an inadequate IT contract, MPs were told at a Public Accounts Committee (PAC).

• July 07, 2011 07 Jul'11

  ICO calls on UK businesses to open their doors to audits and reduce data breaches

  Private enterprises make up a third of data security breach claims, but despite this, many continue to resist the offer of an audit by the Information Commissioner's Office (ICO), according to the privacy watchdog's latest annual report.

• July 05, 2011 05 Jul'11

  ICO issues warning over NHS Data Protection Act breaches

  Following five more NHS Data Protection Act violations, the Information Commissioner’s Office will redouble efforts to help NHS improve security.

• July 04, 2011 04 Jul'11

  Hulu withdraws Facebook Connect feature after software glitch leaked users' data

  US online video service Hulu has withdrawn its Facebook Connect integration because of security problems discovered soon after launch.

• July 04, 2011 04 Jul'11

  Hacker group Anonymous steals user names and passwords in cyber attack on Apple

  Hacker group Anonymous claims to have stolen 25 internal user names and passwords from Apple in the latest of a series of attacks on government and corporate websites around the world.

• June 30, 2011 30 Jun'11

  Japan earthquake and tsunami provides first real test of high-tech disaster recovery, says Microsoft

  Japan's earthquake and tsunami that killed at least 15,000 people and left 11,000 missing in March 2011 was the first real test of disaster recovery and business continuity plans on a large scale in a high-tech country, according to Microsoft.

• June 29, 2011 29 Jun'11

  Update software to reduce risk of cyber attack, top suppliers tell business

  Businesses are unnecessarily exposing themselves to cyber attack simply by failing to update to the latest versions of the software they are running, according to Microsoft and Adobe.

• June 27, 2011 27 Jun'11

  Lulz Security announces it is to disband following 50-day hacking spree 'cruise'

  Lulz Security – a group of hackers claiming responsibility for hacking Sony and Nintendo and taking down the websites of the Serious Organised Crime Agency and the US Senate – has announced it is to disband.