Opinion

Opinion

IT governance

• Security Think Tank: AI in cyber needs complex cost/benefit analysis

  AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ...  Continue Reading

• Security Think Tank: Ignore AI overheads at your peril

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: The past and future of security automation

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: Balancing human oversight with AI autonomy

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: SIEM and AI – a match made in heaven?

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: Artificial intelligence will be no silver bullet for security

  AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ...  Continue Reading

• Security Think Tank: AI cyber attacks will be a step-change for criminals

  AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ...  Continue Reading

• Getting a project out in the open

  Open source has become widely accepted and used in corporate IT infrastructures, but IT leaders need to understand the potential pitfalls to make sure this approach brings the desired benefits  Continue Reading

• Security Think Tank: Get your house in order before deploying AI

  AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ...  Continue Reading

• Time to rethink business continuity and cyber security

  Business continuity and cyber security remain largely in separate silos, but changes in the IT and cyber threat landscapes mean there is an urgent need for organisations to alter their approach  Continue Reading

• Security Think Tank: ‘Shift left’ to secure containers

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Why UK needs independent oversight body for contact-tracing app

  The public needs and deserves clarity, and not just assurances, over the UK’s Covid-19 contact-tracing app  Continue Reading

• Too many data sources and too little consistency

  One of the biggest concerns that businesses have about their data is its quality, and quality of data is a governance issue  Continue Reading

• The importance of data accuracy in the fight against Covid-19

  With the right data, individuals and organisations can make the most informed decisions to keep people safer through the coronavirus pandemic and restart the economy at the right time and place  Continue Reading

• Security Think Tank: Container security starts with good DevOps practice

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Container security is evolving, so must CISOs

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Four steps to container security best practice

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• A view from the SOC: Maintaining security capabilities during the pandemic

  What are the challenges of maintaining security event and incident detection capabilities in these challenging times?  Continue Reading

• Build 2020: Avoiding AI problems

  It is early days for responsible artificial intelligence, but Microsoft aims to help companies avoid problems and improve the performance and quality of AI applications  Continue Reading

• How effective security training goes deeper than ‘awareness’

  Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same  Continue Reading

• Security Think Tank: Burnt out CISOs are a huge cyber risk

  Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?  Continue Reading

• Security Think Tank: Security teams are key workers and need support

  Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?  Continue Reading

• Four risks to data privacy and governance amid Covid-19

  EY privacy experts assess some of the novel risks to data privacy, protection and governance during the Covid-19 coronavirus pandemic  Continue Reading

• Security Think Tank: CISOs must adapt to fight Covid-19 burnout

  Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?  Continue Reading

• Why you should think before you Zoom

  Feel free to use Zoom during the coronavirus lockdown, but think before you discuss anything confidential  Continue Reading

• Security Think Tank: How to manage security team well-being

  Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout?  Continue Reading

• A legal perspective on data breaches and home working

  Legal experts from Fieldfisher share guidance on how to deal with cyber attacks during the coronavirus crisis, and what the ICO expects in terms of notification  Continue Reading

• Security Think Tank: Why and how cyber criminals exploit world events

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• Security Think Tank: Continuity planning doesn’t have to be complex

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• Coronavirus and privacy – finding the middle ground

  Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used  Continue Reading

• Why zero trust may not be all it’s cracked up to be

  While they are discussed ad nauseam in the security industry, zero-trust architectures may not be all they’re cracked up to be, according to analyst Sam Bocetta  Continue Reading

• Security Think Tank: A guide to security best practice for pandemics

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• Security Think Tank: Coronavirus crisis helps put security in context

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• Why ‘no breach’ is bad news for your compliance

  You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case  Continue Reading

• Is the EU better equipped than the US to supervise the use of facial recognition?

  Clearview AI can be an indispensable tool to reinforce national security, but there are many risks associated with the use of facial recognition technology that the EU might be better equipped to deal with than the US  Continue Reading

• The greatest contest ever – privacy versus security

  Examining the technical, legal and ethical challenges around the privacy versus security debate  Continue Reading

• Security Think Tank: Zero trust strategies must start small, then grow

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: Ask yourself if zero trust is right for you

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: How zero trust lets you take back control

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust ...  Continue Reading

• Security Think Tank: Practical steps to achieve zero trust

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: Zero trust is complex, but has rich rewards

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: Zero trust is not the answer to all your problems

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• The fight against cyber crime: Why cooperation matters

  With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today  Continue Reading

• Security Think Tank: Facing the challenge of zero trust

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: Zero trust – just another name for the basics?

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Learning from the Travelex cyber attack: Failing to prepare is preparing to fail

  The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department  Continue Reading

• Security Think Tank: Data-centric security requires context and understanding

  The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ...  Continue Reading

• Top tips for avoiding and dealing with data breaches

  Been hacked, lost a laptop or sent an email to the wrong address? Do you need to notify anyone and what should you do? Find out in this simple guide  Continue Reading

• How CI/CD helps digital organisations

  Developments in technology have transformed IT management practices. We discuss the management implications of using CI/CD to drive digitisation initiatives  Continue Reading

• Security Think Tank: Risk-based response critical to protect data

  The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ...  Continue Reading

• Security Think Tank: Time for a devolution of responsibility

  The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ...  Continue Reading

• Security Think Tank: Optimise data-centric strategies with AI

  The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ...  Continue Reading

• Cyber security: How to avoid a disastrous PICNIC

  Fieldfisher’s David Lorimer examines how individual employees often facilitate cyber attacks, and what can be done to reduce the risk  Continue Reading

• Liberal Democrats: We want to lead the world in ethical, inclusive technology

  Layla Moran, Liberal Democrat MP and party spokesperson for digital, culture, media and sport, writes about the party's technology policies ahead of the upcoming General Election  Continue Reading

• Ensuring your supplier onboarding process doesn’t undercut small suppliers

  Given the unprecedented speed of global business, many companies are increasingly dependent on a great many third-party suppliers  Continue Reading

• The super-resilient organisation

  We need to build super-resilient organisations that can not only survive in a tempestuous world, but become energised by it  Continue Reading

• Digital advancement means we're measuring the economy wrong

  When accountants work out how much UK business is investing in the future, it's stuck in a world of depreciated assets – ignoring the huge changes brought about by cloud and software as a service  Continue Reading

• Security Think Tank: Cloud security is a shared responsibility

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: The cloud needs security by design

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Secure the cloud when negotiating contracts

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: In the cloud, the buck stops with you

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Embedding security in governance

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making?  Continue Reading

• Gartner: Three Barriers to AI Adoption

  CIOs are set to include artificial intelligence in their IT strategy. Technical, legislative and cultural challenges could influence their AI ambitions  Continue Reading

• Security Think Tank: Focus on metrics to manage risk

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making?  Continue Reading

• Security Think Tank: Embed security professionals in your risk strategy

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making?  Continue Reading

• Security Think Tank: Risk management must go beyond spreadsheets

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making?  Continue Reading

• Security Think Tank: Consider risk holistically, not just from an IT angle

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making?  Continue Reading

• Security Think Tank: The operational approach to integrated risk management

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making?  Continue Reading

• Security Think Tank: Risk is unavoidable in digital transformation

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making?  Continue Reading

• Why the rise of IT managed by the business is driving creative thinking

  Organisations that encourage business units to implement and run their own IT systems have an edge over competitors that rely entirely on the IT department, research from Harvey Nash and KPMG reveals  Continue Reading

• How to avoid AI myopia

  Artificial intelligence holds much promise and is generating a lot of excitement, but it can have unintended consequences. Technologists need to avoid repeating the mistakes of the past  Continue Reading

• The UK must play a leading role in global collaboration on digital policy and ethics

  All countries must work together to ensure digital technologies such as AI are ethical and trustworthy – and the UK has an opportunity to be a global leader  Continue Reading

• Making threat intelligence greater than the sum of its parts

  Organisations can become more secure if they join up their varied sources of intelligence about business threats, and avoid losing valuable information within individual silos  Continue Reading

• Should we be worried that half of UK organisations don’t have a policy for the safe use of AI?

  As artificial intelligence becomes more mainstream, business leaders must be aware of the risks and make sure their firms do not build bias into AI algorithms  Continue Reading

• Audit services – the next frontier for tech giants?

  As data analytics, AI and automation technology advance, could we be about to see technology firms take on some of the responsibilities of the big financial audit firms?  Continue Reading

• Brexit and data protection: What’s next?

  PA Consulting assesses how a no-deal Brexit would affect the flow of data from the UK into and out of Europe  Continue Reading

• Feudal Lords and anarchic allies – the new models for software collaboration

  Software developers often take an unconventional view of contracts for the work they undertake, which can come back and bite them  Continue Reading

• Raising security awareness through phishing simulation – how to get it right

  Testing employees’ security practices by sending fake phishing emails has become commonplace, but few organisations are conducting such exercises effectively  Continue Reading

• Everyone, everywhere is responsible for IIoT cyber security

  Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive ...  Continue Reading

• Why the government should rethink the UK’s surveillance laws

  The European Court of Human Rights has made clear that the Snoopers’ Charter is an unlawful violation of people’s rights and freedoms  Continue Reading

• Better the data you know – how GDPR is affecting UK tech companies

  As the dust settles from the General Data Protection Regulation, the implications for technology firms in the UK are becoming clearer  Continue Reading

• Cyber security – why you’re doing it all wrong

  Most organisations can list the IT security tools and controls they have, so why do most of them still get the security basics wrong?  Continue Reading

• After the TSB debacle, is it time for IT people to run retail banking?

  Given that high-street banks are effectively little more than a computer system processing algorithms, would they be better off run by tech experts than bankers?  Continue Reading

• How a new ISO standard helps you take control of your IT assets

  The updated ISO standard 19770-1:2017 offers IT managers a way to bring their hardware and software assets under a single management standard  Continue Reading

• SAP licensing – reassuringly expensive?

  SAP’s recent settlement with AB InBev has again put audits and licensing under the spotlight. We look at how to get the best value and avoid fines  Continue Reading

• GDPR gotchas and how to handle them

  We look at common problems organisations encounter when dealing with the EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018  Continue Reading

• Europe’s shameful role in spy-tech exports that led to torture and jail

  Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ...  Continue Reading

• Security Think Tank: Encourage employees to use an approved messaging app

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• My brother Lauri Love should have the right to a trial in the UK

  Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister  Continue Reading

• The legal quagmire of creativity in artificial intelligence

  AI holds the promise to solve problems beyond the scope of human imagination. But if an AI can create, who owns its work?  Continue Reading

• Why Europe’s GDPR privacy regulation is good for business

  Organisations will need to become more sensitive about the way they handle personal information, but the General Data Protection Regulation (GDPR) also makes good business sense  Continue Reading

• A guide for businesses to China’s first cyber security law

  Companies that break China’s new cyber security law may be fined or even have their licence to trade in the country removed  Continue Reading

• Is it time to stop blaming organisations for being breached?

  The IT security industry needs to look at itself and its practices before blaming organisations that have been hit by cyber attacks  Continue Reading

• Max Schrems’s mass surveillance complaint knocked back another year or two by Irish judge

  Irish data protection commissioner Helen Dixon has neatly avoided having to deal with the US surveillance of Facebook users in Europe by referring a complaint by Austrian lawyer Max Schrems to the European Court of Justice  Continue Reading

• GDPR for the CIO: Data protection is about more than GDPR compliance

  If you approach GDPR as if compliance is all that matters, then you're bound to fail – data protection should be at the heart of business strategy  Continue Reading

• The children of the digital revolution

  Digital professionals are emerging as the source of expertise within the agile enterprise. They understand how to use digital technologies, starting small then building big  Continue Reading

• Legal hurdles cloud Max Schrems complaint over US spying

  The Irish High Court in Dublin has embarked on a long hearing into the legality of standard contractual clauses. It is a sideshow from the real issue – the legality of US surveillance in the UK and Ireland  Continue Reading

• The high price of not understanding how automation works with existing software licences

  Businesses must check their software licences before they introduce robotic process automation or they risk breaking the rules  Continue Reading

• How creative and innovative can technology made in China be?

  China's IT industry is becoming more Silicon Valley-like and, as a result, more attractive to the CIOs of western enterprises  Continue Reading

• GDPR: Five myths you will encounter on your compliance journey

  The General Data Protection Regulation comes into force in May 2018. We explore common myths surrounding GDPR  Continue Reading