Opinion
Opinion
IT for manufacturing
-
A new security partnership to build a silicon valley in South Wales
The £140m acquisition of Newport Wafer Fab by American firm Vishay is to be welcomed but the UK needs needs security, stability and strategic investment to grow our domestic semiconductor capability, writes Alun Cairns MP Continue Reading
-
How can we adapt work practices to protect CISO mental health?
Cyber leaders are finding it harder to keep up with security requirements than just two years ago, risking a domino effect of dissatisfaction, burnout and eventually, resignation Continue Reading
-
Security Think Tank: The phishing forecast for 2024
Egress' Jack Chapman and James Dyer explore how phishing attacks are set to grow in their scope and sophistication this year, with generative AI playing a big role Continue Reading
-
The human toll of ransomware: how IT pros suffer during incidents
Any ransomware attack causes significant challenges for a business or organisation going through such incident. But ransomware attacks also have tremendous impact on the staff – especially IT teams – working on mitigating the attack’s effect Continue Reading
-
Beyond the office walls: Safeguarding remote workers from attack
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Evolving best practice: What next for securing remote work?
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Security Think Tank: Testing to improve remote worker security
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Security Think Tank: Anytime, anywhere access is achievable
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
AI vs software outsourcing: An opportunity or a threat?
While artificial intelligence offers unprecedented opportunities for growth, efficiency and automation, it also raises pertinent questions about the future of software outsourcing Continue Reading
-
The trust deficit in CNI: How to address a growing concern
When it comes to addressing the trust deficit in CNI, technological advancements, evolving threats, inadequate regulations, insufficient investment, public awareness, and international cooperation are all critical components that need attention Continue Reading
-
Why technology jobs are proving resilient
The clamour for technology professionals has become less frenetic in recent months but demand for IT skills remains high Continue Reading
-
Security Think Tank: Adopt a coherent framework for ID first security
With IAM central to enabling appropriate access to cloud-based services, identity first security is becoming a key trend for IAM in the cloud. Continue Reading
-
Security Think Tank: Training can no longer be a compliance exercise
Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading
-
Cyber training in 2023 needs to drive measurable change
2023 will see more focus on security training programmes that not only provide employees with an understanding of the risks they face but more importantly drive measurable behavioural change, says PA Consulting’s Richard Allen Continue Reading
-
Cyber security training: Insights for future professionals
Future cyber security professionals need soft skills as well as technical ones, says security educator Sudeep Subramanian Continue Reading
-
Security Think Tank: New trends and drivers in cyber security training
Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading
-
How to protect your business from fraud during a recession
This winter, the chilly winds of a global recession have fraudsters turning up the heat. PJ Rohall of SEON Fraud Fighters shares some guidance on how to bundle up against fraud Continue Reading
-
Security Think Tank: Poor training is worse than no training at all
Bad security training is a betrayal of users, a security risk, and ultimately a waste of money, but there are some reasons to be optimistic about the future, say Mike Gillespie and Ellie Hurst of Advent IM Continue Reading
-
Security Think Tank: In 2023, we need a new way to cultivate better habits
Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress Continue Reading
-
Security Think Tank: Getting the training and development mix right
Rob Dartnall, CEO at SecAlliance and chair of Crest’s UK Council, describes the need for formal, varied and continuous development in the cyber security sector Continue Reading
-
How does red teaming test the ultimate limits of cyber security?
An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading
-
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
Security Think Tank: Embrace prioritisation, people, imperfections
Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading
-
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
Ransomware: Is there hope beyond the overhyped?
Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading
-
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
Your staff are the frontline in your ransomware fight
As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading
-
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
Cyber insurance: The good, the bad and the ugly
Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee Continue Reading
-
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
Security Think Tank: Anti-ransomware strategies should be as easy as ABC
When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading
-
To fight ransomware, we must treat digital infrastructure as critical
Ransomware defence is failing because we don’t view our digital infrastructure in the same way as our physical infrastructure, argues Elastic’s Mandy Andress Continue Reading
-
Security Think Tank: Ransomware and CISOs’ balancing act
Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection but also response and recovery Continue Reading
-
Security Think Tank: Know your networks, know your suppliers
To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights Continue Reading
-
Security Think Tank: Container security: why so different?
Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas Continue Reading
-
How has container security changed since 2020, and have we taken it too far?
While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up Continue Reading
-
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access ... Continue Reading
-
Security Think Tank: Don’t rely on insurance alone
Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables Continue Reading
-
Cyber insurance: An effective use of your scant security budget?
The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading
-
Lots to consider when buying cyber insurance, so do your homework
When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading
-
Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it
In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading
-
Security Think Tank: Now is the time to think about cyber insurance
Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs Continue Reading
-
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
What will the Data Reform Bill mean for UK businesses operating in the EU?
Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading
-
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
Consider governance, coordination and risk to secure supply chain
A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
-
Security Think Tank: Best practices for boosting supply chain security
In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading
-
Security Think Tank: Basic steps to secure your supply chain
When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading
-
Security Think Tank: Don’t trust the weakest link? Don’t trust any link
Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must Continue Reading
-
The importance of making information security more accessible
Robin Smith, CSO of Aston Martin Lagonda, talks about how an accessible approach to cyber is helping him to keep the organisation secure Continue Reading
-
Strong internal foundations are key to withstanding external threats
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ... Continue Reading
-
Security Think Tank: To follow a path, you need a good map
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ... Continue Reading
-
Revised scope of UK security strategy reflects digitised society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF Continue Reading
-
UK Cyber Strategy a welcome injection of progress
The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber Continue Reading
-
National Cyber Strategy will enhance UK’s cyber power status
The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of ... Continue Reading
-
How cyber security teams can conquer the four-day working week
The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition Continue Reading
-
National Cyber Strategy misses the mark in one important way
The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way Continue Reading
-
Security Think Tank: Good training is all about context
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
Phishing tests are a useful exercise, but don’t overdo it
The vast majority of cyber attacks start with a phish, so it’s not surprising that phishing tests form part of cyber training plans. But sometimes these tests go too far. Cyberis’ Gemma Moore looks at how to avoid the pitfalls Continue Reading
-
Security Think Tank: How to build a human firewall
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
Understand your cyber training ‘need’ before committing to a programme
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service? Continue Reading
-
Security Think Tank: Focus on ‘nudging’ to build effective cyber training
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service? Continue Reading
-
A trial relying on computer evidence should start with a trial of the computer evidence
Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history Continue Reading
-
Security Think Tank: Reframing CISO-boardroom relations
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
Security Think Tank: Attackers leveraging the supply chain
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months Continue Reading
-
Security Think Tank: Think people, processes and systems
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
A ‘whole of society’ approach to cyber may be on the horizon
Nominet Cyber managing director David Carroll reflects on the NCSC’s latest annual review amid 2021’s fast-evolving threat landscape Continue Reading
-
Security Think Tank: SASE – marketing buzz or the future of security?
SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading
-
Security Think Tank: Consider cyber policies and procedures as you welcome employees back
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Security Think Tank: Reopening is an opportunity to reassess wider security posture
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Long-term thinking is vital to secure UK’s critical infrastructure
To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie Continue Reading
-
IR35 private sector reforms: What firms need to do now the start date has passed
While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do Continue Reading
-
Post Office’s full and final settlement with Horizon scandal victims in plain English
The legal settlement with subpostmaster victims of the Horizon scandal that the government and the Post Office say is “full and final” is anything but Continue Reading
-
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Security Think Tank: CNI operators are in an unenviable position
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Rogue drones beware: We’re here to ground you
Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office Continue Reading
-
A Covid-19 response to supply chain fragility
The global pandemic, lockdowns and local lockdowns have required organisations to operate agile supply chains Continue Reading
-
The new age of supply chains post-Covid
Supply chain managers have been predicting the future for years. Now manufacturers are relying on insights to inform their decision-making Continue Reading
-
Top 10 skills to include in your IT CV
Find out what skills and keywords you should include on your CV to stand out as an IT professional in a competitive market Continue Reading
-
EC publishes approach to human and ethical implications of AI, but what will UK do?
The European Commission has published a guide to the EU’s approach to the human and ethical effects that artificial intelligence might bring Continue Reading
-
The super-resilient IT function
IT functions don’t have to continue taking the blame for organisational failures, they can take the lead in transforming the business Continue Reading
-
The five software testing techniques every software developer should know about
Five simple testing techniques that will help developers test their software systematically, thoroughly and quickly Continue Reading
-
Businesses need to keep investing in tech and hope to avoid a no-deal Brexit
A no-deal Brexit could have serious consequences for the UK tech sector and skills base, making it more difficult to recruit technology specialists and hire freelancers Continue Reading
-
Security Think Tank: Risk mitigation is key to blockchain becoming mainstream
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Building a cyber-physical immune system
Shantanu Rane, researcher in cyber-physical systems security at the Palo Alto Research Center, explains how our own immune systems can inspire the design of modern cyber-physical systems Continue Reading
-
Why the rise of IT managed by the business is driving creative thinking
Organisations that encourage business units to implement and run their own IT systems have an edge over competitors that rely entirely on the IT department, research from Harvey Nash and KPMG reveals Continue Reading
-
Security Think Tank: In-app segregation more intelligent and permissive
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Seven steps to manage risk of catastrophic cyber attack
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: How to reduce the impact of a potential cyber extinction event
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Goliath vs Goliath and the complexities of 5G intellectual property
Is Apple the good guy or the bad guy? It has violated patents and had its wrist slapped by the courts (bad), yet its products are still available for adoring fans to buy (good) Continue Reading
-
Growing board focus on cyber risk challenges current thinking
As digital transformation continues to drive change in the business and risk landscape, business and cyber security leaders need to improve discussions around this topic Continue Reading
-
Making the move to cloud work for you
Getting the best out of a move to the cloud means getting the size right, turning off what you don’t need, smart purchasing and continuously decluttering your new environment Continue Reading