Opinion

Opinion

• ISACA: Constantly mutating challenge

  The idea that enterprises have made great progress in locking down their infrastructure to protect end-users from malware may not be totally accurate...  Continue Reading

• ISSA: Traditional controls inadequate

  There is a common misconception that because an organisation has anti-virus, it must be safe, writes Raj Samani, vice president of ISSA  Continue Reading

• Gartner: Control devices and encrypt data

  As new and improved technologies appear in the mobile markets, and are adopted by businesses, so new threats...  Continue Reading

• Tif: Boundaries are blurring

  The idea that a boundary exists between "locked down" IT systems inside the corporate network and everything else operating outside it does not make as much sense as it once did...  Continue Reading

• Transforming NHS services requires flexible evolution, BCS delegates say

  "There is no point in informatics trying to enable a change in one direction when budgets are encouraging maintenance of the status quo," said Sheila Bullas, secretary of the BCS's Health Informatics Forum, at a recent BCS leadership debate on ...  Continue Reading

• BCS: Audit and educate

  Attend the likes of InfoSec to ensure you are up to date with the latest products and then seek the advice of an expert consultant to help in cutting through the snake oil ...  Continue Reading

• NCC: It's all about layers

  Working outside an organisation's physical domain brings certain responsibilities with it and the road warrior must take caution along in the kit bag...  Continue Reading

• Outsourcing: cost reduction in an economic slowdown

  With the dust from the credit crunch yet to settle, and real signs of tighter economic conditions ahead, most companies will be looking to rein in their spending in 2008.  Continue Reading

• If film directors can insure against failure, why not project managers?

  What's the difference between an IT project and bungee jumping? Answer: they are both pretty scary experiences,...  Continue Reading

• Sustainability and the CIO

  The management of ICT resources can have an enormous environmental impact, but many CIOs could be exposing...  Continue Reading

• ComputerWeekly.com IT blog awards 08

  Computer Weekly has launched a search for the best UK IT blogs, with its first ever IT blog awards.  Continue Reading

• IT law and governance blogs: Computer Weekly IT Blog Awards

  Help us to identify the best IT blogs in the UK by voting for your favourite in the IT Law and Governance category.  Continue Reading

• Electronic information sharing is key to effective government

  Over the past few years, the government has launched a number of initiatives to promote data sharing between public organisations including the NHS, Whitehall departments and police services. The government's determination to overhaul information ...  Continue Reading

• Security Zone: managing your organisation’s social network footprint

  As well as helping to minimise the chances of data theft and the ensuing bad publicity, information security professionals have a more proactive role in helping to protect their organisations in the 21st century, writes Paul Maloney, managing ...  Continue Reading

• Infosecurity 2008 - Developing infosecurity career paths

  Today more young professionals are choosing information security as a first career, bringing a post-graduate degree but little experience, writes John Colley, managing director EMEA of the International Information Systems Security Certification ...  Continue Reading

• Infosecurity 2008 - New defence strategy in battle against e-crime

  E-crime has evolved into a booming business. Viruses, malware and online crime have moved from hacking vandalism into a major shadow economy that closely mimics the real business world, including profit-driven organised cybercrime, writes Yuval ...  Continue Reading

• Infosecurity 2008 - Complying with security regulations is not enough

  The various legislation and industry standards that require businesses to protect sensitive data may drive us all a little nuts - the extra expense, investing the time to understand the new rules, business disruptions during the deployment process, ...  Continue Reading

• Infosecurity 2008 - Taking security into your own hands

  Fingerprint biometrics is emerging as the authentication method of choice for access to enterprise data, applications and networks, writes Jim Fulton, vice-president of DigitalPersona.  Continue Reading

• Infosecurity 2008 - Spam techniques reach new levels of sophistication

  Despite the proliferation of anti-spam solutions on the market, spam volume has reached epidemic proportions, writes Dan Hubbard, vice-president of security research at Websense.  Continue Reading

• Infosecurity 2008 - IT governance critical to addressing information risk

  Information and its conduits provide the lifeblood of the modern business, writes Alan Calder of IT Governance ....  Continue Reading

• Infosecurity 2008 - Seamless security for roaming workers

  Work for many of today's employees is no longer restricted to the traditional 'nine-to-five' work day or the office environment. In our age of high-speed internet communications, more and more people can travel routinely for work or telecommute from...  Continue Reading

• The battle for internet advertising

  The massive market for online advertising is one that affects every internet user. Many ISPs, search engines and websites depend on advertising revenue for funding, and in the absence of those funding sources would either have to pass on additional ...  Continue Reading

• Be sure of making the complete case

  Governments and administrations are transient. And however complex, they are simple when compared with the complexities that surround how ID cards may be taken to and applied by the population. ID cards are only part of the identity management ...  Continue Reading

• Benefits to the citizen have yet to be proven

  In asking whether the government has got the business case for ID cards right, we need to understand precisely what that business case is, writes Geraint Price of Information Security Group, Royal Holloway, University of London.  Continue Reading

• Now is the time for action

  The key to this topic for me was a quote from Home Secretary Jacqui Smith: "Individuals to have as much control and ownership of their own data as possible," writes Andrea Simmons, consultant forum manager, BCS Security Forum.  Continue Reading

• Global village to impact on working practices

  According to Howard Grosvenor, managing consultant at people performance specialist SHL, global changes will have a great impact on the way we work in the future. UK employees will need to be flexible enough to continually work across time zones, ...  Continue Reading

• Database administration security strategy

  Given the vital importance of the information held within corporate and government databases it is surprising that the security of these databases is often of unknown provenance.  Continue Reading

• From infrastructure to innovation: the CIO thought revolution

  Cloud-based platforms and developer tools are set to revolutionise the IT industry  Continue Reading

• Infosecurity Europe 2008: Inside threat greater risk to data protection

  IT security has fast become a data-centric issue. Data is the most valuable asset in an organisation and the IT department must protect it or find itself in the headlines like HMRC and the Ministry of Defence. But as companies adjust their data ...  Continue Reading

• Security forecast: smartphones

  The modern mobile phone comes in two basic varieties. The more secure version is a stripped down 2G phone with very little data functionality. There are still some issues related to 2G confidentiality. First is the possibility that someone will ...  Continue Reading

• Infosecurity Europe 2008: Security governance and the wealth of nations

  What possible link could there be between the writings of an 18th century economist and the management of information security in the 21st century?  Continue Reading

• Catching the authorised hacker

  A threat looming ever larger in the minds of IT leaders is the risk of data loss through inappropriate behaviour or...  Continue Reading

• Seamless security for roaming workers

  Work for many of today's employees is no longer the traditional nine-to-five day or the office environment...  Continue Reading

• Which comes first: compliance, security or operability?

  The task of managing risk has changed dramatically, writes Raj Samani of ISSA UK...  Continue Reading

• Secret questions blow a hole in security

  It's a mystery to me why websites think "secret questions" are a good idea, writes Bruce Schneier, chief...  Continue Reading

• Letter from Richard Thomas: End pernicious trade in personal data

  The following is a letter by the information commissioner, Richard Thomas. It is reproduced from the Independent newspaper on 2 April 2008.  Continue Reading

• How to be big but agile

  The arguments for an agile approach to IT, particularly agile software development, are well established,...  Continue Reading

• Security is a management issue

  Many people in the UK still see security predominantly as an IT problem. But it's not it's a business one...  Continue Reading

• Sometimes the real threat is right under your nose

  Organisations often believe they need procedures to protect their databases from misuse by hackers outside the organisation, writes Jimmy Desai of law firm...  Continue Reading

• Towards another dotcom boom?

  At the University of Southampton's School of Electronics & Computer Science, we have just witnessed a major increase in computer science undergraduate numbers. In fact, our recent intake of 94 undergraduates, which is 20% higher than last year, is ...  Continue Reading

• Tackling the network eavesdropping risk

  Why do network security problems persist? While wireless network security issues continue to make current headlines, attention has been drawn away from the fact that wired networks are often affected by many of the same weaknesses. As a result, our ...  Continue Reading

• It pays to ask your IT provider, but don’t demand

  Ask any service provider and they will tell you about their struggles to manage the expectations of some clients, writes Phil Morris. Ask any IT professional and they will give an example of how their service providers just weren't doing what was ...  Continue Reading

• Data Centres Europe 2008 open for registration

  The BCS is the organisation sponsor for this year's 4th Data Centres Europe 2008 conference, which will be held 10 to 11 April, in London  Continue Reading

• Get a grip on your IT assets

  Licensing software should be simple. The IT department can keep track of IT assets such as desktop PCs, laptops and servers, so it should know what software is running. Unfortunately, the dynamics of business means software audits quickly go out of ...  Continue Reading

• Making Projects Work spring school to teach management skills

  The latest PROMS-G spring school, entitled Making Projects Work, will offer attendees the chance to improve their project management skills.  Continue Reading

• Infosecurity Europe to showcase latest technology

  Infosecurity Europe is Europe's number one dedicated information security event and yields a comprehensive convergence of information security professionals. It addresses today's strategic and technical issues in an education programme, and ...  Continue Reading

• IBM patent row: ensure protection at the agreement stage

  You do not expect to get sued when you buy IBM software, but that is exactly what happened to one US customer.  Continue Reading

• RFID, data security and the law

  The European Commission's new consultation on RFID...  Continue Reading

• Look before you leap into renegotiating an outsource deal

  The chancellor's downward revision of the 2008-09 UK growth forecast to 1.75%-2.25%...  Continue Reading

• Is software as a service the answer for SMEs?

  The more grey-haired among us grew up in an era before the personal computer, when our first experience of computing was often a teletype linked at just a few hundred bits/sec to a timeshared mainframe, writes Jim Norton. The dream in those days was...  Continue Reading

• The business can't abdicate its project responsibility

  A couple of years ago I was parachuted into a government project to review its requirements. The customer...  Continue Reading

• CIOs can win with a high-octane strategy

  CIOs working in the banking and financial services arena are continually dancing to a familiar tune: the relentless pursuit of efficiency as a key driver of sustainable business growth. That's a very simple thing to say - but damned difficult to ...  Continue Reading

• System administrators are biggest risk to corporate data

  My baby is leaving home, aged 23. We are now negotiating what he is legitimately allowed to take with him. First up is the TV. When you're setting up your own home, it's important to get your priorities right. The other main item is the door keys. ...  Continue Reading

• Rising to the challenge of modern systems

  With new technologies springing up at a prodigious rate, IT managers are under increasing pressure to satisfy growing demands, writes Jim Close, senior vice-president and UK country manager at Software AG.  Continue Reading

• Information security: learn the lessons of the Sumo

  Over the course of my career, it has become clear to me that Japan's national sport offers a perfect analogy for the current state of information security.  Continue Reading

• Adding invoice automation to SAP adds up

  Whether you're the chief finance officer, chief information officer or accounts manager, the financial, management and operational advantages of adding invoice automation to SAP certainly add up - to 60% cost and efficiency savings, writes Kurt De ...  Continue Reading

• Speakers at BCS event unravel data privacy issues

  "We need to question the assumption that the imperative to share personal data can only be thought of in terms of catering to the needs of society rather than safeguarding the privacy or confidentiality of the individual," said a delegate at the BCS...  Continue Reading

• UK firms report jump in spend on e-discovery systems

  Corporate attitudes and spending on the management of electronically stored information (ESI) for legal and regulatory matters are changing.  Continue Reading

• Darling fails to deliver

  After 50 minutes of soporific buzz words and statistics, it became clear that, for IT at least, Alistair Darling's Budget had very little to offer.  Continue Reading

• Information commissioner seeks greater powers

  The recent reported loss of HMRC discs containing child benefit details has once again thrown back into the spotlight whether the information commissioner should be given greater powers to deal with breaches of the Data Protection Act 1998, say ...  Continue Reading

• IT can keep the UK flying high

  If the UK is to maintain its position as a leading world economy, its productivity must improve, writes Paul Coby, CIO of British Airways. Research by the...  Continue Reading

• Sharpen up your data protection act

  The collection and use of personal information is essential to the functioning of businesses, but IT departments...  Continue Reading

• Information security: the story of the suicidal kangaroo

  The Information Security Forum (ISF) has designated 2008 the "Year of Security Awareness", but saying something new can be tricky. Here Rob Hadfield, a security awareness specialist for ISF member British Airways, shares his struggle for inspiration  Continue Reading

• The Puzzler: find squares made of two digit primes

  The wonderful world of recreational mathematics  Continue Reading

• Better exploitation of IT could add £35bn to UK economy

  Recent research from e-skills UK has shown that making the most of technology could boost the UK economy by £35bn over the next five to seven years, writes Karen Price, CEO of e-skills UK. In England alone this equates to between £1bn and £5bn per ...  Continue Reading

• Royal Holloway: Control the controllers

  So what really happened at Société Générale?  Continue Reading

• Management buy-in essential

  Until the management of large organisations understands the need for the ongoing maintenance of IT security systems, and fully supports it, employees will continue to evade controls and commit fraud.  Continue Reading

• Protect controls as well as systems

  Vigorous and independent audits are key in underpinning the controls that safeguard your systems against fraud.  Continue Reading

• Take a holistic approach

  People, motive, opportunity and means: you need to cover all the angles if you're serious about protecting the organisation.  Continue Reading

• Control is the key

  You need to get the security fundamentals right, and then ensure your controls can be (and are) effectively enforced.  Continue Reading

• Access management comes first

  Sure, tools are useful, but only after you have identified which staff need which information, and you have processes in place that can deliver and control that access.  Continue Reading

• Put your faith in standards to keep staff on the straight and narrow

  Implementing the right security standards is the best way to stop insider fraud.  Continue Reading

• Choose your open source partner with care

  Linux has traditionally been ignored by the larger systems integrators because of its slow organic growth, and the niche has largely been filled by two-man bands enjoying their moment in the spotlight, writes Peter Dawes-Huish. Neither has ...  Continue Reading

• Meet the business continuity manager's new best friend

  IT and information security professionals have a new best friend. That indispensable buddy is, believe it or not, a standard: business continuity management standard BS 25999 to be precise.  Continue Reading

• Traditional application development processes doom web projects to failure

  It is no secret that web projects fail, but it is lesser known that traditional application development approaches are the single biggest factor in this failure. Why? And what straightforward steps can be taken to reduce time to market, increase ...  Continue Reading

• Government's IT training cuts are deeply damaging

  Apart from a narrow list of exempt courses, the government has withdrawn support from students wishing to retrain in vital subjects. Needless to say, ICT isn't on the list, writes Rob Wilson, shadow minister for higher education.  Continue Reading

• 'We Think' promises to drive innovation

  The endless restructuring of the past three decades provides the backdrop for the rise of alternative, collaborative and less hierarchical ways to organise ourselves through the web: forms of organisation that rely on what I call "We Think".  Continue Reading

• Security Zone: information security economics for the individual

  Security, like news, is sexy when it's sensational: the hackers are coming, the country will succumb to cyber attack any day now, and anyone can steal your identity. But how many people have given their password some real thought?  Continue Reading

• Cold calling is damaging the reputation of offshoring

  Most industry observers agree that the delays caused by the recent undersea internet cable failures were a nuisance but that, by and large, the problem was dealt with quickly and effectively  Continue Reading

• The boundaryless network

  The idea of "my network" and "your network" is effectively obsolete.  Continue Reading

• A lean and green supply machine

  Inefficient transport methods in the modern supply chain contribute significantly to global warming. In fact, as much as 75% of a company's carbon footprint comes from transportation and logistics alone, according to a recent analyst report.  Continue Reading

• UK has lessons to learn from Hong Kong on ID cards

  Whether citizens like it or not, their governments are anxious to know everything about them.  Continue Reading

• Readers' photos: Oldest kit

  Check out the highlights from round one of our Hardware Hoarders photo competition to find the oldest IT equipment hoarded by Computer Weekly readers, and why they've kept it.  Continue Reading

• Pressure to perform can lead to abuse of IT in finance houses

  If ever a reminder were needed that technology is not context-free, the case of Société Générale trader Jérôme Kerviel has provided one.  Continue Reading

• CIO strategies for thriving in an economically uncertain world

  In the Gartner Executive Programs 2008 CIO survey, the average CIO's expectation was that their IT budget would be rising by just more than 3% in 2008, writes Dave Aron, vice-president and research director in Gartner Executive Programs.  Continue Reading

• Limit your liability from social networking

  Although Tif members find that allowing staff to use social networking sites can have advantages in terms of knowledge sharing and market research, they also see that the risks of using such sites must be understood and managed  Continue Reading

• Policies hold key to social networking security threat

  Certain personal online activities can help maintain employee productivity. The question is, when does fair use become a concern for the HR department and line management?  Continue Reading

• Gartner’s at-a-glance guide to social networking risks

  Gartner research director Andrew Walls sets out the security risks in using social networks.  Continue Reading

• Social networking security is a people issue

  For the corporate body of knowledge, social networking sites can be a leech - is your health and safety record with HR or YouTube is appraisal information best gleaned from FaceBook?  Continue Reading

• Social networking: corporate risks, individual risks

  As a result of the strong human desire to connect, social networking websites have encouraged online behaviour where security and privacy are not always the first priority  Continue Reading

• Why the stock options backdating scandal will not hit the UK

  The former CEO of a US tech giant will have 21 long months in which to rue the day he ever heard of stock option backdating. Brocade Communications' Gregory Reyes has been sent to prison for 21 months and fined £7.5m for backdating options.  Continue Reading

• A greater social networking threat on the horizon

  How long will it be before one of the social networking sites gives simple remote access from PC to PC?  Continue Reading

• Social networking: would you shout your details in the street?

  By using social networking sites, are you not providing potential attackers with a virtual Post-it note to your information, and ultimately your identity?  Continue Reading

• Soft skills and hard facts

  Last year a survey by the US Society of Information Management listed the top 10 professional concerns of CIOs. The issues are perennial and remain essentially the same in the UK, although they might not be listed in the same order:  Continue Reading

• Industry collaboration key to meeting the skills challenge

  Commenting on Microsoft research into the skills needed for future business success, Bill Gates highlighted that the high-fliers of tomorrow will be those that continue to develop a strong and diverse skill set. "If you look at the most interesting ...  Continue Reading

• The road ahead for IT security leaders

  If CIOs are going to make the most of opportunities for using IT to fuel business transformations and become engaged in experimentation with software as a service, virtual worlds, Web 2.0 and the full realm of other new and emerging technologies, ...  Continue Reading

• Don't panic over 'ban' on security tools

  Oh, dear golly gosh, are they going to make computer security tools illegal? Spare me.  Continue Reading

• The positive side of regulatory compliance

  When I was working at MCI WorldCom - now Verizon - at the end of 2004, talking to yet another auditor about controls, I did not think that I would ever be looking back with nostalgia.  Continue Reading

• How to combat the Sans Institute's top 10 security threats

  Timothy Mullen, vice-president of consulting services at NGS Software, offer advice on protecting your systems from the most pressing cyber threats of 2008  Continue Reading

• Get it write: writing rules for IT professionals

  IT hiccups, I've had a few, and usually an IT expert has fixed them for me. Problems have arisen only when the said expert has advised...  Continue Reading