IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
27 Feb 2023
How Dell is future-proofing its business
Dell Technologies is building a more resilient supply chain, investing in growth areas like edge and multicloud, and responding to shifts in consumption models to position itself for long-term growth Continue Reading
-
E-Zine
20 Jan 2023
CW APAC January 2023 – Trend Watch: CIO Trends
As we enter a new year, it remains vital for IT leaders to keep track of the latest developments across the industry. In this handbook, focused on CIO trends in the Asia-Pacific region, Computer Weekly looks at predictions for 2023, how the Australian Red Cross managed a donation surge, Mondelez’s digital transformation and Singapore’s public sector IT strategy Continue Reading
-
News
21 Mar 2023
Ferrari rejects ransom demand after cyber attack
Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data Continue Reading
-
News
21 Mar 2023
Ransomware gangs harass victims to ‘bypass’ backups
Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order Continue Reading
-
News
20 Mar 2023
BBC cracks down on TikTok after review
The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences Continue Reading
-
News
17 Mar 2023
CIO interview: Russ Thornton, chief technology officer at Shawbrook Bank
Russ Thornton swapped life on the theatre podium for financial services IT, but thrives in an environment where orchestrating IT teams is a core skill Continue Reading
-
News
17 Mar 2023
UK government to create code of practice for generative AI firms
The code will look to strike a balance between copyright holders and generative AI firms so that both parties can benefit from the use of copyrighted material in training data Continue Reading
-
Feature
17 Mar 2023
The changing role of the CIO from a Finnish perspective
A small country with a sophisticated workforce, Finland has its own perspective on how IT leadership is changing in both the public and private sector Continue Reading
-
News
16 Mar 2023
BEC attacks doubled in 2022, outstripping ransomware
Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks Continue Reading
-
News
16 Mar 2023
TikTok banned on UK government devices
The UK government has followed in the footsteps of its US and European counterparts and banned the use of Chinese social media app TikTok on official devices Continue Reading
-
News
15 Mar 2023
Chinese Silkloader cyber attack tool falls into Russian hands
A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators Continue Reading
-
News
15 Mar 2023
Microsoft patches Outlook zero-day for March Patch Tuesday
A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading
-
News
14 Mar 2023
AI interview: Elke Schwarz, professor of political theory
Elke Schwarz speaks with Computer Weekly about the ethics of military artificial intelligence and the dangers of allowing governments and corporations to push forward without oversight or scrutiny Continue Reading
-
News
13 Mar 2023
MI5 to oversee new National Protective Security Authority
The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets Continue Reading
-
Feature
13 Mar 2023
Generative AI at watershed moment with spate of legal challenges
Just over 20 years ago, Napster was closed on copyright grounds for allowing users to access digital copies of music for free. Now, a spate of legal cases have experts questioning whether OpenAI and other generative AI innovators will go the same way Continue Reading
-
Feature
13 Mar 2023
Gartner: Use digital to achieve sustainability goals
Sustainability guides decision-making by incorporating economic, social and environmental impacts. Gartner looks at digital technology’s role Continue Reading
-
News
10 Mar 2023
Technology minister Michelle Donelan defends data reforms
Secretary of state Michelle Donelan has defended the government’s new data reforms as providing certainty for businesses while simultaneously retaining high standards of data protection, but industry figures are having mixed reactions Continue Reading
-
News
08 Mar 2023
UK government introduces revised data reform bill to Parliament
Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards Continue Reading
-
Feature
07 Mar 2023
What can security teams learn from a year of cyber warfare?
With the passing of the first anniversary of Russia’s invasion of Ukraine, we reflect on the ongoing cyber war, and ask what security leaders can learn from the past 12 months Continue Reading
-
News
07 Mar 2023
Taking back control: Could a distributed model breed a better AI?
AI tools such as ChatGPT are trained on datasets scraped from the web, but you don’t have much say if your data is used. Technologist Bruce Schneier says it’s time to give control of AI training data back to the people Continue Reading
-
Podcast
06 Mar 2023
Podcast: 2023 compliance and storage outlook
Geopolitical instability casts its shadow as organisations must think about cyber attacks, data location and what to do if things change quickly. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading
-
News
06 Mar 2023
Lords Committee to investigate use of AI-powered weapons systems
House of Lords to investigate the use of artificial intelligence in weapons systems, following UK government publication of AI defence strategy in June 2022 Continue Reading
-
Opinion
05 Mar 2023
Computer says no. Will fairness survive in the AI age?
New forms of regulation will be needed to safeguard against the risks posed by AI Continue Reading
-
News
03 Mar 2023
White House unveils National Cybersecurity Strategy
The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise Continue Reading
-
News
02 Mar 2023
AI interview: Michael Osborne, professor of machine learning
Artificial intelligence researcher speaks with Computer Weekly about the implications of a market-driven AI arms race and the overwhelming dominance of the private sector over the technology Continue Reading
-
Feature
01 Mar 2023
Backup testing: The why, what, when and how
We look at backup testing – why you should do it, what you should do, when you should do it, and how, with a view to the ways in which it will be made easier by forthcoming developments in backup software Continue Reading
-
News
28 Feb 2023
Industrial safetytech startups secure £150m funding since 2020
Industrial safetytech investment reached a record high of $100m in 2021, and remains significantly ahead of pre-pandemic funding levels despite a dip in 2022 Continue Reading
-
News
28 Feb 2023
Post Office’s most senior executives hushed up Horizon errors, public inquiry told
The Post Office messaging strategy was designed to reassure staff that the Horizon accounting system was robust after Computer Weekly first revealed problems in 2009 Continue Reading
-
Opinion
28 Feb 2023
Security Think Tank: Training can no longer be a compliance exercise
Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading
-
Opinion
28 Feb 2023
Software for environmental, social, and corporate governance
In the last few years there has been an explosion in software to track and report on ESG data in financial services. What are the main features to look out for? Continue Reading
-
News
27 Feb 2023
Advanced digital resiliency can save organisations millions
Businesses that build out their digital resiliency are not only more secure, they also have more opportunities to innovate with IT Continue Reading
-
Opinion
27 Feb 2023
Cyber training in 2023 needs to drive measurable change
2023 will see more focus on security training programmes that not only provide employees with an understanding of the risks they face but more importantly drive measurable behavioural change, says PA Consulting’s Richard Allen Continue Reading
-
News
27 Feb 2023
How Dell is future-proofing its business
Dell Technologies is building a more resilient supply chain, investing in growth areas like edge and multicloud, and responding to shifts in consumption models to position itself for long-term growth Continue Reading
-
News
24 Feb 2023
UK police have ‘culture of retention’ around biometric data
A culture of retention around biometric data in UK policing is damaging public trust, says UK biometrics commissioner, who is calling for clear regulation to govern police use of biometric technologies Continue Reading
-
News
22 Feb 2023
UK HSE to launch regulatory sandbox for industrial safety tech
The sandbox will see the regulator work with industry and tech startups to accelerate the development and adoption of a range of safety-related technologies, with a particular emphasis on data and analytics Continue Reading
-
News
22 Feb 2023
UK forces lead live-fire cyber war exercise
The seven-day Defence Cyber Marvel 2 exercise put cyber responders from 11 countries through their paces Continue Reading
-
News
22 Feb 2023
Half of cyber leaders to switch jobs by 2025, citing stress
A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study Continue Reading
-
News
21 Feb 2023
Care provider’s IT capability expands to support wider sector and beyond
Care Plus’s IT operation went from being under NHS control to an autonomous department selling its services Continue Reading
-
News
21 Feb 2023
Royal Mail resumes full export service after cyber attack
Royal Mail resumes the last of its international services as it recovers from a ransomware attack, while the Post Office offers postmasters compensation for their lost business Continue Reading
-
Opinion
21 Feb 2023
Cyber security training: Insights for future professionals
Future cyber security professionals need soft skills as well as technical ones, says security educator Sudeep Subramanian Continue Reading
-
News
20 Feb 2023
Veeam bundles backup products into Veeam Data Platform
Backup and data protection specialist Veeam upgrades and rebrands, with a focus on the challenges of ransomware and rapid recovery, and a claimed 500 new functions Continue Reading
-
News
20 Feb 2023
Twitter 2FA changes bring more risks than benefits
Twitter’s approach to nudging users away from insecure SMS-based 2FA is being questioned over its logic Continue Reading
-
Feature
20 Feb 2023
Accreditation key to enterprise security
We look at how industry-recognised certification enables security chiefs to improve the strength of their security team Continue Reading
-
News
17 Feb 2023
CIO interview: Hans van der Waal, director of global IT, Travelex
Travelex has weathered a storm that saw it sink into administration, before emerging to solidify its digital foundations for the future Continue Reading
-
Podcast
16 Feb 2023
Enterprise open source: A Computer Weekly Downtime Upload podcast
We speak to Spotify’s open source tech lead, Per Ploug, on supplier relationship management in open source Continue Reading
-
News
16 Feb 2023
Mock crime prediction tool profiles MEPs as potential criminals
Developed by Fair Trials, the example crime prediction tool uses the same information as police systems to assess the likelihood of someone committing a crime in the future Continue Reading
-
News
16 Feb 2023
Financial advisory firm Succession Wealth probes cyber attack
Aviva-owned wealth consultancy and financial advisory practice Succession Wealth was hit by an undisclosed security incident on 8 February Continue Reading
-
Opinion
16 Feb 2023
Security Think Tank: New trends and drivers in cyber security training
Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading
-
News
15 Feb 2023
Home Office partners with BAE Systems on border analytics
BAE Systems wins three-year contract worth £38m to help Home Office develop Cerberus, a project to secure UK borders through advanced data systems and analytics Continue Reading
-
News
15 Feb 2023
Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs
Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off Continue Reading
-
Opinion
15 Feb 2023
What charities should know about ransomware and reputational threats
The NCSC recently called for charities to elevate their cyber security practice. Find out why charities are a soft target for cyber criminals, and what they can do to fight back Continue Reading
-
News
15 Feb 2023
Microsoft fixes three zero-days in February update
February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver Continue Reading
-
News
14 Feb 2023
Vidar, nJRAT re-emerge as prominent malware threats in January
Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry Continue Reading
-
News
14 Feb 2023
UK authorities clamp down on illegal crypto ATMs
The Financial Conduct Authority and West Yorkshire Police have disrupted a number of illegal crypto ATMs Continue Reading
-
News
14 Feb 2023
OSC&R framework to stop supply chain attacks in the wild
The backers of a new MITRE ATT&CK style framework called OSC&R hope to help organisations get to grips with threats to their software supply chains Continue Reading
-
Opinion
14 Feb 2023
How to protect your business from fraud during a recession
This winter, the chilly winds of a global recession have fraudsters turning up the heat. PJ Rohall of SEON Fraud Fighters shares some guidance on how to bundle up against fraud Continue Reading
-
Opinion
13 Feb 2023
What’s the technology talent and recruitment outlook for 2023?
Despite layoffs from technology companies demand for IT staff in 2023 is expected to be robust, but organisations may turn towards contractors and off-shoring Continue Reading
-
News
13 Feb 2023
Russian spear phishing campaign escalates efforts toward critical UK, US and European targets
Russian hacking group Seaborgium refines its tactics in a continuation of attacks against targets including not-for-profit organisations with geopolitical affiliations Continue Reading
-
Podcast
13 Feb 2023
Tech sector lay-offs in the round – Computer Weekly Downtime Upload podcast
The team talks about tech sector job losses in the round, with possible bright spots for corporate IT and contractors, and data and hybrid working strategies at the Very Group Continue Reading
-
News
13 Feb 2023
KPMG launches metaverse and digital twin hub in Saudi Arabia
The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores Continue Reading
-
News
13 Feb 2023
Security buyers lack insight into threats, attackers, report finds
The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report Continue Reading
-
News
13 Feb 2023
Police tech needs clear legal rules, says biometrics regulator
Police use of artificial intelligence and facial recognition needs to be controlled by strict rules and mechanisms to ensure public trust Continue Reading
-
Feature
13 Feb 2023
Cyber security training: How to be as secure as is practicably possible
If you cannot secure all the people all the time, how should a business approach cyber security training and awareness programmes? Continue Reading
-
News
10 Feb 2023
Social media platform Reddit breached in phishing attack
An unspecified threat actor obtained access to internal documents, code and business systems at Reddit after stealing employee credentials in a phishing attack Continue Reading
-
News
09 Feb 2023
New Border Force unit to deploy more surveillance tech in Channel
Newly established Small Boats Operational Command (SBOC) will deploy a range of surveillance technologies in the English Channel in an attempt to deter crossings Continue Reading
-
News
09 Feb 2023
UK imposes sanctions on Conti ransomware gang leaders
Seven Russian nationals associated with the Conti and Ryuk ransomware operations have been sanctioned by the UK Continue Reading
-
Opinion
08 Feb 2023
Security Think Tank: Poor training is worse than no training at all
Bad security training is a betrayal of users, a security risk, and ultimately a waste of money, but there are some reasons to be optimistic about the future, say Mike Gillespie and Ellie Hurst of Advent IM Continue Reading
-
News
08 Feb 2023
Campaigners lament lack of movement on Computer Misuse Act reform
Westminster has opened a new consultation on proposed reforms to the Computer Misuse Act of 1990, but campaigners who want the law changed to protect cyber professionals have been left disappointed Continue Reading
-
News
07 Feb 2023
LockBit cartel finally claims Royal Mail ransomware attack
The LockBit ransomware gang claims it has stolen sensitive data from Royal Mail and will leak it later this week if its demands go unmet Continue Reading
-
News
07 Feb 2023
Benelux CIO interview: Marijn Grevink, leader of digital transformation, Mars
In an interview with Computer Weekly, the digital head at Mars, Marijn Grevink, takes the wrapper off digital transformation at the company in the Netherlands Continue Reading
-
News
06 Feb 2023
Online banks still riddled with cyber security flaws, report says
Online bank Virgin Money was found to have the weakest online and application security measures in a Which? study but Nationwide, TSB and The Co-Operative Bank all failed on multiple points, too. Continue Reading
-
News
06 Feb 2023
Post Office branches struggling after Royal Mail cyber attack
Royal Mail has restored almost all of its international services to some extent, but remains unable to accept parcels bought over the counter in a Post Office branch Continue Reading
-
News
06 Feb 2023
The Security Interviews: How to overcome data protection compliance challenges
Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how? Continue Reading
-
News
06 Feb 2023
Ransomware operator turns their fire on two-year-old VMware bug
A vulnerability in VMware ESXi servers that users should have patched in 2021 is now being exploited to spread ransomware Continue Reading
-
News
03 Feb 2023
LockBit gang confirms Ion cyber attack as disruption continues
The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February Continue Reading
-
News
03 Feb 2023
FCA cracks down on misleading promos by social media influencers
Social media is becoming a major part of the FCA’s work in clamping down on misleading financial advertising and promotions, with multiple influencers rapped for their behaviour Continue Reading
-
Opinion
03 Feb 2023
Security Think Tank: In 2023, we need a new way to cultivate better habits
Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress Continue Reading
-
News
03 Feb 2023
MEPs vote to amend platform worker directive
MEPs have voted in favour of amendments to the European Commission’s platform worker directive that would introduce a presumption of employment and increase algorithmic transparency Continue Reading
-
News
02 Feb 2023
Goodbye NHS Digital – a new era of NHS technology is upon us
As NHS Digital is officially merged into NHS England, Computer Weekly takes a look at the history of the organisation and what the merger could mean for the future of NHS IT Continue Reading
-
News
02 Feb 2023
Suspected LockBit ransomware attack causes havoc in City of London
A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders Continue Reading
-
News
02 Feb 2023
Arnold Clark customer data was stolen in Play ransomware attack
Arnold Clark confirms data leaked on dark web was stolen from its systems in ransomware attack Continue Reading
-
News
01 Feb 2023
Cisco fixes two bugs that could have led to supply chain attacks on users
Two vulnerabilities uncovered in Cisco hardware could have opened the door to serious supply chain cyber attacks, according to the Trellix researchers who found them Continue Reading
-
News
01 Feb 2023
Cloud security top risk to enterprises in 2023, says study
A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year Continue Reading
-
News
01 Feb 2023
Malware variant can block contactless payments
Kaspersky warns that the latest variant of the Prilex malware can block contactless payments to force people to insert cards, enabling criminals to steal money Continue Reading
-
News
01 Feb 2023
UK Cyber Council and ISACA launch audit, assurance programme
The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros Continue Reading
-
Opinion
01 Feb 2023
Tips on improving cyber training for home workers
How better security training can help firms tackle new cyber threats facing remote workers Continue Reading
-
News
31 Jan 2023
GitHub warns Desktop, Atom users after code-signing certificates pinched
Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users Continue Reading
-
News
31 Jan 2023
MI5 unlawfully collected and held millions of people’s data
Secretive court finds MI5 knowingly acted unlawfully in use of bulk surveillance warrants, and the Home Office continued granting warrants despite information the agency was operating outside the law Continue Reading
-
Opinion
31 Jan 2023
Three outsourcing trends to look out for in 2023
ISG's Andreas Fahr outlines three IT sourcing trends to look out for in the coming year. Continue Reading
-
News
31 Jan 2023
MPs warned of AI arms race to the bottom
Expert tells Parliamentary committee that tech companies developing artificial intelligence are cutting corners and placing safety on the backburner, opening up ‘enormous risks’ for the future of AI Continue Reading
-
News
30 Jan 2023
Data of 10 million JD Sports customers accessed in cyber attack
Data on 10 million people who shopped online at JD Sports over a two-year period was accessed and potentially stolen in a cyber attack Continue Reading
-
News
27 Jan 2023
Lords question ‘extensive’ government online safety powers
Digital minister Paul Scully defends government Online Safety plans to give secretary of state powers to direct Ofcom Continue Reading
-
News
25 Jan 2023
NCSC exposes Iranian, Russian spear-phishing campaign targeting UK
Spear-phishing campaigns likely linked to Iranian and Russian espionage activity are targeting persons of interest in the UK, warns the NCSC Continue Reading
-
News
25 Jan 2023
Arnold Clark cyber attack claimed by Play ransomware gang
A cyber attack that struck car dealer Arnold Clark prior to Christmas has been claimed as the work of the Play ransomware cartel Continue Reading
-
News
25 Jan 2023
Boards struggle to resolve cyber risk in digital supply chains
Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk Continue Reading
-
News
24 Jan 2023
UK insurers need to up their game on cyber gaps, says PRA
Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority Continue Reading
-
News
24 Jan 2023
Nationwide Building Society CIO to join Co-operative Bank
Gary Delooze to join Co-operative Bank as CIO after six years heading up Nationwide Building Society’s IT department Continue Reading
-
News
24 Jan 2023
SSRF attacks hit 100,000 businesses globally since November
There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers Continue Reading
-
News
24 Jan 2023
Fake online contest makes Yahoo! most phished brand of Q4 2022
Yahoo! was the most frequently phished brand during the last three months of 2022, according to a report Continue Reading
-
News
23 Jan 2023
CIO interview: Ed Higgs, group director of IT shared services, Rentokil Initial
The pest control provider has consolidated 77 datacentres globally to just three – but with a corporate culture of acquisitions, there’s still a lot more to do Continue Reading
-
News
23 Jan 2023
Trellix automates patching for 62,000 vulnerable open source projects
Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months Continue Reading
-
Opinion
23 Jan 2023
The rise of fraud in pop culture is impacting consumers’ digital trust
Shows such as The Tinder Swindler and Inventing Anna were big money-earners for Netflix in 2022, but Onfido’s Mike Tuchen says their popularity risks damaging consumer trust Continue Reading