IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
30 Apr 2025
Current SaaS delivery model a risk management nightmare, says CISO
JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience Continue Reading
-
News
30 Apr 2025
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack Continue Reading
-
News
05 Jan 2023
Fallout from Guardian cyber attack to last at least a month
The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time Continue Reading
-
Feature
05 Jan 2023
Securing low Earth orbit represents the new space race
The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges Continue Reading
-
News
03 Jan 2023
Test of digital ID tech at Surrey nightclub proclaimed success
The majority of visitors to a Camberley venue who piloted a digital identification app developed by 1account said they found it easy to use and preferred it to standard physical ID Continue Reading
-
News
30 Dec 2022
Top 10 Computer Weekly Downtime Upload podcasts of 2022
The team began with a sombre episode about Ukraine and went on to tackle the more familiar topics of diversity, datacentre sustainability and data. New for 22: Cliff Saran’s interviews with IT thought leaders Continue Reading
-
Feature
29 Dec 2022
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
News
29 Dec 2022
Top 10 technology and ethics stories of 2022
Here are Computer Weekly’s top 10 technology and ethics stories of 2022 Continue Reading
-
News
29 Dec 2022
Top 10 Nordic IT stories of 2022
Here are Computer Weekly's top 10 Nordic IT articles of 2022 Continue Reading
-
News
29 Dec 2022
Top 10 technology startup stories of 2022
Here are Computer Weekly’s top 10 technology startup stories of 2022 Continue Reading
-
Opinion
29 Dec 2022
How does red teaming test the ultimate limits of cyber security?
An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading
-
News
28 Dec 2022
Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears
NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness Continue Reading
-
News
28 Dec 2022
Top 10 Middle East IT stories of 2022
Here are Computer Weekly's top 10 Middle East IT articles of 2022 Continue Reading
-
News
23 Dec 2022
Top 10 IT leadership interviews of 2022
Computer Weekly talks to more IT leaders than any other publication, so we can share insights into the latest in strategy and best practice from the top CIOs, CTOs and CDOs Continue Reading
-
News
23 Dec 2022
Top 10 Benelux IT stories of 2022
Here are Computer Weekly’s top 10 Benelux articles of 2022 Continue Reading
-
News
23 Dec 2022
Top 10 financial services IT stories of 2022
Here are Computer Weekly’s top 10 financial services IT articles of 2022, looking back at the moves and changes over the past year Continue Reading
-
News
22 Dec 2022
Top 10 cyber security stories of 2022
The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading
-
News
22 Dec 2022
Top 10 crime, national security and law stories of 2022
Here are Computer Weekly’s top 10 crime, national security and law stories of 2022 Continue Reading
-
News
22 Dec 2022
Top 10 cyber crime stories of 2022
Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading
-
Opinion
21 Dec 2022
Post-Brexit cyber dynamics in the UK and Europe: diverging paradigms?
The UK faces a choice in terms of its ongoing cyber security relationship with the EU – to preserve its collaboration with the EU by adopting an aligned approach or to adopt a divergent approach Continue Reading
-
News
20 Dec 2022
TSB hit with huge fine after IT migration disaster
TSB has been fined nearly £50m due to failings during its IT migration catastrophe Continue Reading
-
Opinion
19 Dec 2022
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
News
16 Dec 2022
Shiseido data breach victims plan legal action over fake companies
Employees and former employees of cosmetics firm Shiseido whose data was stolen in a recent breach are planning group legal action after their information was used to establish fraudulent companies in their names Continue Reading
-
News
16 Dec 2022
UK unis implement new IP traffic policies to combat ransomware
Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading
-
News
15 Dec 2022
Digital Ethics Summit: Who benefits from new technology?
Experts at the 2022 Digital Ethics Summit say expedited development cycles and obviously over-hyped PR material, in tandem with the public’s near-total exclusion from conversations around technology, is creating distrust towards the tech sector Continue Reading
-
News
14 Dec 2022
Criminal Cases Review Commission calls on more convicted subpostmasters to come forward
The Criminal Cases Review Commission wants more former subpostmasters to come forward if they think they were prosecuted by the Post Office based on data from the error-prone Horizon computer system Continue Reading
-
News
14 Dec 2022
Private health provider data could be shared with NHS England
Plans are advancing to create a single source of healthcare data in England combining both private providers and the NHS to avoid a repeat of the Ian Paterson scandal Continue Reading
-
News
14 Dec 2022
NHS gets new guidance on public benefits of data sharing
NHS national data guardian Nicola Byrne has published new guidance on how health and social care bodies should approach the task of evaluating public benefit when using data for purposes beyond individual care Continue Reading
-
News
14 Dec 2022
Ethical hackers flex their muscles in 2022
Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021 Continue Reading
-
News
14 Dec 2022
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading
-
News
14 Dec 2022
New cyber approaches ease Registers of Scotland’s AWS migration
As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web Services Continue Reading
-
Opinion
14 Dec 2022
Security Think Tank: How much digital trust can you place on zero-trust?
The events of the past couple of years have highlighted many considerations that should be taken into consideration when pursuing a zero-trust strategy, says ISACA’s Steven Sim Kok Leong Continue Reading
-
News
13 Dec 2022
EU issues draft data adequacy decision in favour of US
The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision Continue Reading
-
News
13 Dec 2022
More Uber data exposed in possible supply chain attack
A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading
-
E-Zine
13 Dec 2022
AI experts question tech industry’s ethical commitments
In this week’s Computer Weekly, the proliferation of ethical frameworks has done little to change how artificial intelligence is developed – we look at the challenges. We examine the future of the UK semiconductor sector as the government launches a review. And we hear how NatWest has put data at the heart of customer strategy. Read the issue now. Continue Reading
-
News
12 Dec 2022
Cloud-based fingerprint system for UK police nears completion
Police Digital Service announces that a new cloud-based fingerprint system developed under its Transforming Forensics programme is nearly complete, but data protection concerns around the use of US-based cloud providers remain Continue Reading
-
Opinion
12 Dec 2022
Security Think Tank: Embrace prioritisation, people, imperfections
Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading
-
News
09 Dec 2022
Iranian APT seen exploiting GitHub repository as C2 mechanism
A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading
-
News
09 Dec 2022
Online Safety Bill returns to Parliament
MPs and online safety experts have expressed concern about encryption-breaking measures contained in the Online Safety Bill as it returns to Parliament for the first time since its passage was paused in July Continue Reading
-
Opinion
09 Dec 2022
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
News
08 Dec 2022
Consumers to get new protections against dodgy apps
Government’s new code of practice will impose new privacy and security measures on app store operators and developers Continue Reading
-
News
08 Dec 2022
Apple to tap third party for physical security keys
Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys Continue Reading
-
News
07 Dec 2022
Clinicians who raised patient safety risks claim Berkshire NHS trust deleted email evidence
A tribunal hearing considering claims that an NHS trust destroyed email evidence and had put the safety of geriatric patients at risk, was cut short after clinicians faced “life-changing” costs Continue Reading
-
News
07 Dec 2022
Rackspace email outage confirmed as ransomware attack
An ongoing outage affecting Rackspace email customers is the result of a ransomware attack Continue Reading
-
News
07 Dec 2022
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
-
Opinion
07 Dec 2022
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
News
07 Dec 2022
Post Office scandal – “cock-up or cook-up”?
The second phase of the Post Office Horizon IT scandal raised more questions over who did what, when and where, with shocking revelations at every turn Continue Reading
-
News
06 Dec 2022
Legacy IT magnifies cyber risk for Defra, says NAO
Some 30% of Defra’s applications are currently unsupported, magnifying cyber risk as the government department struggles to make progress on a digital transformation programme Continue Reading
-
News
06 Dec 2022
EU fails to protect human rights in surveillance tech transfers
Transfers of surveillance technology from the European Union to African governments are carried out without due regard for the human rights impacts, the European Ombudsman has found after a year-long investigation into the European Commission’s management of an aid fund Continue Reading
-
News
06 Dec 2022
Don’t become an unwitting tool in Russia’s cyber war
Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack? Continue Reading
-
News
05 Dec 2022
Fake investment ads persist on Meta’s social networks
Online adverts for investment scams relating to property and crypto assets are still getting past measures designed to stop them Continue Reading
-
News
05 Dec 2022
DCMS to assess UK semiconductor industry
The ongoing global chip crisis, geopolitician tension with China and deal-blocking are the backdrop to this latest assessment Continue Reading
-
News
05 Dec 2022
Cohesity doubles down on cyber-defence failings via backup
Datahawk service and Data Security Alliance bring clean data restores, ransomware artefact detection, data vaulting and data audit for a clearer understanding of attack impact Continue Reading
-
News
05 Dec 2022
French cyber consultancy Hackuity sets up UK operation
Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading
-
News
02 Dec 2022
Post Office boosted its ‘coffers’ as Horizon system threw up unexplained shortfalls, inquiry told
The Post Office was ‘keen’ to make subpostmasters cover unexplained accounting shortfall as its business struggled, public inquiry hears Continue Reading
-
News
02 Dec 2022
Twitter ‘replacement’ Hive Social shuts off service in privacy alert
Hive Social, a recently established social media network, has temporarily closed its servers to address deep structural privacy issues identified by ethical hackers Continue Reading
-
News
01 Dec 2022
MI6 chief’s hacked emails attacked MI5 and betrayed British spy operations in China
Former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. His emails were hacked and then leaked – probably by Russian intelligence Continue Reading
-
News
01 Dec 2022
LastPass probes new cyber incident related to August attack
The August 2022 cyber attack on LastPass seems to have begat another incident, according to company CEO Karim Toubba Continue Reading
-
News
30 Nov 2022
Microsoft 365 banned in German schools over privacy concerns
German schools cannot legally use Microsoft Office 365 over lack of clarity about how data is collected, shared and used, as well as the potential for unlawful transfer of European citizens’ personal data to the US Continue Reading
-
News
30 Nov 2022
South Staffs Water customer data leaked after ransomware attack
Personal data of water utility’s direct debit customers exposed on the dark web following a Clop ransomware attack Continue Reading
-
News
30 Nov 2022
NIS regulations to be extended to cover MSPs
The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope Continue Reading
-
News
30 Nov 2022
Parity AI talks about auditing recruitment algorithms for bias
Algorithmic auditing firm Parity speaks to Computer Weekly about the process of auditing artificial intelligence for bias, following its partnership with AI-powered recruitment platform Beamery Continue Reading
-
Opinion
30 Nov 2022
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
Opinion
29 Nov 2022
Chartered status and aligned standards are crucial for the UK's cyber sector
As the UK moves closer to ushering in the world’s first chartered cyber professionals, the UK Cyber Security Council’s Simon Hepburn outlines the sector’s defining moment Continue Reading
-
News
29 Nov 2022
‘Legal but harmful’ clause dropped from Online Safety Bill
Online Safety Bill’s ‘legal but harmful’ provision will be dropped by the UK government in favour of public risk assessments, tools to help users control the content they consume, and new criminal offences around self-harm Continue Reading
-
News
25 Nov 2022
Data management, backup becoming the CISO's responsibility
More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year Continue Reading
-
Feature
24 Nov 2022
Indefinite storage: What it is and why you might need it
Indefinite storage addresses the issue that archived data may need to be kept well beyond the lifespan of the technology it was written for Continue Reading
-
Opinion
24 Nov 2022
Your staff are the frontline in your ransomware fight
As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading
-
News
23 Nov 2022
UK police arrest 120 in largest-ever cyber fraud crackdown
The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police Continue Reading
-
News
23 Nov 2022
AI accountability held back by ‘audit-washing’ practices
Algorithmic auditing will be useless in holding artificial intelligence accountable until there are common standards, approaches and goals that scrutinise systems at each stage of development and deployment, says think-tank Continue Reading
-
News
23 Nov 2022
South Korea data adequacy pact brings £15m Brexit bonus
UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m Continue Reading
-
News
23 Nov 2022
Red team tool developer slams ‘irresponsible’ disclosure
UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors Continue Reading
-
News
22 Nov 2022
Ducktail spins new tales to hijack Facebook Business accounts
The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts Continue Reading
-
News
22 Nov 2022
Killnet DDoS hacktivists target Royal Family and others
Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks Continue Reading
-
Feature
22 Nov 2022
Cloud storage: Key storage specifications
We look at the key specs in cloud storage, including availability – such as five nines – bandwidth, IOPS and latency, capacity and tiering functionality, egress charges and security Continue Reading
-
E-Zine
21 Nov 2022
CW APAC: Trend Watch: Artificial intelligence in APAC
Artificial intelligence is becoming more commonplace across business. In this handbook, focused on the adoption of the technology in the Asia-Pacific region, Computer Weekly looks at what still stands in its way, Dell’s deep learning model, how AI can realise its potential in healthcare, and the pros and cons of using AI and ML applications in the cloud. Continue Reading
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
-
News
21 Nov 2022
NHS federated data platform must avoid repeating Care.data mistakes, says national data guardian
UK’s national data guardian agrees with the ambitions of the platform, but warns that the programme must avoid ‘common pitfalls around trust and transparency’ Continue Reading
-
News
21 Nov 2022
AI adopted without due consideration for workers, MPs told
MPs have been warned that the rapid roll-out of artificial intelligence in workplaces has changed UK enterprises’ management practices so much that current employment law is no longer fit for purpose Continue Reading
-
News
21 Nov 2022
NHS trust that deleted up to 90,000 emails cleared of deliberately concealing evidence
A tribunal found in a high-profile case brought by whistleblower Chris Day that an NHS trust had not deliberately concealed evidence when a director deleted up to 90,000 emails before he was due to testify Continue Reading
-
Feature
21 Nov 2022
Ransomware, storage and backup: Impacts, limits and capabilities
We look at the impact of ransomware on storage and backup, how storage and data protection can best be used to combat ransomware, and how they fit in the fight against it Continue Reading
-
News
18 Nov 2022
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use Continue Reading
-
News
18 Nov 2022
New gold standard to protect good faith hackers
HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking Continue Reading
-
News
18 Nov 2022
Post Office scandal inquiry’s expert IT witness ‘troubled’ by his findings
Controversial Post Office Horizon system lacked the integrity required to trust accounting data and contained ‘joke’ coding akin to an ‘overly engineered mousetrap’, inquiry told Continue Reading
-
News
18 Nov 2022
CyberPeace Institute helps NGOs improve their security resilience
Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people Continue Reading
-
News
17 Nov 2022
Brexit deregulation will make UK next Silicon Valley, vows Hunt
Chancellor vows to revolutionise how the IT industry is regulated to spur competition, investment and innovation in a technological ‘Big Bang’ Continue Reading
-
News
17 Nov 2022
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching Continue Reading
-
News
17 Nov 2022
NHS Digital confirms final settlement of £3.95m with HMRC following conclusion of IR35 investigation
The health service’s digital arm has paid HMRC £3.95m in unpaid tax to cover the cost of its IR35 compliance errors Continue Reading
-
Opinion
17 Nov 2022
Gartner: Three key tasks needed to decommission applications
A guide to slimming down a full portfolio of applications that are expensive to maintain and difficult to adapt to business needs Continue Reading
-
News
16 Nov 2022
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading
-
Opinion
16 Nov 2022
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
News
15 Nov 2022
APP fraud volumes expected to double by 2026, says report
Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue Continue Reading
-
News
15 Nov 2022
Met Police removes nearly two-thirds of people from gangs matrix
Legal action by human rights group Liberty forces Met Police to overhaul its gangs violence matrix database Continue Reading
-
News
14 Nov 2022
Sadiq Khan launches Data for London Advisory Board
Board will look at how to join up and share data between public and private London organisations in an effort to build a stronger data economy and improve public services Continue Reading
-
Opinion
14 Nov 2022
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
Feature
14 Nov 2022
How to prepare for ransomware
What are the best practices you should use to protect against ransomware attacks and manage such attacks when they do happen? Continue Reading
-
Opinion
11 Nov 2022
Cyber insurance: The good, the bad and the ugly
Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee Continue Reading
-
News
11 Nov 2022
Volume of self-reported breaches to ICO jumps 30%
The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022 Continue Reading
-
News
11 Nov 2022
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products Continue Reading
-
Opinion
11 Nov 2022
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
News
10 Nov 2022
Scrutinising AI requires holistic, end-to-end system audits
Understanding the full impacts of artificial intelligence requires organisations to conduct end-to-end social and technical audits of their systems, but the process comes with a number of challenges Continue Reading
-
News
10 Nov 2022
Cyber criminals have World Cup Qatar 2022 in their sights
Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so Continue Reading