Opinion

Opinion

IT outsourcing

• Three million empty seats: What can we do about the cyber skills shortage?

  Companies should look for candidates with the right skills potential, rather than insist they tick a hundred different security skills boxes  Continue Reading

• Currency markets causing choppy waters for UK outsourcing

  Anthony Drake, director at tech advisory ISG, explains how the UK government’s botched mini-Budget announcement raised the cost of IT outsourcing  Continue Reading

• Security Think Tank: Good procurement practices pave the way to app security

  Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS  Continue Reading

• Assessment and knowledge: Your key tools to secure suppliers

  There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal  Continue Reading

• Security Think Tank: Balanced approach can detangle supply chain complexity

  Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices  Continue Reading

• Supply chain security goes deep – forget this at your peril

  It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology  Continue Reading

• Consider governance, coordination and risk to secure supply chain

  A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on  Continue Reading

• Security Think Tank: Best practices for boosting supply chain security

  In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk  Continue Reading

• Security Think Tank: Basic steps to secure your supply chain

  When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail  Continue Reading

• Security Think Tank: Don’t trust the weakest link? Don’t trust any link

  Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must  Continue Reading

• Consistency is key to mitigate outsourcing risk

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• Security Think Tank: To follow a path, you need a good map

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• Security Think Tank: Your path to understanding attack paths

  The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these ...  Continue Reading

• How cyber security teams can conquer the four-day working week

  The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition  Continue Reading

• Subpostmasters won their David and Goliath battle, but initial goal still not reached

  Despite exposing the Post Office Horizon scandal, Alan Bates, the former subpostmaster who drove the campaign for the truth, says the goal of repaying people what they lost has not yet been achieved  Continue Reading

• Security Think Tank: Attackers leveraging the supply chain

  Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months  Continue Reading

• Five tips to bridge application management service gaps

  The watermelon effect is defined in the ITIL 4 Foundation guide as a breakage between the SLA client wants and what the service provider delivers  Continue Reading

• Supply chain cyber security is only as strong as the weakest link

  A spate of high-profile cyber attacks has highlighted the criticality of supply chain security and put new pressures on security leaders. How can we ensure that cyber security remains robust down the full length of supply chains?  Continue Reading

• Choose the right ITSM tool for digital era success

  IT service management (ITSM) tools are essential for many organisations to help optimise the design, delivery, support, use and governance of IT, but not all ITSM solutions are created equal, therefore selecting the right one is crucial  Continue Reading

• IR35 private sector reforms: What firms need to do now the start date has passed

  While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do  Continue Reading

• The Secret IR Insider’s Diary – from Sunburst to DarkSide

  From dealing with SolarWinds fallout to ransomware attacks, it’s been a busy few weeks for the Secret IR Insider, but they've picked up some new tricks along the way  Continue Reading

• Reimagining outsourcing after Covid-19

  Covid-19 has changed how businesses interact with their suppliers. Here are five steps companies can take to manage their outsourcing ecosystem in the post-pandemic world  Continue Reading

• How to modernise identity governance and administration

  Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure  Continue Reading

• Security Think Tank: Edge security in the world of Covid-19

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Edge datacentre security depends on specific needs

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: No secret sauce for edge security, just good practice

  That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Beware security blind spots at the edge

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Sharing responsibility: Why we need to work together to keep the cloud secure

  The education sector has been fundamentally altered by months of lockdown, with cloud services topping must-have lists for academic staff, but now it’s time to consider security  Continue Reading

• Challenging times and transformational opportunities for the outsourcing industry

  Every area of the technology sector has been affected by the uncertainty of the coronavirus pandemic, but the outsourcing industry could be well-placed to take advantage of the opportunities it presents  Continue Reading

• Coronavirus: What does the ‘new normal’ mean for how we work?

  Examining the long-term impact of the Covid-19 coronavirus pandemic on the world of work, security, privacy and networks  Continue Reading

• Learning from the Travelex cyber attack: Failing to prepare is preparing to fail

  The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department  Continue Reading

• The UK civil service is broken and needs reform to deliver true digital government

  Boris Johnson’s special adviser, Dominic Cummings, has attracted criticism for his plans to overhaul Whitehall culture, but one former government digital chief argues that he is absolutely right  Continue Reading

• Security Think Tank: Is data more or less secure in the cloud?

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Stopping data leaks in the cloud

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Life under the loan charge: An IT contractor’s story

  Thousands of IT contractors are being pursued by HMRC for “life-changing” tax bills for work they did up to 20 years ago, as part of a disguised remuneration clampdown known as the loan charge policy. One of those affected anonymously shares his ...  Continue Reading

• Security Think Tank: Base cloud security posture on your data footprint

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Cloud security is a shared responsibility

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security in the supply chain – a post-GDPR approach

  A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher's James Walsh reviews the fundamentals of supply chain security  Continue Reading

• Security Think Tank: Adapt security posture to your cloud model

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: The cloud needs security by design

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Secure the cloud when negotiating contracts

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: In the cloud, the buck stops with you

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Collaboration between local public services and industry is key to innovation

  The launch of the new London Office for Technology and Innovation is an opportunity to examine how industry and government can work together better to improve local innovation  Continue Reading

• What Belarus offers the tech sector

  Belarus might not be as well known for its IT as some of its neighbours, but it is pushing its head above the parapet  Continue Reading

• Mitigating third-party cyber risks in a new regulatory environment

  GDPR and the NIS Directive increase the focus on managing cyber security throughout the supply chain. Organisations need to check their suppliers are compliant  Continue Reading

• Security Think Tank: Supplement security with an MSSP to raise the bar

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Outsource security operations, not control

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Outsource responsibility, not accountability

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Almost all security can be outsourced, but not the risk

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Top things to consider in security outsourcing

  What critical security controls can be outsourced, and how do organisations – SMEs in particular – maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: A risk-based approach to security outsourcing

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Not all security service providers are created equal

  What critical security controls can be outsourced, and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Outsourcing is not dead or dying – it just needs to be done properly

  The collapse of Carillion and the profit warning at Capita have created a false sense of fear about the stability of the outsourcing sector  Continue Reading

• A new nearshoring game is emerging

  Countries selling themselves as nearshore business services locations need to change their sales pitches to avoid becoming like all the other countries doing the same  Continue Reading

• Revolutionising digital public service delivery

  Public sectors across the world are attempting a transition away from closed, top-down, bureaucratic, and paper-based transactional models  Continue Reading

• How to appoint a new outsourcing supplier

  Outsourcing can come with its own security risks if not managed appropriately, making due diligence and clear contractual arrangements key  Continue Reading

• The Great Deverticalisation – part 5: Mind the GaaP

  Politicians and government have the opportunity, through the power of open platforms, to take the lead in creating modern public services  Continue Reading

• The Great Deverticalisation - part 4: The role of the private sector

  Why do we persist in running vertically integrated organisations when standardising many of these processes would free us up to do things so much better, and more cheaply?  Continue Reading

• The Great Deverticalisation - part 3: New skills and structures in the public sector

  Why do we persist in running vertically integrated organisations when standardising many of these processes would free us up to do things so much better, and more cheaply?  Continue Reading

• The great deverticalisation – part 1: the street

  Why do we persist in running vertically integrated organisations when standardising many of these processes would free us up to do things so much better, and more cheaply?  Continue Reading

• Why the public sector is turning to multi-sourcing

  Sarah Burnett explains why the public sector is moving from single sourcing to multi-sourcing, in an age of austerity.  Continue Reading

• Software as a service can breed dependency so choose suppliers with care

  SaaS is not utility computing: it matters who delivers it and how  Continue Reading