Opinion

Opinion

Managing IT and business issues

• Security Think Tank: Steps to a solid data privacy practice

  Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world  Continue Reading

• The ransomware debate – to pay or not to pay?

  The debate around banning ransomware payments is highly nuanced, and we must take care to avoid overt victim-blaming, in favour of an open and honest approach, says SASIG’s Martin Smith  Continue Reading

• Security Think Tank: Data privacy not in isolation, but on a spectrum

  The gap between data privacy and data governance is narrowing, and security leaders need to be aware of the implications, says KuppingerCole’s Anne Bailey  Continue Reading

• Security Think Tank: Data privacy and ethics in a post-Covid world

  The radical change caused by the pandemic requires new approaches to data privacy practice, says PA Consulting’s Daniel Gordon  Continue Reading

• Firms struggle to manage their innovation ecosystems

  A lack of governance and performance mechanisms is hindering firms from getting the most out of suppliers in their innovation ecosystems  Continue Reading

• The unintended consequences of digital transformation

  Digital transformation offers organisations a way to change fundamentally the way they operate  Continue Reading

• Five tips to ensure your crisis comms plan is ready for a cyber attack

  Business leaders take note: standard crisis communications plans are inadequate if you have fallen victim to a cyber attack. HPL’s Ted Birkhahn shares five tips to make sure you are ready to face the public  Continue Reading

• Gartner: Purchasing enterprise PCs during a global chip shortage

  How can organisations purchase enterprise PCs during a global chip shortage? They need to outsmart the crisis  Continue Reading

• Security Think Tank: Consider cyber policies and procedures as you welcome employees back

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Sparsely staffed offices: the new post-pandemic cyber gap

  With many offices still operating at limited capacity, a red teaming expert reveals how his job is getting easier, and why this is a problem  Continue Reading

• The Secret IR Insider’s Diary: It’s all gone quie...

  The ‘Q’ word isn’t one that’s really used in incident response, says the Secret IR Insider, largely because as soon as you use it, something happens  Continue Reading

• Security Think Tank: A return to the office is not a return to normal

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Is tech team remuneration opening up a new form of cyber risk?

  Failing to reward cyber security staff in line with increases for other members of the tech team could open up new risks to organisations  Continue Reading

• Professionals need protection from the Computer Misuse Act

  The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act  Continue Reading

• Are you betting your future on the worst gambling odds in the world?

  Gambling is a high-risk strategy. Doing nothing in the face of the threat from ransomware and hoping for the best provides some of the worst odds you will ever come across  Continue Reading

• Security Think Tank: Reopening is an opportunity to reassess wider security posture

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Security Think Tank: As offices reopen, address patching and ‘build drift’

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Security Think Tank: Returning workers to the office: Is your security posture up to date?

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Going back to office networks, only to dismantle them once and for all

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• Security Think Tank: Hydration, hiring, hacking – lessons in post-Covid risk

  With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ...  Continue Reading

• How Covid-19 accelerated cloud investment in the financial world

  Cloud computing is no longer a thing of the future for banks that want to remain competitive  Continue Reading

• Banking tech fraud: How to trace and recover your money

  Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost  Continue Reading

• Shaping a Digital Strategy to support UK productivity and jobs

  With an all-party parliamentary group calling for evidence on digital skills, there are three key areas that policymakers should address    Continue Reading

• Why agility is the key to secure software

  Continuous delivery of software product releases demands continuous security. Businesses and regulators are right to wonder whether organisations are valuing cyber security by the design of their products  Continue Reading

• Security Think Tank: What must a secure print strategy take into account?

  Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account?  Continue Reading

• Security Think Tank: Steps to a coherent print security strategy

  Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account?  Continue Reading

• Security Think Tank: Printer risks go deep into IT history

  Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account?  Continue Reading

• Long-term thinking is vital to secure UK’s critical infrastructure

  To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie  Continue Reading

• Policies key to revolutionising Identity Governance and Administration

  The proliferation of digital identities, applications, data, security threats and compliance requirements means that Identity Governance and Administration (IGA) has never been more important, but not all organisations are approaching it in an ...  Continue Reading

• Post Office scandal: The rise of computers and the decline of English justice

  The Post Office prosecuted its subpostmasters up and down the country with a zeal that would not have embarrassed the Inquisition  Continue Reading

• Digital bootcamp initiative could kickstart new thinking about technology skills

  The government’s digital bootcamps initiative could help begin to shift the way we think about the roles of technology professionals  Continue Reading

• The shape of fraud and cyber crime: 10 things we learned from 2020

  While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises  Continue Reading

• Why the Post Office Horizon scandal kept me awake at night

  Reverend Richard Coles tells Computer Weekly why there needs to be a statutory public inquiry into the Post Office Horizon scandal  Continue Reading

• Why we need to reset the debate on end-to-end encryption to protect children

  Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent  Continue Reading

• Security Think Tank: Security culture must underpin vaccine passports

  What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Post Office’s full and final settlement with Horizon scandal victims in plain English

  The legal settlement with subpostmaster victims of the Horizon scandal that the government and the Post Office say is “full and final” is anything but  Continue Reading

• Security Think Tank: Vaccine passports must be secure by design

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• What has a year of home working meant for the DPO?

  Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months  Continue Reading

• Tech firms need to keep focusing on mental wellbeing and support

  Mental wellbeing is a critical issue for the tech sector as the pandemic has taken its toll, and employers are realising the importance of providing support to their staff  Continue Reading

• Security Think Tank: Attacks on CNI – an evolving frontier in warfare

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Take a realistic perspective on CNI cyber attacks

  In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: CNI operators must focus on core issues

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Reimagining outsourcing after Covid-19

  Covid-19 has changed how businesses interact with their suppliers. Here are five steps companies can take to manage their outsourcing ecosystem in the post-pandemic world  Continue Reading

• Security Think Tank: CNI operators are in an unenviable position

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Why your business needs SOC as a service

  Security in the digital era demands that businesses monitor their entire IT estate and resolve all alerts, but for many organisations the most effective way of doing that is SOCaaS  Continue Reading

• Why it’s fantastic to be a woman in the technology sector (and what’s stopping more from joining)

  The enforced move by many employers to flexible home working during the pandemic is challenging the culture of long hours in the office – and opening up new opportunities for women in tech  Continue Reading

• Budget 2021: Putting tech at the core of the plan for growth

  This week’s UK government Budget represents a great opportunity to place tech and digital as the cornerstone of UK economic growth after Brexit  Continue Reading

• Rogue drones beware: We’re here to ground you

  Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office  Continue Reading

• Security Think Tank: Towards a united state of security

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Why Brexit will make software licence transfers and database copyright harder for UK firms

  Brexit will make it more difficult for UK companies to sell unused software licences and to enforce their database rights in Europe. Firms will face a legislative disadvantage over AI-generated databases  Continue Reading

• Security Think Tank: Renewed US stability may ease cyber tensions

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• The ransomware routine: pages from the Secret IR Insider’s diary

  The Secret Incident Response Insider shares behind-the-scenes stories of what really happens after organisations are hit by cyber attacks – and shows how they could have been avoided  Continue Reading

• Security Think Tank: Are security teams the unsung heroes of 2020?

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Time to rethink stopgap solutions

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: It’s time to secure the collaboration revolution

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• UK government needs a digital reboot

  The appointment of new digital leadership is a welcome start to what – if the UK is to thrive in a post-Covid, post-Brexit world – must become a wholesale reboot of digital government  Continue Reading

• Security Think Tank: Plan for hybrid working to become normal

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Time for security teams to learn from Covid

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Don’t bet on a new normal just yet

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Why Jack Ma might be too good a tech entrepreneur for China's leaders

  Tech pioneer Jack Ma is facing new regulatory pressure from the Chinese authorities – is this some ideological spat, or simply that he's too good at what he does compared to the state-owned financial system?  Continue Reading

• The tech sector cannot build back better from the kitchen table

  While technology has supported the lockdown economy by allowing millions to work from home, the in-person collaboration and shared experience on which the tech sector thrives will need to return soon  Continue Reading

• Security Think Tank: Cyber effectiveness, efficiency key in 2021

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: The year of the work-from-home hangover

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• How to manage non-human identities

  Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach  Continue Reading

• It’s time to accept that disinformation is a cyber security issue

  Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge  Continue Reading

• A Covid-19 response to supply chain fragility

  The global pandemic, lockdowns and local lockdowns have required organisations to operate agile supply chains  Continue Reading

• Security Think Tank: Integration between SIEM/SOAR is critical

  SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• SMEs poised to reap tech and agility advantage in wake of Covid-19

  The UK’s small and medium-sized businesses have, in some respects, reacted more nimbly to Covid-19 than larger organisations. As a result, they have put themselves in a better position to take advantage of growth opportunities  Continue Reading

• SIEM or SOAR or both? Consider your business complexity first

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• Security Think Tank: SIEM and SOAR are far from mutually exclusive

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• Security Think Tank: Alerts are great, it’s what you do with them that counts

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• How to modernise identity governance and administration

  Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure  Continue Reading

• Why automation isn’t always an improvement

  Automation can help organisations run more efficiently, but only if the most inefficient steps in a business process are fixed first  Continue Reading

• From front line to back office – how supporting the cyber community keeps the NHS safe

  NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care  Continue Reading

• Brexit and risks to data privacy and governance

  EY privacy specialists assess the risks to data privacy, protection and governance on the table for businesses, with less than two months until Brexit  Continue Reading

• Overhaul business support with a focus on tech to help SMEs weather the Covid crisis

  The more digitally capable businesses have come through the pandemic in better shape - government needs to ensure that UK SMEs have the support in place to use tech to survive Covid-19  Continue Reading

• How to write an executive CV for IT leadership jobs

  Knowing how to write an IT executive CV requires a deep knowledge and skillset that not everyone has. Find out how to set yourself apart from the competition  Continue Reading

• Risk and reward: How to succeed in digital transformation

  Most organisations are seeking to step up their digital transformation efforts, but history has shown that such efforts can be doomed to failure if they take the wrong approach  Continue Reading

• Security Think Tank: Essential tools to mitigate double extortion attacks

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ...  Continue Reading

• Security Think Tank: Safeguarding PII in the current threat landscape

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ...  Continue Reading

• Security Think Tank: Essential tools to mitigate data loss and identity theft

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ...  Continue Reading

• Security Think Tank: Adapting defences to evolving ransomware and cyber crime

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ...  Continue Reading

• Security Think Tank: What you need to know about addressing the doxing threat

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ...  Continue Reading

• Security Think Tank: Tighten data and access controls to stop identity theft

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ...  Continue Reading

• Lapsing ISO certifications: Myth versus risk

  Allowing ISO certifications to lapse presents businesses with serious risks when workarounds are possible  Continue Reading

• Three steps to harden supply chains

  The coronavirus has shone a spotlight on the fragility of modern supply chains and the risk of having a single point of failure  Continue Reading

• The privacy and compliance challenges organisations face in 2021

  Privacy and compliance teams have a lot on their plate as 2021 approaches. What are the key issues to consider?  Continue Reading

• Covid-19 has changed how we think about cyber security forever

  Six months into the global pandemic, the true impact on the future of cyber security is beginning to look clearer, says Microsoft’s Ann Johnson  Continue Reading

• Gartner: Balance safety, privacy and productivity when employees return to the workplace

  Organisations may decide that data collection can help keep employees safe in a Covid-secure workplace – but employers must consider all the privacy and productivity implications  Continue Reading

• Tech executives need new skills to lead in a remote world

  After helping organisations adapt to new ways of working during the Covid-19 pandemic, IT leaders worldwide are now enjoying greater influence, according to this year’s Harvey Nash/KPMG CIO Survey  Continue Reading

• Digital leaders and the widening divide

  This year’s Harvey Nash/KPMG CIO Survey shows a widening of the digital business divide, with companies that have already adopted digital technologies more likely to accelerate those investments than those still in the planning stage  Continue Reading

• Why business resilience management should be high on the agenda

  Business resilience management is key to business survival in the face of rapidly changing IT, cyber threat and regulatory environments  Continue Reading

• Security Think Tank: Edge security in the world of Covid-19

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Edge datacentre security depends on specific needs

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: No secret sauce for edge security, just good practice

  That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Beware security blind spots at the edge

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Datacentre security is a business imperative

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Sharing responsibility: Why we need to work together to keep the cloud secure

  The education sector has been fundamentally altered by months of lockdown, with cloud services topping must-have lists for academic staff, but now it’s time to consider security  Continue Reading

• Security Think Tank: Seven steps to edge security

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading