Opinion

Opinion

IT for manufacturing

• Security Think Tank: Effective DevSecOps requires collaboration

  Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access ...  Continue Reading

• Security Think Tank: Don’t rely on insurance alone

  Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables  Continue Reading

• Cyber insurance: An effective use of your scant security budget?

  The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes  Continue Reading

• Lots to consider when buying cyber insurance, so do your homework

  When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity  Continue Reading

• Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it

  In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered  Continue Reading

• Security Think Tank: Now is the time to think about cyber insurance

  Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs  Continue Reading

• Assessment and knowledge: Your key tools to secure suppliers

  There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal  Continue Reading

• What will the Data Reform Bill mean for UK businesses operating in the EU?

  Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union  Continue Reading

• Security Think Tank: Supply chain security demands systematic approach

  Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business  Continue Reading

• Security Think Tank: Balanced approach can detangle supply chain complexity

  Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices  Continue Reading

• Supply chain security goes deep – forget this at your peril

  It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology  Continue Reading

• Consider governance, coordination and risk to secure supply chain

  A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on  Continue Reading

• Security Think Tank: Best practices for boosting supply chain security

  In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk  Continue Reading

• Security Think Tank: Basic steps to secure your supply chain

  When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail  Continue Reading

• Security Think Tank: Don’t trust the weakest link? Don’t trust any link

  Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must  Continue Reading

• The importance of making information security more accessible

  Robin Smith, CSO of Aston Martin Lagonda, talks about how an accessible approach to cyber is helping him to keep the organisation secure  Continue Reading

• Strong internal foundations are key to withstanding external threats

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• Security Think Tank: To follow a path, you need a good map

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• Revised scope of UK security strategy reflects digitised society

  The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF  Continue Reading

• UK Cyber Strategy a welcome injection of progress

  The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber  Continue Reading

• National Cyber Strategy will enhance UK’s cyber power status

  The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of ...  Continue Reading

• How cyber security teams can conquer the four-day working week

  The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition  Continue Reading

• National Cyber Strategy misses the mark in one important way

  The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way  Continue Reading

• Security Think Tank: Good training is all about context

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service?  Continue Reading

• Phishing tests are a useful exercise, but don’t overdo it

  The vast majority of cyber attacks start with a phish, so it’s not surprising that phishing tests form part of cyber training plans. But sometimes these tests go too far. Cyberis’ Gemma Moore looks at how to avoid the pitfalls  Continue Reading

• Security Think Tank: How to build a human firewall

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service?  Continue Reading

• Understand your cyber training ‘need’ before committing to a programme

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service?  Continue Reading

• Security Think Tank: Focus on ‘nudging’ to build effective cyber training

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service?  Continue Reading

• A trial relying on computer evidence should start with a trial of the computer evidence

  Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history  Continue Reading

• Security Think Tank: Reframing CISO-boardroom relations

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months  Continue Reading

• Security Think Tank: Attackers leveraging the supply chain

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months  Continue Reading

• Security Think Tank: Think people, processes and systems

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months  Continue Reading

• A ‘whole of society’ approach to cyber may be on the horizon

  Nominet Cyber managing director David Carroll reflects on the NCSC’s latest annual review amid 2021’s fast-evolving threat landscape  Continue Reading

• Security Think Tank: SASE – marketing buzz or the future of security?

  SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT  Continue Reading

• Security Think Tank: Consider cyber policies and procedures as you welcome employees back

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Security Think Tank: Reopening is an opportunity to reassess wider security posture

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Long-term thinking is vital to secure UK’s critical infrastructure

  To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie  Continue Reading

• IR35 private sector reforms: What firms need to do now the start date has passed

  While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do  Continue Reading

• Post Office’s full and final settlement with Horizon scandal victims in plain English

  The legal settlement with subpostmaster victims of the Horizon scandal that the government and the Post Office say is “full and final” is anything but  Continue Reading

• Security Think Tank: Evolving threats, tech, leaves CNI exposed

  In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Attacks on CNI – an evolving frontier in warfare

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Take a realistic perspective on CNI cyber attacks

  In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: CNI operators must focus on core issues

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: CNI operators are in an unenviable position

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Rogue drones beware: We’re here to ground you

  Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office  Continue Reading

• A Covid-19 response to supply chain fragility

  The global pandemic, lockdowns and local lockdowns have required organisations to operate agile supply chains  Continue Reading

• The new age of supply chains post-Covid

  Supply chain managers have been predicting the future for years. Now manufacturers are relying on insights to inform their decision-making  Continue Reading

• Top 10 skills to include in your IT CV

  Find out what skills and keywords you should include on your CV to stand out as an IT professional in a competitive market  Continue Reading

• EC publishes approach to human and ethical implications of AI, but what will UK do?

  The European Commission has published a guide to the EU’s approach to the human and ethical effects that artificial intelligence might bring  Continue Reading

• The super-resilient IT function

  IT functions don’t have to continue taking the blame for organisational failures, they can take the lead in transforming the business  Continue Reading

• The five software testing techniques every software developer should know about

  Five simple testing techniques that will help developers test their software systematically, thoroughly and quickly  Continue Reading

• Businesses need to keep investing in tech and hope to avoid a no-deal Brexit

  A no-deal Brexit could have serious consequences for the UK tech sector and skills base, making it more difficult to recruit technology specialists and hire freelancers  Continue Reading

• Security Think Tank: Risk mitigation is key to blockchain becoming mainstream

  What are the best and most effective ways information security professionals can use blockchain technology?  Continue Reading

• Building a cyber-physical immune system

  Shantanu Rane, researcher in cyber-physical systems security at the Palo Alto Research Center, explains how our own immune systems can inspire the design of modern cyber-physical systems  Continue Reading

• Why the rise of IT managed by the business is driving creative thinking

  Organisations that encourage business units to implement and run their own IT systems have an edge over competitors that rely entirely on the IT department, research from Harvey Nash and KPMG reveals  Continue Reading

• Security Think Tank: In-app segregation more intelligent and permissive

  What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome?  Continue Reading

• Security Think Tank: Seven steps to manage risk of catastrophic cyber attack

  How should businesses plan to survive a potential cyber attack extinction event?  Continue Reading

• Security Think Tank: How to reduce the impact of a potential cyber extinction event

  How should businesses plan to survive a potential cyber attack extinction event?  Continue Reading

• Goliath vs Goliath and the complexities of 5G intellectual property

  Is Apple the good guy or the bad guy? It has violated patents and had its wrist slapped by the courts (bad), yet its products are still available for adoring fans to buy (good)  Continue Reading

• Growing board focus on cyber risk challenges current thinking

  As digital transformation continues to drive change in the business and risk landscape, business and cyber security leaders need to improve discussions around this topic  Continue Reading

• Making the move to cloud work for you

  Getting the best out of a move to the cloud means getting the size right, turning off what you don’t need, smart purchasing and continuously decluttering your new environment  Continue Reading

• Can we live without passwords?

  Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve  Continue Reading

• Douglas Engelbart, the forgotten hero of modern computing

  Half a century ago, Douglas Engelbart demonstrated an experimental computer that laid the foundations for modern computing. His vision to use computing power to solve complex problems in all areas of human activity has become reality, but not in the...  Continue Reading

• Agile becomes mainstream

  There are clear parallels between the conditions that led the IT industry to adopt agile approaches and the challenges facing business today  Continue Reading

• More effective digital transformation through the power of your own people

  The old model of escalating decisions up and down the management chain does not work any more. Business leaders need to delegate responsibility for projects to business and technology specialists and eliminate the fear of failure  Continue Reading

• Security Think Tank: Focus on security before app deployment

  What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack?  Continue Reading

• Everyone, everywhere is responsible for IIoT cyber security

  Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive ...  Continue Reading

• From Aberdeen to Brighton: Investing in the UK’s digital future

  More investment in the UK’s broadband infrastructure is critical to ensure the UK’s future success in technology in a post-Brexit world  Continue Reading

• Security Think Tank: Risk tolerance key to security outsourcing policy

  What critical security controls can be outsourced, and how do organisations – SMEs in particular – maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Mind your drone business

  Amazon is just the tip of the iceberg – companies are pouring hundreds of millions into the development of commercial drones  Continue Reading

• Big data skills shortages – and how to work around them

  Businesses are finding it hard to recruit enough people with big data and analytics skills, but for CIOs there are alternative strategies to consider  Continue Reading

• Tier 2 visas – a challenge for the tech sector

  With staff shortages already being reported in the technology sector and Brexit potentially adding to the problem, tech departments need to get their Tier 2 visa applications right  Continue Reading

• Taking the quantum leap: What is quantum technology for business?

  Quantum computers are many years away, but the first applications of quantum technology will arrive in only one or two years – so businesses need to be ready  Continue Reading

• Hacking the internet of things just got easier – it’s time to look at your security

  Are you taking security for internet-connected devices seriously enough?  Continue Reading

• Outsourcing is not dead or dying – it just needs to be done properly

  The collapse of Carillion and the profit warning at Capita have created a false sense of fear about the stability of the outsourcing sector  Continue Reading

• Security Think Tank: Use good practice to address cryptojacking risk

  How can organisations best defend against cryptojacking?  Continue Reading

• Protecting your intellectual property in a digital world

  Your business is creating innovative computer code, slick user interfaces, and is using digital technology to solve new problems. How do you protect your investment?  Continue Reading

• The seven levers of digital transformation

  Organisations that embark on digital transformation projects often run into difficulties. Following the seven principles of digital transformation will help them reap the benefits of digital technology  Continue Reading

• Driving digitisation: open standards in process automation

  Organisations often can’t take advantage of advances in digital technology due to the lack of interoperability in their IT systems in different facilities, but open standards promise a way forward  Continue Reading

• Security Think Tank: Cryptojacking can be costly

  How can organisations best defend against cryptojacking?  Continue Reading

• Why businesses must think like criminals to protect their data

  Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place  Continue Reading

• Security Think Tank: Use awareness, education and controls to halt cryptojacking

  How can organisations best defend against cryptojacking?  Continue Reading

• SD-WAN needs software-defined security

  Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected  Continue Reading

• Security Think Tank: Fileless malware not totally undetectable

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Awareness is a good starting point to counter fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Focus on high risk by automating low-risk patching

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Patching is vital and essentially a risk management exercise

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• The internet of things: an overview

  Despite security and other concerns, there are many benefits associated with embracing the internet of things  Continue Reading

• How AI is disrupting the role of call centres and call centre staff

  Artificial intelligence could eliminate many white-collar jobs in coming decades. Its effects are already being felt in the call centre industry, but there is still no substitute for the human touch  Continue Reading

• A new nearshoring game is emerging

  Countries selling themselves as nearshore business services locations need to change their sales pitches to avoid becoming like all the other countries doing the same  Continue Reading

• Consumer identity management is the core of real CRM

  IAM + CRM is much more than simply IAM for external users, says Ivan Niccolai  Continue Reading

• User acceptance testing needs real training, not just a short course

  In spite of its importance, user acceptance testing (UAT) is often chaotic, problematic and ineffective  Continue Reading

• Privacy concerns in the digital world

  Considering the full spectrum of privacy, people need to ask themselves if they are comfortable with all their characteristics in the public domain  Continue Reading

• How to appoint a new outsourcing supplier

  Outsourcing can come with its own security risks if not managed appropriately, making due diligence and clear contractual arrangements key  Continue Reading

• The ideology of hacking

  Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information  Continue Reading

• How to assess the security of a cloud service provider

  As businesses continue to put more information online, understanding cloud suppliers and agreements has never been more important  Continue Reading

• Security Think Tank: You can’t protect what you don’t know you’ve got

  IP theft: who should be tackling it and how?  Continue Reading

• How to survive a data breach

  Six practical tips on how to prepare for and survive a data breach  Continue Reading