Opinion
Opinion
IT security
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
How can organisations best defend against cryptojacking? Continue Reading
-
How the IT sector can help plug the cyber security skills gap
Businesses have a role to play in plugging the cyber security skills gap by engaging with future talent at a young age, providing more role models for under-represented groups, communicating the nature of the threat, and changing their approach to ... Continue Reading
-
SD-WAN needs software-defined security
Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected Continue Reading
-
Australian firms need to move faster in the digital age
Just over a tenth of IT professionals in Australia say their companies can roll out a new product in less than three months, despite operating in fast-moving markets with digitally savvy customers Continue Reading
-
Security Think Tank: Fileless malware not totally undetectable
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Patch, scan and lock down to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Human, procedural and technical response to fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Use layered security and patch management to defeat fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Multi-layered security key to fileless malware defence
What should organisations do, at the very least, to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Aim to detect and contain fileless malware attacks quickly
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Social engineering at the heart of fileless malware attacks
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: How to tackle fileless malware attacks
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
GDPR gotchas and how to handle them
We look at common problems organisations encounter when dealing with the EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018 Continue Reading
-
Hawaii missile alert: Why the wrong guy was fired
In January 2018, an employee at Hawaii’s emergency management agency sent out a false alarm of an imminent missile attack, and was subsequently fired – but perhaps poor system design is really to blame Continue Reading
-
Why police forces need to be honest about mass mobile phone surveillance
Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency Continue Reading
-
Mobile biometrics set to be game-changer in APAC
Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility Continue Reading
-
Security Think Tank: How to evolve SecOps capacity
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Take care of security basics before automating
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: How automation can reduce the load on the security operations team
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
3, 2, 1, GDPR: How to be prepared on 25 May
There are seven key areas organisations should review to ensure compliance with the General Data Protection Regulation, and even though the deadline is less than four months away, it is still not too late to start Continue Reading
-
Safer Internet Day: Building online safety practices with young people
Many organisations around the UK are contributing to the important work on making the internet a safer place for everyone Continue Reading
-
Security Think Tank: Approaches to strengthening security operations
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Europe’s shameful role in spy-tech exports that led to torture and jail
Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ... Continue Reading
-
Security Think Tank: Automating basic security tasks
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Don’t automatically automate security
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Establish best practice before automating security processes
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Humans and AI machines in harmony
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Zero in on your zero-day vulnerabilities
A zero-day attack comes, by definition, out of the blue. You cannot predict its nature or assess how much damage it might cause, but you can take some basic steps to protect yourself from a potentially crippling cyber strike Continue Reading
-
My brother Lauri Love should have the right to a trial in the UK
Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister Continue Reading
-
Why UK police are learning cyber forensics
The need for the UK police force to conduct forensic investigations on computers is nothing new, but a rapid escalation of cyber crime has demanded a different approach Continue Reading
-
A guide for businesses to China’s first cyber security law
Companies that break China’s new cyber security law may be fined or even have their licence to trade in the country removed Continue Reading
-
Dmarc email validation – we're doing it all wrong
Dmarc is a hugely important way to reduce email fraud – just ask HMRC – but it also makes email marketing campaigns far more effective Continue Reading
-
A history of hacking and hackers
A security professional’s view on criminal hacking has shifted away from the traditional stereotype of the hacker, towards a much more diverse cross-section of wider society Continue Reading
-
Will the review of Gov.uk Verify fix the UK's digital identity problems?
The rumoured review of the UK government’s identity assurance programme provides the ideal opportunity to fix problems and accelerate progress Continue Reading
-
Criminal law: Are Twitter threats taken seriously?
As threats of violence become increasingly common online, law enforcement is taking stronger action against the perpetrators Continue Reading
-
Security Think Tank: Focus on high risk by automating low-risk patching
How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive? Continue Reading
-
Security Think Tank: Patching is vital and essentially a risk management exercise
How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive? Continue Reading
-
Rethink risk through the lens of antifragility
Antifragility is an exciting alternative that fuses value and risk, and CIOs and IT executives are well positioned to help Continue Reading
-
Gov.uk Verify and identity assurance - it's time for a rethink
The government's Verify identity platform is not meeting user needs - it's time to step back and review how best to make online identity for public services work Continue Reading
-
What to do first when hit by a cyber attack
What actions should organisations take if they suspect they have suffered a cyber security incident? Continue Reading
-
The internet of things: an overview
Despite security and other concerns, there are many benefits associated with embracing the internet of things Continue Reading
-
Security Think Tank: Risk of DNS attacks goes beyond websites
What are the main security risks associated with DNS and how are these best mitigated? Continue Reading
-
Security Think Tank: Top three DNS-related security risks
What are the main security risks associated with the domain name system and how are these best mitigated? Continue Reading
-
Security Think Tank: Communication is key to cyber security in digital era
How can information security professionals help organisations to understand the cyber risks across increasingly digital businesses? Continue Reading
-
Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition
Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon Continue Reading
-
Consumer identity management is the core of real CRM
IAM + CRM is much more than simply IAM for external users, says Ivan Niccolai Continue Reading
-
Six essential processes for keeping data secure
Data security is increasingly vital for organisations as the countdown begins for compliance with new rules imposed by the EU’s general data protection regulation Continue Reading
-
Security Think Tank: Many breaches down to poor access controls
In the modern business environment, what are the most common access control mistakes – and how best are these corrected? Continue Reading
-
The problem with passwords: how to make it easier for employees to stay secure
An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading
-
Security Think Tank: Top five access control mistakes
In the modern business environment, what are the most common access control mistakes and what is the best way to correct them? Continue Reading
-
Life’s a breach: How to handle the press after a hacking attack
Emily Dent, specialist in crisis PR, offers some advice to organisations that unexpectedly find themselves in the headlines Continue Reading
-
Three things you may not know that DNS data can tell you
Big data tools can help network administrators gather new insights into security and performance from DNS data Continue Reading
-
Can legislation stop cyber crime?
Rising cyber crime suggests criminal law does not deter criminals and that a better legal solution is required to prevent further rises Continue Reading
-
Five questions every board should ask after Sony Pictures breach
What can the board do to avoid having to answer embarrassing questions at the next shareholder meeting? Continue Reading
-
The legal considerations of the internet of things
As with many new technologies, there are a number of tricky legal challenges to consider as part of widespread IoT adoption Continue Reading
-
Should you allow a bring your own device policy?
Employers are realising there are challenges presented by BYOD which, if not dealt with, could have a serious impact on the business Continue Reading
-
Living with Google Glass – not quite useful enough to overcome the dork-factor
Businesses will use Google Glass first, says Simon Dring after spending a few days living with the technology. Continue Reading
-
User acceptance testing needs real training, not just a short course
In spite of its importance, user acceptance testing (UAT) is often chaotic, problematic and ineffective Continue Reading
-
Technology, society and morality: the implications for technology leaders
Technology is evolving at a pace and scale that has never been experienced. Society is struggling to keep up with the social and moral implications Continue Reading
-
Who owns your LinkedIn account?
It is common for employees to use personal social networking accounts for work, but who actually owns those accounts? Continue Reading
-
Privacy concerns in the digital world
Considering the full spectrum of privacy, people need to ask themselves if they are comfortable with all their characteristics in the public domain Continue Reading
-
How to appoint a new outsourcing supplier
Outsourcing can come with its own security risks if not managed appropriately, making due diligence and clear contractual arrangements key Continue Reading
-
The dangers of internet cafés
Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay Continue Reading
-
The data fragmentation challenge
Few organisations have policies to guide where data should and should not be stored. The result: data fragmentation Continue Reading
-
The ideology of hacking
Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information Continue Reading
-
How to assess the security of a cloud service provider
As businesses continue to put more information online, understanding cloud suppliers and agreements has never been more important Continue Reading
-
The challenges of information governance in our increasingly litigious age
Formulating the right enterprise-wide information governance policies is essential in heading off potential legal and compliance costs Continue Reading
-
Securing the hypervisor: expert tips
There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances Continue Reading
-
Security Think Tank: You can’t protect what you don’t know you’ve got
IP theft: who should be tackling it and how? Continue Reading
-
How to survive a data breach
Six practical tips on how to prepare for and survive a data breach Continue Reading
-
The history of the next-generation firewall
Security expert Rik Ferguson explains how next-generation firewalls were developed and what protection they provide businesses. Continue Reading
-
Tackling the challenges of the next-generation firewall
Security expert Brian Honan shares top tips on installing and maintaining a next-generation firewall Continue Reading
-
Opinion: Is big data just big hype?
If the deluge of headlines and vendor marketing materials is anything to go by, big data is the next big thing. So how much is there really to all this big data talk? Continue Reading
-
Bridging the information gap
The pace at which modern business tends to move has resulted in a situation where centralised decision-making struggles to keep up. Continue Reading
-
Security Zone: The ISO/IEC 38500 IT Governance Standard
IT governance means different things to different folks, yet it is generally understood to require alignment with best practice standards and methodologies. However, it can be really hard to see the wood for the trees due to the multiple frameworks,... Continue Reading
-
Your shout: Security and skills
Have your say at computerweekly.com Continue Reading
-
SMBs' real risk of being online
Stuart King CISSP, is responsible for online security and risk assessment for the Reed Elsevier Group. Continue Reading
-
Who watches the watchers?
The Civil Aviation Authority must come clean about how it has policed Nats' computer systems Continue Reading
-
Solution: Internet misuse at work
Like the technology, Internet abuse appears to have proliferated in recent years. There are, however, two ways to tackle this... Continue Reading