IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
11 Jul 2025
MoD supply chain cyber scheme gets up and running
The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance. Continue Reading
-
News
11 Jul 2025
UK to create ‘governance framework’ for police facial recognition
Home secretary Yvette Cooper has confirmed UK will regulate police facial recognition, citing police reticence to deploy systems without proper governance, but declined to say if any new framework will be statutory Continue Reading
-
News
11 Jul 2025
UK online safety regime ineffective on misinformation, MPs say
A report from the Commons Science, Innovation and Technology Committee outlines how the Online Safety Act fails to deal with the algorithmic amplification of ‘legal but harmful’ misinformation Continue Reading
-
News
11 Jul 2025
European Commission accused of rigging data watchdog appointment
The European Commission has been accused of rigging the selection process for the next European Data Protection supervisor Continue Reading
-
News
10 Jul 2025
Government funding to help SMEs protect their IP
Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property Continue Reading
-
News
10 Jul 2025
Four arrested in M&S cyber attack investigation
Police have made four arrests in connection with a trio of cyber attacks on UK retailers Marks & Spencer, Co-op and Harrods Continue Reading
-
News
08 Jul 2025
July Patch Tuesday brings over 130 new flaws to address
Microsoft patched well over 100 new common vulnerabilities and exposures on the second Tuesday of the month, but its latest update is mercifully light on zero-days Continue Reading
-
News
08 Jul 2025
M&S calls for mandatory ransomware reporting
The government should extend ransomware reporting mandates to businesses to help gather more intelligence and better support victims, says M&S chairman Archie Norman Continue Reading
-
News
08 Jul 2025
AI for Good: Signal president warns of agentic AI security flaw
Secure by design is a mantra of the tech sector, but not if it’s agentic AI, which wants ‘root’ access to everything Continue Reading
-
News
08 Jul 2025
SEC and SolarWinds to settle lawsuit over 2020 breach
The US SEC and SolarWinds have reached a settlement in principle to resolve litigation over alleged security failings that led to the 2020 compromise of the supplier’s Orion platform by Russian cyber spies Continue Reading
-
News
08 Jul 2025
NHS trust accused of ‘at best cavalier, at worst deceitful’ behaviour after deleting emails
A London hospital trust faces allegations it withheld key evidence from a tribunal hearing after one of its directors attempted to destroy more than 90,000 emails Continue Reading
-
Podcast
07 Jul 2025
Gartner’s view on AI security: A Computer Weekly Downtime Upload podcast
We speaker to Gartner's Nader Heinen about why access control should be built into enterprise AI Continue Reading
-
News
03 Jul 2025
Fine-tuning to deliver business AI value
Foundation AI models offer knowledge that spans the internet, but they generally lack an understanding of proprietary business data and processes Continue Reading
-
News
02 Jul 2025
US CISA agency extends Iran cyber alert, warns of CNI threat
The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran Continue Reading
-
News
02 Jul 2025
Scattered Spider link to Qantas hack is likely, say experts
A developing cyber attack at Australian airline Qantas that started at a third-party call centre is already being tentatively attributed to Scattered Spider. Find out more and learn about the next steps for those affected Continue Reading
-
News
02 Jul 2025
Dutch study uncovers cognitive biases undermining cyber security board decisions
Dutch research reveals how cognitive biases can lead to catastrophic security decisions Continue Reading
-
News
02 Jul 2025
Enterprise AI adoption moving beyond experimentation
Moe Abdula, vice-president of customer engineering at Google Cloud, discusses the shift from AI experimentation to production, and the role of infrastructure and agentic platforms Continue Reading
-
News
01 Jul 2025
Cloudflare to let customers block AI web crawlers
Publishers and other providers of creative content now have the option to block AI crawlers from accessing and scraping their intellectual property with new tools from Cloudflare. Continue Reading
-
E-Zine
01 Jul 2025
Empowering professionals
In this week’s Computer Weekly, we put HMRC’s online IR35 status checker under the microscope, after an FOI response revealed usage of the tool has plummeted over the past three years. We also hear how GenAI is being put to the test to enhance the customer experience for users in the healthcare and financial services space, before turning our attention to how AI is changing the way LinkedIn meets its users’ needs. Read the issue now. Continue Reading
-
Opinion
30 Jun 2025
Better governance is required for AI agents
The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions Continue Reading
-
Opinion
30 Jun 2025
Why AI reliability is the next frontier for technical industries
AI is no longer a futuristic idea — it’s embedded in the core operations of many of today’s industries. But can we trust its outputs? Continue Reading
-
News
30 Jun 2025
Gartner: Build trust in data before betting the business on AI
At its Data & Analytics Summit in Sydney, Gartner analysts advised businesses to prioritise data trust over artificial intelligence hype and outlined the coming era of autonomous business processes guided by AI agents Continue Reading
-
News
27 Jun 2025
Citrix Bleed 2 under active attack, reports suggest
Days after news emerged of a Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors are taking advantage of the critical vulnerability Continue Reading
-
News
27 Jun 2025
Scattered Spider cyber gang turns fire on aviation sector
Multiple reports are emerging of cyber attacks on airlines – Google Cloud’s Mandiant believes them to be linked Continue Reading
-
News
27 Jun 2025
Over 2 million affected by US supermarket breach
Belgian-Dutch supermarket operator Ahold Delhaize reveals that more than two million people, including employees, had their data compromised following a November 2024 ransomware attack Continue Reading
-
News
27 Jun 2025
MPs propose ban on predictive policing
MPs are attempting to amend the UK government’s forthcoming Crime and Policing Bill so that it prohibits the use of controversial predictive policing systems Continue Reading
-
News
27 Jun 2025
Silicon Valley execs sworn in to US Army reserves specialist unit
Four technology executives are brought into the military to make the armed forces ‘more lethal’, reflecting softening attitudes throughout the sector towards ‘the business of inflicting violence’ Continue Reading
-
News
26 Jun 2025
British hacker IntelBroker faces years in a US prison cell
US authorities have unsealed charges against 25-year-old hacker Kai West, aka IntelBroker, accusing him of being behind multiple cyber attacks Continue Reading
-
News
26 Jun 2025
Glasgow Council services remain offline a week after cyber attack
Disruption continues a week after core services at Glasgow City Council were forced offline following a cyber attack on a third-party IT services provider Continue Reading
-
News
25 Jun 2025
Latest Citrix vulnerability could be every bit as bad as Citrix Bleed
A Citrix NetScaler flaw that was quietly patched earlier in June is gathering widespread attention after experts noted strong similarities to the Citrix Bleed vulnerability that caused chaos in late 2023 Continue Reading
-
News
24 Jun 2025
UK ransomware costs significantly outpace other countries
UK organisations hit by ransomware attacks paid much higher ransoms than in other countries over the past 12 months, according to study Continue Reading
-
News
24 Jun 2025
CMA consults on Google’s search dominance
The Competition and Markets Authority is consulting on whether Google should be designated with strategic market status Continue Reading
-
News
23 Jun 2025
Widening Middle Eastern war increases cyber risk
With the entry of the US into the widening Middle Eastern conflict, cyber risk is likely to increase across the board Continue Reading
-
News
23 Jun 2025
Police to gain powers to grab online data when they seize phones and laptops
Academics and civil liberties experts say that proposed ‘authoritarian’ powers to allow police to trawl online and cloud services used by owners of seized devices should require approval from a judge Continue Reading
-
News
20 Jun 2025
Cyber Essentials certifications rising slowly but steadily
The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme Continue Reading
-
News
20 Jun 2025
M&S, Co-op attacks a ‘Category 2 cyber hurricane’, say UK experts
The UK’s Cyber Monitoring Centre has published its first in-depth assessment of a major incident, reflecting on the impact of and lessons learned from Scattered Spider attacks on M&S and Co-op Continue Reading
-
News
20 Jun 2025
UK data reforms become law
UK passes wide-ranging data protection reforms to ‘simplify’ organisations’ sharing and processing of data, but questions remain whether changes will be accepted by European Commission when renewing UK data adequacy Continue Reading
-
Opinion
20 Jun 2025
Beyond the AI hype: How data laws quietly handed power to government and Big Tech
The UK is at risk of becoming an ‘algorithm state’ as the government hands more power to Big Tech and reduces the rights of individuals Continue Reading
-
News
20 Jun 2025
Dutch cloud pioneers face the hard limits of digital sovereignty
The Netherlands’ ambitious talk of digital independence meets the unforgiving economics of global cloud dominance Continue Reading
-
News
17 Jun 2025
Cyber action plan kicks off to ‘supercharge’ UK security sector
UK government says its cyber growth action plan will provide a large boost to Britain’s security industry as it sets out to create a roadmap for future growth Continue Reading
-
News
17 Jun 2025
Scattered Spider widens web to target insurance sector
Following a series of high-profile attacks on prominent retailers and consumer brands, the Scattered Spider cyber crime collective appears to be expanding its targeting to the insurance sector Continue Reading
-
News
11 Jun 2025
NHS IT the big winner in Reeves’ Spending Review
The chancellor of the exchequer has significantly upped spending on digital and technology initiatives in the current Spending Review period, with the NHS receiving a 50% tech funding increase Continue Reading
-
Opinion
11 Jun 2025
Cyber security beyond compliance: Why resilience is the new boardroom imperative
Cyber security has been everything from a tick-box exercise to a compliance headache for organisations - but the pressing threats we face mean cyber resilience must become a boardroom issue Continue Reading
-
Opinion
11 Jun 2025
Investor behaviour in the wake of cyber's 'black swan' moment
So-called Black Swan events expose the blind spots in even the most sophisticated forecasting models, signaling a need to rethink how businesses, and those investing in them, quantify and prepare for cyber risk. Continue Reading
-
News
11 Jun 2025
Cyber Bill at risk of becoming a missed opportunity, say MPs
An APPG report warns that the government’s flagship cyber security legislation is too narrow in its scope and risks missing opportunities to embed resilience at the heart of the British economy Continue Reading
-
News
10 Jun 2025
Open source a ‘force multiplier’ for AI innovation
From powerful large language models to the next wave of AI agents, the open-source community is driving innovation and setting the agenda for the entire field, according to leaders at KubeCon + CloudNativeCon China Continue Reading
-
News
10 Jun 2025
Third-party security weaknesses threaten Europe’s big banks
Security breaches via third parties increased by 25% at Europe’s largest finance firms Continue Reading
-
Feature
09 Jun 2025
Are we normalising surveillance in schools?
Children and teenagers are subjected to a vast array of surveillance technologies in schools. These are intended to keep them safe, but are we normalising surveillance for young people? Continue Reading
-
Feature
09 Jun 2025
What happens if Silicon Valley’s AI investment bubble bursts?
US tech giants are burning through unprecedented amounts of capital to develop artificial superintelligence, but authoritarian regimes around the world could keep the pursuit of a techno-utopian future alive when the bubble subsides Continue Reading
-
News
06 Jun 2025
UK ICO publishes AI and biometrics strategy
The UK data regulator has outlined how it will approach the regulation of artificial intelligence and biometric technologies, which will focus in particular on automated decision-making systems and police facial recognition Continue Reading
-
Opinion
06 Jun 2025
How to increase business value with AI agents
To overcome the complexity of deploying agentic AI at scale, organisations must mix and match capabilities, understand key limitations, and take an agile approach to implementation Continue Reading
-
News
05 Jun 2025
HMRC phishing breach wholly avoidable, but hard to stop
A breach at HMRC saw innocent taxpayers tricked into letting scammers impersonate them through simple phishing attacks leading to account takeover. Such attacks are avoidable, but hard to stop Continue Reading
-
Opinion
05 Jun 2025
CISOs: Don't block AI, but adopt it with eyes wide open
The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions. Continue Reading
-
News
05 Jun 2025
UK’s error-prone eVisa system is ‘anxiety-inducing’
People experiencing technical errors with the Home Office’s electronic visa system explain the psychological toll of not being able to reliably prove their immigration status in the face of a hostile and unresponsive bureaucracy Continue Reading
-
News
04 Jun 2025
Put ROCs before SOCs, Qualys tells public sector
Putting risk operations before security operations may help government agencies and other public sector bodies better manage the myriad threats they face, and make better decisions for the security of all Continue Reading
-
News
04 Jun 2025
NCSC sets out how to build cyber safe cultures
The UK’s National Cyber Security Centre has published guidance for security teams and leaders on how to foster accessible and appropriate cyber security cultures in their organisations Continue Reading
-
News
04 Jun 2025
SXSW London: Risk of AI removing choice
The modern era, where AI speeds up day-to-day chores, is undermining creativity and the ability to make choices Continue Reading
-
News
04 Jun 2025
Microsoft outlines three-pronged European cyber strategy
Microsoft chair Brad Smith outlines an expansive cyber programme targeting governments across Europe with enhanced threat intelligence and support Continue Reading
-
News
04 Jun 2025
European Commission should rescind UK data adequacy
Civil society organisations have urged the European Commissioner to not renew the UK’s data adequacy, given the country’s growing divergence from European data protection standards Continue Reading
-
Opinion
04 Jun 2025
Fortifying the future: The pivotal role of CISOs in AI operations
The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions. Continue Reading
-
News
04 Jun 2025
Open source adoption faces reality checks
Industry leaders lauded the power of open source to drive innovation but warned that its adoption requires significant effort, due diligence and a clear understanding of inherent complexities and licensing challenges Continue Reading
-
Opinion
03 Jun 2025
Preparing for AI: The CISO’s role in security, ethics and compliance
The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions. Continue Reading
-
News
03 Jun 2025
SailPoint charts course for AI-driven identity security
SailPoint is driving the use of agentic AI in identity security with its Harbor Pilot offering while preparing to help enterprises govern and secure AI agents Continue Reading
-
News
02 Jun 2025
US cyber agency CISA faces stiff budget cuts
CISA is one of several US agencies facing drastic budget cuts under the Trump administration Continue Reading
-
Opinion
02 Jun 2025
The hidden security risks of open source AI
The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions. Continue Reading
-
News
02 Jun 2025
Cyber and digital get over £1bn to enhance UK’s national security
The government has set out plans to spend over a billion pounds on digital and cyber warfare capabilities to enhance the UK’s ability to defend itself and fight offensive wars Continue Reading
-
Opinion
02 Jun 2025
AI security: Balancing innovation with protection
The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based initiatives and ensure employees do not inadvertently leak data or make bad decisions. Continue Reading
-
News
02 Jun 2025
AI should be used to improve boardroom efficiency
Artificial intelligence is not just for business efficiency. Company boards should deploy the technology to support their own processes Continue Reading
-
Opinion
30 May 2025
Rethinking secure comms: Are encrypted platforms still enough?
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what CISOs can learn from this potentially fatal error Continue Reading
-
Feature
30 May 2025
How cyber security professionals are leveraging AWS tools
It’s now essential for IT security teams to have oversight of cloud computing, and AWS offers a plethora of tools to make managing it easier. Find out how cyber pros are using them in the wild Continue Reading
-
Opinion
30 May 2025
What VMware’s licensing crackdown reveals about control and risk
An assessments of the risks VMware customers on perpetual licences now need to consider Continue Reading
-
Opinion
29 May 2025
Signalgate is a signal to revisit security onboarding and training
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error. Continue Reading
-
Opinion
29 May 2025
Zero-trust is redefining cyber security in 2025
The future of zero-trust is about embedding resilience into every facet of an organisation. To achieve this, SRM leaders must reimagine their strategies to address emerging challenges and prioritise key areas. Continue Reading
-
Opinion
29 May 2025
RSAC rewind: Agentic AI, governance gaps and insider threats
AI was naturally a major theme of this year's RSAC conference, but we maybe failed to anticipate how it is coming to dominate every conversation. Continue Reading
-
Feature
29 May 2025
AI and compliance: Staying on the right side of law and regulation
Without careful planning, AI projects risk blundering into a legal and regulatory minefield. We look at the risks from hallucinations, basic errors and coming regulation Continue Reading
-
Podcast
29 May 2025
AI compliance: Dealing with data change and proliferation
Podcast: We talk with Vigitrust CEO Mathieu Gorge about staying on top of compliance and artificial intelligence, where the danger is data that changes during AI processing and can also proliferate Continue Reading
-
News
28 May 2025
UK biometric surveillance exists in ‘legal grey area’
The rapid proliferation of ‘biometric mass surveillance technologies’ throughout the UK’s public and private sectors is taking place without legal certainty or adequate safeguards for the public Continue Reading
-
Feature
28 May 2025
AI and compliance: What are the risks?
We look at the areas of risk in artificial intelligence. Potential exposures abound, and include security and privacy issues, bias, accuracy and complete fabrication of results Continue Reading
-
Definition
28 May 2025
What is a compliance framework?
A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with established regulations, specifications or legislation. Continue Reading
-
News
28 May 2025
ANZ firms spending more on data management
Nearly nine in 10 organisations in Australia and New Zealand increased their overall spend on data management last year to cope with higher data volumes and growing use of artificial intelligence, study finds Continue Reading
-
News
27 May 2025
US makes fresh indictments over DanaBot, Qakbot malwares
US charges the operators of two malwares, DanaBot and Qakbot, whose actions led to millions of dollars worth of cyber theft and fraud Continue Reading
-
News
27 May 2025
Armed forces charity steps in to address cyber mental health crisis
CIISec and military charity PTSD Resolution hope to address a gathering mental health crisis among frontline cyber professionals Continue Reading
-
Opinion
27 May 2025
Building resilient cyber threat intelligence communities
Cyber threat intelligence is no longer a luxury: intelligence sharing communities must mature, and there are many common lessons to learn. Continue Reading
-
Opinion
27 May 2025
Security vs. usability: Why rogue corporate comms are still an issue
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error. Continue Reading
-
Opinion
27 May 2025
When leaders ignore cyber security rules, the whole system weakens
The US ‘Signalgate’ debacle is a case study in how security collapses when leadership treats basic rules as optional Continue Reading
-
Feature
27 May 2025
Preparation and appreciation – the human factor in incident response
A typical incident response effort is highly technical, so where do soft skills come in and how do you know how effective your team is? We look at a measurement option and the human consideration in these scenarios Continue Reading
-
Feature
26 May 2025
What are the best practices for securing AWS tech stacks?
An AWS tech stack can aid business growth and facilitate efficient operations, but misconfigurations have become all too common and stall this progress Continue Reading
-
News
23 May 2025
Essex Police discloses ‘incoherent’ facial recognition assessment
An equality impact assessment of Essex Police live facial recognition deployments is plagued by inconsistencies and poor methodology, undermining the force’s claim that its use of the technology will not be discriminatory Continue Reading
-
News
22 May 2025
DSIT makes £5.5m of funding available to new projects
The government is focusing on easing the regulatory burden that can often hamper the introduction of innovative technologies in the public sector Continue Reading
-
News
22 May 2025
How to tackle your infrastructure technical debt
Gartner analysts explain how infrastructure and operations teams can address the accumulation of outdated systems and make a compelling business case for upgrades Continue Reading
-
Opinion
22 May 2025
Enterprise AI: Best-in-class or best-of-breed?
With generic chatbots underperforming in sectors like travel and telecoms, CIOs must decide if consolidating with one best-in-class provider outweighs the benefits of specialised, best-of-breed AI solutions Continue Reading
-
News
21 May 2025
M&S cyber attack disruption likely to last until July
M&S says it has moved into recovery mode after a ransomware attack, but expects some disruption to persist throughout the coming weeks Continue Reading
-
News
21 May 2025
NCSC: Russia’s Fancy Bear targeting logistics, tech organisations
The NCSC and its partner agencies have blown the whistle on an extensive campaign of malicious cyber attacks orchestrated by the Russian state Fancy Bear operation Continue Reading
-
News
21 May 2025
Interview: Rom Kosla, CIO, Hewlett Packard Enterprise
The IT chief of one of the world’s biggest tech companies still has to get the technology right – and he’s building on cloud, application consolidation and data to bring new capabilities in AI to his users Continue Reading
-
Podcast
21 May 2025
Podcast: RSA 2025 – AI’s risk surface and the role of the CISO
We review RSA 2025 with Vigitrust CEO Mathieu Gorge who looks at the impacts on compliance of AI’s expanding risk surface, the role of the CISO, and a changed supplier approach Continue Reading
-
Opinion
21 May 2025
UK Fraud Bill targets benefit claimants for mass surveillance
The UK government’s proposed Fraud Bill will disproportionately place millions of benefit claimants under constant surveillance, creating a two-tier system where people are automatically suspected of wrongdoing for seeking welfare Continue Reading
-
News
21 May 2025
Capital One pushes out data tokenisation
Organisations using the Databricks and Snowflake platforms will be able to use Capital One’s Databolt tool to secure their data Continue Reading
-
News
21 May 2025
Ransomware attacks dropped by a third last month
Reported ransomware attacks eased off during April following a dramatic spike in the first quarter of 2025 Continue Reading
-
News
21 May 2025
Strong fintech security posture at risk via third-party weak links
Despite having a strong security posture, the financial technology sector could be open to attack via third parties Continue Reading
-
News
20 May 2025
Retail cyber attacks hit food distributor Peter Green Chilled
Cold chain services provider Peter Green Chilled, which supplies the likes of Aldi, Sainsbury’s and Tesco, has been forced to halt operations after succumbing to a ransomware attack Continue Reading
-
News
20 May 2025
Rio Tinto overhauls IT operations with platform model
Rio Tinto’s head of technology platforms outlines the mining giant’s move to an IT platform model designed to escape a reactive cycle of critical incidents and improve service quality for internal and external customers Continue Reading
-
News
19 May 2025
Chinese cyber spooks lure laid-off US government workers
A Washington DC-based think tank has published evidence that Chinese intelligence services have been running a network of digital ‘front’ companies targeting laid-off government workers as recruits Continue Reading