Cloud security

An inside look at a Scattered Spider cyber attack

Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated Continue Reading

Cubbit DS3 Composer brings DIY cloud to object storage pool

Cubbit customers can now build and configure S3-compatible clouds from unused capacity and offer MSP-grade services with high levels of resilience, security and data sovereignty Continue Reading

How Gigamon is making its mark in deep observability

Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth Continue Reading

APAC cyber security workforce hits record high

The cyber security workforce in Asia-Pacific now stands at just under a million people, but demand for cyber security talent in the region continues to outpace supply Continue Reading

Data-sharing management gap highlights cyber risk, says report

Organisations are struggling to secure their use of communications tools to share data with third-party partners and suppliers, and in the process are exposing themselves to heightened levels of risk, according to a report Continue Reading

How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data

UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network Continue Reading

Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent

Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances Continue Reading

Loughborough Uni to create five cyber AI research posts

Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security Continue Reading

Networking and security teams converging

Study finds more than 80% of IT leaders are consolidating security and networking teams or have a management directive to improve collaboration, with 75% believing using one platform for both purposes would provide benefits across the board Continue Reading

Scottish biometrics watchdog outlines police cloud concerns

Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject to intrusive US surveillance laws Continue Reading

Can steel fences halt the march of cyber?

Cyber: for some, it’s a prefix that conjures up images of Dr Who’s silvery cyborg opponents. For others, it’s the equally science-fiction but very different image of Neuromancer-style cyberpunk ... Continue Reading

Where next for quantum computing?

In this week’s Computer Weekly, we talk to the head of Amazon’s Braket quantum computing services about how the technology is progressing. We go behind the scenes at an ethical hacker event to find out how bug bounty programmes work. And we analyse the offerings of the major players in software-defined storage. Read the issue now. Continue Reading

Top science journal faced secret attacks from Covid conspiracy theory group

A conspiratorial group of extreme Brexit lobbyists mounted an extraordinary campaign against one of the world’s most prestigious science journals – part of a series of joint investigations between Byline Times and Computer Weekly Continue Reading

Businesses disconnected from realities of API security

Business leaders feel confident they’ve got a handle on API security, but at the same time, incidents are through the roof, according to a report Continue Reading

How Akamai is driving growth in APAC

Akamai's managing director for the region outlines the company’s growth journey, how it sets itself apart from competitors, and its strategies to drive the next phase of growth Continue Reading

Automated cloud IR: Empowering cyber with AI-powered playbooks

As cyber threats increasingly target cloud infrastructure, demand for robust and reliable incident response measures is through the roof. Find out why you might want to consider bringing artificial intelligence into play Continue Reading

Security and risk management spending to grow 14% next year

Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024 Continue Reading

City of Las Vegas masters cyber incident response with Darktrace

The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence Continue Reading

38TB Microsoft data leak highlights risks of oversharing

An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing Continue Reading

Securing Eurovision’s online voting system against cyber attacks

In this week’s Computer Weekly, we discover how Once.net and Cloudfare defended the 2023 Eurovision Song Contest against cyber attacks. Our buyer’s guide continues to look at integrating software-as-a-service applications, with the governance of SaaS connectivity to the fore. Also, HCLTech’s Ashish Gupta relates how the company has embraced a new, pandemic-influenced, remote working model. And we find out how retail tech leaders influence their boards on transformation projects. Read the issue now. Continue Reading

Storm-0324 gathers over Microsoft Teams

An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks Continue Reading

AI-powered cloud SIEM: Real-time threat intel boosts defences

Thanks to their advanced data analysis and predictive capabilities, AI and ML will be valuable protective tools going forward. Learn about the potential of AI-backed cloud SIEM technology Continue Reading

How Netskope is driving growth in APAC

Netskope is growing at over 50% year on year in the Asia-Pacific region, but the single-vendor SASE supplier is not limiting its customers to its own offerings Continue Reading

Microsoft finds Storm-0558 exploited crash dump to steal signing key

Microsoft has published new information on how the Chinese state threat actor Storm-0558 was able to exploit a rare race condition following a crash dump in order to acquire a consumer signing key Continue Reading

Executive interview: ManageEngine president Rajesh Ganesan on the ‘three Ws’ of digital change

Today's IT management model must assume that the workforce can operate from any workplace and use any workload with ease and security, as the security and service management software supplier explains Continue Reading

How startup Once.net and Cloudflare secured the 2023 Eurovision vote

When the Eurovision Song Contest introduced paid-for public voting from outside Europe in 2023, it faced new cyber challenges. Learn how Dutch startup Once.net and Cloudflare teamed up to secure and support the big night Continue Reading

Google bets on AI-backed cyber controls for Workspace users

Zero-trust and digital sovereignty controls are the focus of a series of enhancements being made for Google Workspace users Continue Reading

MongoDB secures IRAP certification

MongoDB’s certification from Australia’s Information Security Registered Assessor Program will pave the way for federal government agencies to use its Atlas database service for protected workloads Continue Reading

CyberArk eyes growth beyond PAM

CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management Continue Reading

US Cyber Board to probe cloud security after latest Exchange hack

CSRB review of cloud security comes in the wake of a major Chinese cyber attack on US government bodies orchestrated through Microsoft’s cloud services Continue Reading

Datacentre management vulnerabilities leave public clouds at risk

At the annual DEF CON hacking convention, researchers from Trellix have disclosed multiple vulnerabilities in key datacentre products underpinning the world’s public cloud infrastructure Continue Reading

Plexal takes on new cohort for cyber security leadership scheme

Six more cyber security startup founders have been selected to take part in Plexal’s latest Cyber Runway Ignite programme, which is designed to help them develop their leadership skills Continue Reading

Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign

Microsoft shares intelligence on a newly observed Cozy Bear campaign that saw the APT take over genuine Microsoft 365 tenants and subvert them to try to phish its victims Continue Reading

Microsoft attacked over ‘grossly irresponsible’ security practice

The CEO of Tenable has launched a scathing attack on Microsoft, asserting that the organisation is deliberately keeping its Azure cloud customers in the dark about dangerous vulnerabilities and accusing it of a culture of ‘toxic obfuscation’ Continue Reading

Singtel adds Zscaler SSE to managed security services portfolio

Singtel teams up with Zscaler to offer a managed security service edge service as it looks to ramp up its enterprise business Continue Reading

How Indian organisations are keeping pace with cyber security

Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics Continue Reading

AI-enhanced cyber has potential, but watch out for marketing hype

As AI is a hot topic right now, it is no surprise there are some cyber solutions coming to market that have been thrown together in haste, but that said, genuine AI-powered security products do exist and their abilities could yet prove transformative. Continue Reading

NATO countries must coordinate their cyber forces to combat the Russian threat  

The top item on the agenda at the Vilnius NATO Summit this month was the revamping the alliance’s defences. Continue Reading

Cyber attack on IT supplier hits two major ambulance trusts

Ambulance trusts serving millions across southern England have been hamstrung for the past week after a cyber attack took down their hosted patient records system Continue Reading

CIO interview: Sean Green, University of East Anglia

In his role as director of digital and data at the University of East Anglia, Sean Green provides high-performance computing to researchers and manages the diverse needs of a campus with the characteristics of a small town, all while finding the time to study one of his passions Continue Reading

Enterprise communication security a growing risk, priority

Enterprise Strategy Group's Dave Gruber discusses survey results on security threats related to the use of email and other communication and collaboration tools. Continue Reading

Holidays and Awards – The Perfect Summer Marriage...

Well, it might be 2023, a world of geo-dispersed user bases, flexible working hours and networks that can be accessed and managed from anywhere, anytime but… still half the world of IT disappears ... Continue Reading

Hackers: We won’t let artificial intelligence get the better of us

AI is changing how ethical hackers go about their work, and will continue to do so, but the community is convinced the technology will never be able to replicate the creativity of a flesh-and-blood hacker Continue Reading

VMware ramps up on sovereign cloud in APAC

VMware is working with local partners to deliver sovereign cloud services in the region, amid growing sovereignty interests among governments and the need maintain business continuity Continue Reading

UK public increasingly concerned over NHS data sovereignty

Amid security concerns and AI advances, a majority of the British public still trusts the NHS to store and analyse their health data, but would prefer it remains domiciled in the UK Continue Reading

How Maxeon is forging the path to SASE

Maxeon Solar Technologies is building out its security service edge capabilities with an eye on a SASE implementation that combines best of breed offerings from different suppliers Continue Reading

Over half of ANZ organisations hit by ransomware

Amid the rising ransomware threat, almost four in five organisations in ANZ expect to pay a ransom if they could recover data and business processes Continue Reading

SASE Delivery - Is A PoP always a PoP? What to look for...

In my previous blogs I spoke of the delivery-related problems when there are no local PoPs, or the equivalent technology in place to successfully deliver those services, and how this potentially ... Continue Reading

Top Of The SASE PoPs

In my previous blog I noted how themes occur seemingly from nowhere, that are common among vendors from different spheres of IT. In this particular case it is various vendors I’m working with who ... Continue Reading

8 blockchain-as-a-service providers to have on your radar

You don't have to build your blockchain project from the ground up. These cloud-based service providers can provide the necessary infrastructure, networking and development tools. Continue Reading

Generative AI: Data privacy, backup and compliance

We look at generative AI and the risks it poses to data privacy for the enterprise, implications for backup, and potentially dangerous impacts on compliance Continue Reading

Phishing and ransomware dominate Singapore’s cyber threat landscape

Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene Continue Reading

Podcast: Cloud security, compliance and data classification

The rise of cloud has led to a proliferation of enterprise data and a rise in risk. We talk to Vigitrust CEO Mathieu Gorge about how to ensure compliance in a multicloud world Continue Reading

Prime minister Rishi Sunak faces pressure from banks to force tech firms to pay for online fraud

The UK’s major banks have told the prime minister to force tech firms to do more to prevent fraud that the banks end up paying for Continue Reading

How Fastly thinks differently about CDNs and the edge

Fastly is counting on its developer chops and different approaches towards security and other areas to compete with its rivals Continue Reading

Early June Microsoft outages were result of large-scale DDoS hit

Investigations into recent outages on Microsoft Azure and Outlook services have turned up evidence of a massive distributed denial-of-service attack Continue Reading

Podcast: Containers, Kubernetes, data protection and compliance

Containers offer benefits to application deployment, but they proliferate, so tracking them for compliance purposes can be a challenge. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading

Top Of The POPs

I always find it interesting when unanticipated themes crop up out of nowhere that are suddenly commonplace between multiple conversations with different vendors, especially vendors that are very ... Continue Reading

Almost all ransomware attacks target backups, says Veeam

Some 93% of ransomware attacks go for backups and most succeed, with 60% of those attacked paying the ransom, according to a Veeam survey Continue Reading

Two-thirds of all 2022 breaches resulted from spear phishing

Research by Barracuda Networks has found that, despite the low volume of spear-phishing attempts, the attacks are highly successful and have major consequences Continue Reading

Cohesity Turing aims AI tools at backup and ransomware

Backup supplier continues to enrich its ecosystem with more artificial intelligence for backup and ransomware, with chat-like reporting functions and new security partners in its alliance Continue Reading

How to secure your software supply chain

In this week’s Computer Weekly, our latest buyer’s guide looks at secure coding, and kicks off by examining the challenges of securing your software supply chain. Cyber law enforcement leaders are calling on firms to end the secrecy around ransomware attacks. And we find out how facial recognition technology is being adopted by retailers. Read the issue now. Continue Reading

CW APAC: Expert advice on security and threat intelligence

Organisations are all too aware of the importance of cyber defence. In this handbook, focused on security and threat intelligence in the Asia-Pacific region, Computer Weekly looks at the software supply chain, Mimecast’s email security, Australian data breaches and Singapore’s threat intelligence. Continue Reading

Scality pushes anti-ransomware features in Artesca object storage

Object storage specialist announces v2.0 of Artesca, with a heavy focus on functionality that can protect against ransomware such as object locking, sharding, backup to object etc Continue Reading

Incident response: How to implement a communication plan

Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started. Continue Reading

How Splunk is driving security automation

Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region Continue Reading

How datacentre operators can fend off cyber attacks

Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats Continue Reading

OVHcloud aims to bring Glacier-like cloud archive to Europe

OVHcloud makes Cold Archive GA with deep archive storage cheaper than AWS’s offer and all based on IBM 3592 tape hardware spread across four sites with Atempo backup Continue Reading

Security Think Tank: Thinking beyond IAM in the cloud

Looking beyond IAM, there are other aspects of securing public cloud environments that admins can reasonably expect to control Continue Reading

Inside BlackBerry’s cyber security playbook

BlackBerry’s president of cyber security discusses the company’s cyber security strategy and what it is doing to deliver an integrated set of capabilities for enterprises Continue Reading

Cyber Action Plan for Wales launched

The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country Continue Reading

Want to get cloud IAM right? Master the fundamentals

By getting the basics right, you’re setting yourself up for success to then can build more advanced and complex functionalities on top Continue Reading

Tenable opens playground for generative AI cyber tools

A set of generative AI cyber tools designed to help security researchers in reverse engineering, debugging and other areas of work have been made available for the community to experiment with Continue Reading

Google Cloud seals bug that could have led to data breaches

The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed Continue Reading

Cyber security and analytics propel jobs boost in Scotland’s tech sector

A tech industry survey from ScotlandIS indicates the country’s tech sector is set to grow, with cyber security as the hottest domain Continue Reading

CISOs under-supported, under pressure, Trellix finds

The vast majority of CISOs say they are finding it difficult to get sign-off on the resources they need to do their job Continue Reading

Could your employees’ use of ChatGPT put you in breach of GDPR?

Following Italy's run-in with OpenAI’s ChatGPT, legal expert Richard Forrest emphasises the necessity for additional scrutiny while using AI tools in a work environment, and practical guidance on doing so safely Continue Reading

Security Think Tank: Going beyond IAM for cloud security

Managing access and privilege across complex and powerful cloud tooling is not a straightforward task; but there are some key considerations that can help security teams stay on top of identities in the cloud Continue Reading

UK biometrics watchdog questions police cloud deployments

The UK biometrics commissioner has warned that policing and justice bodies must be able to demonstrate ‘immediately and unequivocally’ that their cloud deployments are lawful Continue Reading

Global finance firms take part in NATO cyber attack simulation

Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure Continue Reading

How organisations can succeed with zero trust

By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm Continue Reading

IT Priorities 2023: Cloud and disaster recovery top storage and backup plans

Cloud storage still the biggest project planned in data storage in 2023, with disaster recovery the most important area in data protection cited by TechTarget/Computer Weekly survey respondents Continue Reading

Cloud identity: Are you who you say you are?

As identity, rather than networking segmentation, becomes the primary determining factor in accessing cloud resources. ISACA’s Ser Yoong Goh highlights three trends driving cloud IAM Continue Reading

Focus on these three risky behaviours to boost cloud security

Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report Continue Reading

Why IAM systems are crucial for securing multicloud architecture

As business tools evolve into cloud-based services, organisations are finding themselves becoming ever more reliant on the cloud, but how can data be secured across so many different platforms? Continue Reading

Public cloud adoption set to surge in Australia

New and existing workloads are increasingly being migrated to public cloud, with two-thirds of Australian organisations already running cloud workloads in production in 2022 Continue Reading

Securing your software supply chain

Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains Continue Reading

Security Think Tank: Adopt a coherent framework for ID first security

With IAM central to enabling appropriate access to cloud-based services, identity first security is becoming a key trend for IAM in the cloud. Continue Reading

IBM's Nataraj Nagaratnam on the cyber challenges facing cloud services

Governments are introducing increasingly prescriptive data protection policies, but with organisations becoming ever more reliant on multiple cloud service platforms for essential business needs, how can they ensure they meet regulatory requirements? Continue Reading

Australia’s media and telecoms sector saw most data breaches in 2022

The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture Continue Reading

Reactive approach to cyber procurement risks damaging businesses

Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes Continue Reading

Podcast: Cloud storage, data protection and compliance

The lure of cloud storage hides its drawback, namely that you can lose control of it from a compliance perspective. We talk to Mathieu Gorge, CEO of Vigitrust, about how to tame it Continue Reading

Microsoft expands AI Copilot project into security realm

New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams Continue Reading

Why Veeam thinks ransomware warranty payouts are unlikely

Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts Continue Reading

Nordics move towards common cyber defence strategy

Nordic countries agree to work together to improve their cyber defences amid increasing threat Continue Reading

How Mimecast thinks differently about email security

Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades Continue Reading

Half A Rack In Half A Day: Building A Private Cloud

Having entered my 39th (gulp!) year in IT, it’s fair to say I’ve had to endure more than my fair share of IT hype and BS. Many are the times at live events I’ve done a tally chart on the number of ... Continue Reading

How Zscaler is cracking APAC’s cloud security market

Zscaler’s head in Asia-Pacific and Japan, Scott Robertson, talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading

Top 30 incident response interview questions

Job interviews are nerve-wracking, but preparation can help minimize jitters and position you to land the role. Get started with these incident response interview questions. Continue Reading

Podcast: 2023 compliance and storage outlook

Geopolitical instability casts its shadow as organisations must think about cyber attacks, data location and what to do if things change quickly. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading