Opinion

Opinion

IT for telecoms and internet organisations

• Security Think Tank: In 2023, we need a new way to cultivate better habits

  Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress  Continue Reading

• Security Think Tank: Getting the training and development mix right

  Rob Dartnall, CEO at SecAlliance and chair of Crest’s UK Council, describes the need for formal, varied and continuous development in the cyber security sector  Continue Reading

• The rise of fraud in pop culture is impacting consumers’ digital trust

  Shows such as The Tinder Swindler and Inventing Anna were big money-earners for Netflix in 2022, but Onfido’s Mike Tuchen says their popularity risks damaging consumer trust  Continue Reading

• How does red teaming test the ultimate limits of cyber security?

  An expert ethical hacker reveals how he goes about carrying out a red team exercise  Continue Reading

• Security Think Tank: 2022 brought plenty of learning opportunities in cyber

  At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros  Continue Reading

• Onwards to 6G - the UK government's 'bold plan' for a connected Britain

  The UK telecoms minister outlines the government's thinking on developing a digital infrastructure for the connected age  Continue Reading

• Security Think Tank: Embrace prioritisation, people, imperfections

  Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis  Continue Reading

• Security Think Tank: 2022 changed how we thought about resilience

  Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat  Continue Reading

• Security Think Tank: As cyber pros, we need to articulate our needs better

  There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham  Continue Reading

• Ransomware: Is there hope beyond the overhyped?

  Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity  Continue Reading

• Think technology, process, human risk to manage ransomware

  Effective ransomware handling boils down to three core areas – technology, process and human risk  Continue Reading

• Your staff are the frontline in your ransomware fight

  As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect  Continue Reading

• Security Think Tank: Ransomware defences: An extended to-do list

  Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things  Continue Reading

• Security Think Tank: Let’s be transparent about ransomware

  Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks  Continue Reading

• Cyber insurance: The good, the bad and the ugly

  Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee  Continue Reading

• Security Think Tank: To stop ransomware, preparation is the best medicine

  You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes  Continue Reading

• Security Think Tank: Anti-ransomware strategies should be as easy as ABC

  When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated  Continue Reading

• To fight ransomware, we must treat digital infrastructure as critical

  Ransomware defence is failing because we don’t view our digital infrastructure in the same way as our physical infrastructure, argues Elastic’s Mandy Andress  Continue Reading

• Security Think Tank: Ransomware and CISOs’ balancing act

  Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection but also response and recovery  Continue Reading

• Security Think Tank: Know your networks, know your suppliers

  To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights  Continue Reading

• Security Think Tank: Container security: why so different?

  Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas  Continue Reading

• How has container security changed since 2020, and have we taken it too far?

  While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up  Continue Reading

• Security Think Tank: Effective DevSecOps requires collaboration

  Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access ...  Continue Reading

• Security Think Tank: Don’t rely on insurance alone

  Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables  Continue Reading

• Cyber insurance: An effective use of your scant security budget?

  The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes  Continue Reading

• Lots to consider when buying cyber insurance, so do your homework

  When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity  Continue Reading

• Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it

  In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered  Continue Reading

• Security Think Tank: Now is the time to think about cyber insurance

  Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs  Continue Reading

• Assessment and knowledge: Your key tools to secure suppliers

  There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal  Continue Reading

• What will the Data Reform Bill mean for UK businesses operating in the EU?

  Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union  Continue Reading

• Security Think Tank: Supply chain security demands systematic approach

  Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business  Continue Reading

• Why the world needs tech standards for UN Sustainable Development Goals

  Chaesub Lee from the ITU argues that the world needs technology standards to address the UN’s Sustainable Development Goals  Continue Reading

• Security Think Tank: Balanced approach can detangle supply chain complexity

  Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices  Continue Reading

• Supply chain security goes deep – forget this at your peril

  It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology  Continue Reading

• Consider governance, coordination and risk to secure supply chain

  A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on  Continue Reading

• Security Think Tank: Best practices for boosting supply chain security

  In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk  Continue Reading

• Security Think Tank: Basic steps to secure your supply chain

  When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail  Continue Reading

• Security Think Tank: Don’t trust the weakest link? Don’t trust any link

  Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must  Continue Reading

• Strong internal foundations are key to withstanding external threats

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• Security Think Tank: To follow a path, you need a good map

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• Revised scope of UK security strategy reflects digitised society

  The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF  Continue Reading

• UK Cyber Strategy a welcome injection of progress

  The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber  Continue Reading

• National Cyber Strategy will enhance UK’s cyber power status

  The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of ...  Continue Reading

• How cyber security teams can conquer the four-day working week

  The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition  Continue Reading

• Encryption myths versus realities of Online Safety Bill

  The UK government can’t legislate the impossible – a safer society depends on encryption, not breaking it  Continue Reading

• National Cyber Strategy misses the mark in one important way

  The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way  Continue Reading

• Security Think Tank: Good training is all about context

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service?  Continue Reading

• Phishing tests are a useful exercise, but don’t overdo it

  The vast majority of cyber attacks start with a phish, so it’s not surprising that phishing tests form part of cyber training plans. But sometimes these tests go too far. Cyberis’ Gemma Moore looks at how to avoid the pitfalls  Continue Reading

• Tech sector can lead the fight against climate change

  The technology and telecoms sector has a dual role to play in sustainability – to transform its own organisation and ecosystems, and to use its role as a digital enabler to drive sustainability for its customers  Continue Reading

• Security Think Tank: How to build a human firewall

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service?  Continue Reading

• Understand your cyber training ‘need’ before committing to a programme

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service?  Continue Reading

• Security Think Tank: Focus on ‘nudging’ to build effective cyber training

  In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service?  Continue Reading

• A trial relying on computer evidence should start with a trial of the computer evidence

  Learning from the Post Office Horizon scandal - the most widespread miscarriage of justice in recent British legal history  Continue Reading

• Security Think Tank: Reframing CISO-boardroom relations

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months  Continue Reading

• Security Think Tank: Attackers leveraging the supply chain

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months  Continue Reading

• Security Think Tank: Think people, processes and systems

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months  Continue Reading

• A ‘whole of society’ approach to cyber may be on the horizon

  Nominet Cyber managing director David Carroll reflects on the NCSC’s latest annual review amid 2021’s fast-evolving threat landscape  Continue Reading

• Security Think Tank: SASE – marketing buzz or the future of security?

  SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT  Continue Reading

• Security Think Tank: Consider cyber policies and procedures as you welcome employees back

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Government-led innovation can help cyber startups find a market

  There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path  Continue Reading

• Security Think Tank: Reopening is an opportunity to reassess wider security posture

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Long-term thinking is vital to secure UK’s critical infrastructure

  To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie  Continue Reading

• Online Safety Bill: an opportunity for tech to get it right

  Long-awaited proposals for regulating internet companies still leave much to be defined – and the tech sector must take the lead in finalising a plan that works for society and government  Continue Reading

• IR35 private sector reforms: What firms need to do now the start date has passed

  While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do  Continue Reading

• Why we need to reset the debate on end-to-end encryption to protect children

  Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent  Continue Reading

• Security Think Tank: Evolving threats, tech, leaves CNI exposed

  In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Attacks on CNI – an evolving frontier in warfare

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Back to square one – ground-up CNI protection

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Properly protecting CNI demands specificity

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Take a realistic perspective on CNI cyber attacks

  In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: CNI operators must focus on core issues

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: CNI operators are in an unenviable position

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Why our online harms laws will be good for tech

  The UK's minister for digital infrastructure explains the government's thinking behind its proposals to regulate internet companies such as Facebook, Google and others  Continue Reading

• Top 10 skills to include in your IT CV

  Find out what skills and keywords you should include on your CV to stand out as an IT professional in a competitive market  Continue Reading

• 11 obscure questions, Facebook, Max Schrems and the European Court of Justice

  Eleven obscure questions will be the first step towards explaining why we in the UK and Europe have experienced 13 years of what has been described as ‘mass and indiscriminate surveillance’ by the US  Continue Reading

• CCPA enforcement has begun: Here’s what to expect

  The US’s California Consumer Privacy Act came into force in January this year, but enforcement against technology companies did not begin until this month  Continue Reading

• Coronavirus and privacy – finding the middle ground

  Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used  Continue Reading

• Gigabit broadband for new homes is essential to UK’s telecoms ambitions

  Digital minister outlines plans to develop UK’s telecoms infrastructure to make it fit for the future  Continue Reading

• EC publishes approach to human and ethical implications of AI, but what will UK do?

  The European Commission has published a guide to the EU’s approach to the human and ethical effects that artificial intelligence might bring  Continue Reading

• Making gigabit broadband a reality for everyone in the UK

  As the new government introduces its first legislation to boost full-fibre broadband, digital minister Matt Warman looks ahead to delivering on the Conservatives’ election promises  Continue Reading

• We can’t allow fake news and disinformation to upend our democracy

  Fake news, misinformation and cyber attacks are part of our political process – now is the time to act  Continue Reading

• The super-resilient IT function

  IT functions don’t have to continue taking the blame for organisational failures, they can take the lead in transforming the business  Continue Reading

• AI vs AI: How can we win the fake news battle?

  Many internet browsers and social media companies have been forced to take on a new responsibility to combat the dissemination of false information, but can they succeed?  Continue Reading

• The five software testing techniques every software developer should know about

  Five simple testing techniques that will help developers test their software systematically, thoroughly and quickly  Continue Reading

• Is there substance in Boris Johnson’s full-fibre broadband vision?

  The new prime minister made a bold promise to roll out full-fibre broadband across the country by 2025 – but it’s a challenging task that requires serious investment and planning  Continue Reading

• Businesses need to keep investing in tech and hope to avoid a no-deal Brexit

  A no-deal Brexit could have serious consequences for the UK tech sector and skills base, making it more difficult to recruit technology specialists and hire freelancers  Continue Reading

• UK businesses deserve a 5G networked nation

  The tech sector needs to coalesce around a unified, positive vision of 5G to establish a proper business case for ultrafast, low latency mobile  Continue Reading

• Security Think Tank: Changing the GDPR focus to business benefit

  What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Why the rise of IT managed by the business is driving creative thinking

  Organisations that encourage business units to implement and run their own IT systems have an edge over competitors that rely entirely on the IT department, research from Harvey Nash and KPMG reveals  Continue Reading

• Should tech companies capitalise R&D spending?

  Technology companies frequently ask whether they should capitalise their research and development costs. There are clear benefits, increasing reported profit and hence potential valuations, but what are the risks?  Continue Reading

• 5G’s first five years: A look ahead

  With 5G mobile networks edging closer to reality, GSMA Intelligence’s Matthew Iji looks ahead to consider how the technology will be adopted between now and 2024  Continue Reading

• Goliath vs Goliath and the complexities of 5G intellectual property

  Is Apple the good guy or the bad guy? It has violated patents and had its wrist slapped by the courts (bad), yet its products are still available for adoring fans to buy (good)  Continue Reading

• Making the move to cloud work for you

  Getting the best out of a move to the cloud means getting the size right, turning off what you don’t need, smart purchasing and continuously decluttering your new environment  Continue Reading

• Can we live without passwords?

  Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve  Continue Reading

• Douglas Engelbart, the forgotten hero of modern computing

  Half a century ago, Douglas Engelbart demonstrated an experimental computer that laid the foundations for modern computing. His vision to use computing power to solve complex problems in all areas of human activity has become reality, but not in the...  Continue Reading

• Drawing the line for cyber warfare

  With alleged Russian meddling in elections and the state-backed attack on Iran’s nuclear programme, it is becoming difficult to define the boundaries of cyber warfare  Continue Reading

• Agile becomes mainstream

  There are clear parallels between the conditions that led the IT industry to adopt agile approaches and the challenges facing business today  Continue Reading

• More effective digital transformation through the power of your own people

  The old model of escalating decisions up and down the management chain does not work any more. Business leaders need to delegate responsibility for projects to business and technology specialists and eliminate the fear of failure  Continue Reading

• UK winners and losers in digital tech

  The UK's retail and telecoms companies are among the best in the world at digital technology, but a survey of digital leaders shows there is still room for improvement for many UK firms  Continue Reading

• Customers need to be at the centre of GDPR plans

  Responding to a breach is not just about data, it is about taking care of, and protecting, customers  Continue Reading