Opinion

Opinion

Cloud security

• Security Think Tank: Attackers leveraging the supply chain

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months  Continue Reading

• The way we talk and think about tech is crucial to helping solve the skills shortage crisis

  Companies are looking to short-term fixes to find IT specialists, but there is still a need for long-term solutions  Continue Reading

• Security Think Tank: In the cloud, anti-human approaches set us up to fail

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months  Continue Reading

• Zero trust: Now is the time

  The cyber security industry has been talking about a zero-trust approach to security for just over a decade, but now it’s time to move towards full implementation because it is more appropriate than ever, and it is rapidly gaining support from ...  Continue Reading

• Security Think Tank: SASE – marketing buzz or the future of security?

  SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT  Continue Reading

• Is SASE mere vendor hype? It’s more nuanced than that

  There’s no doubt that SASE is being overhyped, but nevertheless the concept holds value that security teams should not discount, according to PA Consulting analysts  Continue Reading

• Invest in cyber security with confidence using a structured approach

  Cyber security has never been more challenging or important in rapidly changing business, regulatory, IT and threat environments. There is a need for a more structured approach to investment  Continue Reading

• The rise of the chief risk officer

  The impact of the Covid-19 pandemic has seen chief risk officers take their rightful place in the boardroom  Continue Reading

• Supply chain cyber security is only as strong as the weakest link

  A spate of high-profile cyber attacks has highlighted the criticality of supply chain security and put new pressures on security leaders. How can we ensure that cyber security remains robust down the full length of supply chains?  Continue Reading

• How the cyber security market is evolving

  The cyber security market has gained even greater importance in the post-Covid era and continues to grow and evolve. But what factors are driving trends in that market and what should your organisation consider when making cyber security investments?  Continue Reading

• Government-led innovation can help cyber startups find a market

  There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path  Continue Reading

• Going back to office networks, only to dismantle them once and for all

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• UK data exchanges with EU can continue after adequacy decision - but for how long?

  For now European businesses can continue to send data to the UK without additional safeguards and paperwork. How long will it last?  Continue Reading

• Security Think Tank: Are security teams the unsung heroes of 2020?

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Plan for hybrid working to become normal

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Don’t bet on a new normal just yet

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Cyber effectiveness, efficiency key in 2021

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• How to manage non-human identities

  Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach  Continue Reading

• Negotiating the complexities of international transfers of personal data

  How to navigate international data transfers, standard contractual clauses and the impact of Brexit on data protection  Continue Reading

• Security Think Tank: Integration between SIEM/SOAR is critical

  SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• Security Think Tank: SOAR to the next level with automation

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• SIEM or SOAR or both? Consider your business complexity first

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• Security Think Tank: Adapting defences to evolving ransomware and cyber crime

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ...  Continue Reading

• Covid-19 has changed how we think about cyber security forever

  Six months into the global pandemic, the true impact on the future of cyber security is beginning to look clearer, says Microsoft’s Ann Johnson  Continue Reading

• Security Think Tank: Edge security in the world of Covid-19

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Edge datacentre security depends on specific needs

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: No secret sauce for edge security, just good practice

  That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Beware security blind spots at the edge

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Datacentre security is a business imperative

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Sharing responsibility: Why we need to work together to keep the cloud secure

  The education sector has been fundamentally altered by months of lockdown, with cloud services topping must-have lists for academic staff, but now it’s time to consider security  Continue Reading

• Security Think Tank: Seven steps to edge security

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Security at the distributed edge

  That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Ignore AI overheads at your peril

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: ‘Shift left’ to secure containers

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Australian government has failed on cyber security

  The federal government’s current approach of allowing each agency to make its own cyber decisions is not working and more needs to be done to hunt down adversaries  Continue Reading

• Security Think Tank: Securing containers needn’t be taxing

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Container security starts with good DevOps practice

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Container security is evolving, so must CISOs

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Four steps to container security best practice

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Zero trust strategies must start small, then grow

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: How zero trust lets you take back control

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust ...  Continue Reading

• Security Think Tank: Is data more or less secure in the cloud?

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Stopping data leaks in the cloud

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Base cloud security posture on your data footprint

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Cloud security is a shared responsibility

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security in the supply chain – a post-GDPR approach

  A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher's James Walsh reviews the fundamentals of supply chain security  Continue Reading

• Security Think Tank: Adapt security posture to your cloud model

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: The cloud needs security by design

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Secure the cloud when negotiating contracts

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: In the cloud, the buck stops with you

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Benefits and challenges of security segmentation

  What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome?  Continue Reading

• Security Think Tank: Cloud tech helps to protect advanced networks

  How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network?  Continue Reading

• Facebook’s high-stakes privacy gamble goes to Dublin court

  A high-wire gamble with billions in compensation at stake for European internet users – part of a complex case between Facebook and the Irish information commissioner – hides challenge to the unlawfulness of US state internet surveillance  Continue Reading

• eIDAS and the EU’s mission to create a truly portable identity

  It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes   Continue Reading

• Can we live without passwords?

  Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve  Continue Reading

• Security Think Tank: Pay attention to attribute-based system access permissions

  At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not  Continue Reading

• Everyone, everywhere is responsible for IIoT cyber security

  Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive ...  Continue Reading

• Why businesses must think like criminals to protect their data

  Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place  Continue Reading

• SD-WAN needs software-defined security

  Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected  Continue Reading

• Europe’s shameful role in spy-tech exports that led to torture and jail

  Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ...  Continue Reading

• Security Think Tank: Automating basic security tasks

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Encourage employees to use an approved messaging app

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Three things to do differently to secure websites in the cloud

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• My brother Lauri Love should have the right to a trial in the UK

  Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister  Continue Reading

• Legal hurdles cloud Max Schrems complaint over US spying

  The Irish High Court in Dublin has embarked on a long hearing into the legality of standard contractual clauses. It is a sideshow from the real issue – the legality of US surveillance in the UK and Ireland  Continue Reading

• Security Think Tank: Are employees cyber pawns or cyber heroes?

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Focus on high risk by automating low-risk patching

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Why Azure developers need security skills

  The unprecedented adoption of Microsoft Azure is a huge opportunity for developers, but they must keep their security skills updated  Continue Reading

• Security Think Tank: Know the business risks of using the internet

  What are the main security risks associated with DNS and how are these best mitigated?  Continue Reading

• Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition

  Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon  Continue Reading

• The problem with passwords: how to make it easier for employees to stay secure

  An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems  Continue Reading

• Are cloud users worrying about nothing when it comes to data sovereignty?

  With the upheaval surrounding the EU-US Privacy Shield, Clive Longbottom takes a closer look at the issue of sovereignty  Continue Reading

• When a slowdown in IT budgets is a good thing

  IT budgets will grow at their slowest rate for four years in 2016, yet companies are spending more on digital technology  Continue Reading

• Network security systems – dedicated or multifunction?

  For small and medium-sized businesses looking to secure their networks, multifunction security systems are a better option than best-of-breed technology  Continue Reading

• Life’s a breach: How to handle the press after a hacking attack

  Emily Dent, specialist in crisis PR, offers some advice to organisations that unexpectedly find themselves in the headlines  Continue Reading

• European regulation shakes up online payments security

  Payment service providers and merchants should lose no time in assessing the affect of proposed European security regulations  Continue Reading

• The bad theatre of the Intelligence and Security Committee

  The report of the Intelligence and Security Committee was like a piece of bad theatre  Continue Reading

• US technology companies facing growing UK pressure over internet spying

  Tension is growing between the UK and US over Prism spying  Continue Reading

• A phisher’s paradise

  Email is one of the earliest services created on the internet and, arguably, remains the most important  Continue Reading

• Security Think Tank: Seven strategies for limiting cloud data leakage

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Three-pronged approach to cloud security

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Control smart devices and apps like the rest of ICT

  What can IT security teams do to ensure users are not unwittingly synchronising sensitive corporate data to insecure cloud backup services?  Continue Reading

• Security Think Tank: Three ways to reduce risk of cloud data leaks

  How can IT security teams ensure users are not synchronising sensitive corporate data to insecure cloud backup services?  Continue Reading

• Security Think Tank: Use governance strategy to manage cloud backups

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Celebrity photo leaks highlight cloud security issues

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: CIOs – demand an automated, standardised integration

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Eight steps to extending IAM to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Extending IAM controls to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• It’s time to add cyber insurance to your cyber security strategy

  Insurance policies for cyber crime have become more credible and viable  Continue Reading

• Security Think Tank: Do not trust the network to ensure secure collaboration

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: Enable collaboration by putting data at the heart of security

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: CISOs should be first stop on the way to cloud

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: UK firms still not entirely comfortable with cloud

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Choose public or private cloud with a clear head

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Balancing cloud risk and reward

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Striking the hybrid cloud balance

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Before cloud, engage with asset owners

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Living with Google Glass – not quite useful enough to overcome the dork-factor

  Businesses will use Google Glass first, says Simon Dring after spending a few days living with the technology.  Continue Reading

• Security Think Tank: A pragmatic and practical guide to secure hybrid clouds

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Cloud is not that different

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading