IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
Feature
11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI
Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
-
News
24 Apr 2023
Finland and Estonia deepen cross-border digital partnerships
Finland and Estonia, two global tech pioneers, are increasingly sharing their expertise Continue Reading
-
News
26 Jan 2024
UK government consults on age verification tech in alcohol sales
The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: What to expect in cyber this year
Risk arising from insecure generative AI, an explosion in mainstream acceptance of zero-trust, and increasingly tight cyber insurance policies will all be high on the agenda in 2024, writes Forrester senior analyst Alla Valente Continue Reading
-
News
26 Jan 2024
Expert IT witness outsmarted an ‘aggressive’ Post Office to get to truth after inspection ‘madness’
The Post Office’s attempts to protect the Horizon system are well known, in light of the public inquiry and a recent TV drama, but Computer Weekly can reveal how an IT expert was treated during his investigation of Horizon Continue Reading
-
Opinion
26 Jan 2024
Bulk sender authentication: More vital than ever
With new guidelines from Google and Yahoo governing bulk emails coming into force in February 2024, here's what you need to know to keep your sales and marketing lists compliant Continue Reading
-
Opinion
25 Jan 2024
The race to regulate AI: 2024 unpacked
EU’s AI Act is set to become ‘gold standard’ of AI regulation. Will other countries adopt the same high standards or like the UK opt for a light touch in favour of growth and investment? Continue Reading
-
News
25 Jan 2024
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023 Continue Reading
-
Opinion
25 Jan 2024
Security Think Tank: 2024 is the year we bridge the cyber divide
ISACA's Steven Sim Kok Leong shares his thoughts on the coming year in cyber security, considering the impact of regulatory change, the evolving role of the CISO, and advances in innovative cyber tech Continue Reading
-
News
24 Jan 2024
Southern Water confirms cyber attack after Black Basta claims
Southern Water, which supplies millions of customers in southeast England, has confirmed it has fallen victim to a cyber attack, although its services appear to be running normally Continue Reading
-
News
24 Jan 2024
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks Continue Reading
-
News
24 Jan 2024
Salesforce’s bug bounty programme paid out $3m in 2023
Ethical hackers disclosed more than 4,000 vulnerabilities to Salesforce last year through its bug bounty programme, and received over $3m in rewards Continue Reading
-
Podcast
23 Jan 2024
Podcast: Storage and compliance outlook for 2024
Interesting times ahead in 2024 as we talk to Mathieu Gorge, CEO of Vigitrust, about updates to EU regs, PCI, NIST, post-Brexit divergence and 60 national elections across the globe Continue Reading
-
Feature
23 Jan 2024
Expert guide to e-discovery
An expert guide to why your organisation needs an electronic discovery policy and how to go about creating one Continue Reading
-
News
23 Jan 2024
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences Continue Reading
-
News
23 Jan 2024
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people Continue Reading
-
News
23 Jan 2024
UN chief blasts AI companies for reckless pursuit of profit
The United Nations general secretary has blasted technology companies and governments for pursuing their own narrow interests in artificial intelligence without any consideration of the common good, as part of wider call to reform global governance Continue Reading
-
News
23 Jan 2024
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack Continue Reading
-
News
22 Jan 2024
SolarWinds hackers attack Microsoft in apparent recon mission
Russian-backed threat actor behind infamous 2020 SolarWinds Sunburst intrusion hacked into Microsoft’s systems, apparently in an attempt to get hold of intel on themselves Continue Reading
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading
-
News
19 Jan 2024
Fujitsu boss admits to missed opportunities to prevent miscarriages of justice
Concerns of an expert witness in subpostmaster trials were ignored by Fujitsu Continue Reading
-
News
19 Jan 2024
Neighbouring Kent councils hit by simultaneous cyber attacks
Canterbury, Dover and Thanet Councils in Kent have all been struck by simultaneous cyber attacks knocking systems offline, with indications of a link between all three Continue Reading
-
News
19 Jan 2024
Cabinet Office publishes 10-point generative AI guidance
Cabinet Office’s framework, which will evolve as the technology moves forward, sets out 10 principles for the government's use of generative AI systems Continue Reading
-
Blog Post
19 Jan 2024
CIOs will need a new strategy for AI risks and opportunities
The World Economic Forum (WEF) has warned that online misinformation and disinformation, generated by AI, is the top short-term risk facing countries. In its Global Risk report 2024, the WEF stated ... Continue Reading
-
Opinion
18 Jan 2024
Powering up cyber security defences with AI
AI holds great promise when it comes to securing valuable, and vulnerable, data, but security teams face some challenges if they are to get the best out of it, writes IBM’s Christopher Meenan Continue Reading
-
News
18 Jan 2024
PSTN switch-off threatens access to adult social care services
The Public Switched Telephone Network switch-off is threatening vulnerable Londoners access to adult social care and other vital services, as councils are left to manage the cost without financial support from the centre, says London chief digital officer Theo Blackwell Continue Reading
-
News
18 Jan 2024
Cyber non-profit enlists ex-NCSC head as technical chair
Founding NCSC chief exec Ciaran Martin is to join the newly launched Cyber Monitoring Centre non-profit as chair of its technical committee Continue Reading
-
Opinion
18 Jan 2024
AI will create a thousand Post Office scandals
Critical computing expert Dan McQuillan weighs in on the proliferation of artificial intelligence throughout the public sector and the potential this opens up for a slew of new IT scandals Continue Reading
-
News
18 Jan 2024
Tech firms: Investigatory Powers review will undermine privacy of UK citizens
Trade group TechUK argues in a briefing sent to the Home Office that proposed amendments to the Investigatory Powers Bill could have a far-reaching impact on privacy and security Continue Reading
-
News
17 Jan 2024
NCSC invites security pros to join the big leagues
The NCSC is inviting security pros from across the UK to sign up to work with its experts on an intelligence-sharing initiative Continue Reading
-
Feature
17 Jan 2024
Cloud-to-cloud backup: What it is and why you (probably) need it
Basic cloud data protection is just not enough. Several loopholes leave business data vulnerable and that means additional cloud-to-cloud backup should be seriously considered Continue Reading
-
News
17 Jan 2024
Victims of 2023 Capita data breaches head to High Court
More than 5,000 people impacted by data breaches arising from two cyber incidents affecting outsourcer Capita have joined a group action lawsuit Continue Reading
-
News
17 Jan 2024
Singapore proposes governance framework for generative AI
AI Verify Foundation and Infocomm Media Development Authority have proposed a governance framework for generative AI to address the risks and concerns about the emerging technology Continue Reading
-
Definition
16 Jan 2024
artificial intelligence (AI) governance
Artificial intelligence governance is the legal framework for ensuring AI and machine learning technologies are researched and developed with the goal of helping humanity adopt and use these systems in ethical and responsible ways. Continue Reading
-
News
16 Jan 2024
Legal cases question IP in large language model training
Should the providers of commercial large language models licence content from content creators? The New York Times and Getty Images think so Continue Reading
-
News
16 Jan 2024
Kaspersky shares Pegasus spyware-hunting tool
Kaspersky has developed a way of easily exposing the presence of Pegasus spyware on iOS devices and believes its methodology may also help users identify other such surveillance malware Continue Reading
-
Opinion
16 Jan 2024
The human toll of ransomware: how IT pros suffer during incidents
Any ransomware attack causes significant challenges for a business or organisation going through such incident. But ransomware attacks also have tremendous impact on the staff – especially IT teams – working on mitigating the attack’s effect Continue Reading
-
News
15 Jan 2024
British Library catalogues back online after ransomware attack
The British Library has restored online access to its main catalogue of nearly 40 million items on a limited basis as it continues the long and arduous process of recovering from a ransomware attack Continue Reading
-
News
15 Jan 2024
AI likely to worsen economic inequality, says IMF
While artificial intelligence will replace some jobs and complement others, the International Monetary Fund says that, in most of the scenarios it envisages, the technology will likely deepen macro-economic inequalities Continue Reading
-
News
15 Jan 2024
Cosmetics retailer Lush dealing with mystery cyber incident
Cosmetics retailer Lush confirms it’s investigating a cyber attack of an undisclosed nature, but key public-facing systems appear to be unaffected Continue Reading
-
Feature
15 Jan 2024
British Library cyber attack explained: What you need to know
In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
-
News
15 Jan 2024
How legal disclosure failures disrupted the Post Office Horizon inquiry
From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry Continue Reading
-
News
12 Jan 2024
UK government seeks public views on impacts of AI-generated porn
The government’s Pornography Review will look in part at the use of AI throughout the industry to generate sexually explicit content without people’s consent Continue Reading
-
Opinion
11 Jan 2024
Redefining the cyber domain to tackle the challenges of tomorrow
Emerging technologies have brought about a new age of cyber – and we need a 360-degree collaborative approach more than ever to succeed Continue Reading
-
News
10 Jan 2024
Davos 2024: AI-generated disinformation poses threat to elections, says World Economic Forum
Disinformation and misinformation are the top risks facing businesses, governments and the public over the next two years Continue Reading
-
News
10 Jan 2024
SEC social media hack highlights value of MFA
The US SEC briefly appeared to approve new bitcoin trading rules after a social media account was targeted by troublemakers, proving the value of MFA once again Continue Reading
-
News
10 Jan 2024
How Fujitsu became a central part of the Post Office scandal
As a TV drama brings the Post Office scandal to a wider audience, many are wondering how and why a Japanese IT company became embroiled in the story – we examine the troubled history behind Fujitsu’s role Continue Reading
-
News
10 Jan 2024
Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill
The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK Continue Reading
-
News
09 Jan 2024
Babuk Tortilla ransomware decryptor made available
A joint effort between Cisco Talos, Avast and the Dutch police will bring relief to many victims of a variant of the Babuk ransomware known as Tortilla Continue Reading
-
Opinion
09 Jan 2024
Inadequate cloud logs are proving a headache for CISOs
The mass adoption of cloud environments is pushing strained CISOs to the brink and a lack of attention to logging isn't helping. Vectra's Mark Wojtasiak calls for organisations to do more to improve visibility in their clouds in 2024 Continue Reading
-
News
09 Jan 2024
Study reveals cyber risks to US elections
With the 2024 US presidential election cycle beginning, a study produced by Arctic Wolf has highlighted big gaps in preparedness and resourcing at government bodies across the US Continue Reading
-
Opinion
09 Jan 2024
Designing an IT department for a world defined by change
Traditional functional organisational models cannot adapt adequately to the demands of a 21st century digital business - especially not in the IT department. How can a service-based structure help? Continue Reading
-
News
08 Jan 2024
British Library ransomware attack could cost up to £7m
The cost of recovering the British Library’s ransomware-stricken IT systems could be up to £7m, it has emerged Continue Reading
-
News
07 Jan 2024
India firms warm to responsible AI
Almost two-thirds of organisations said their responsible AI practices and policies were mature or they had taken steps towards responsible AI adoption, according to a Nasscom study Continue Reading
-
News
05 Jan 2024
Information Commissioner questions DWP plan to monitor bank accounts of benefit claimants
The Information Commissioner has warned that legislation to give new powers to the Department of Work and Pensions to check bank accounts of benefit claimants for indications of fraud lacks appropriate safeguards Continue Reading
-
News
02 Jan 2024
China’s UNC4841 pivots to new Barracuda ESG zero-day
The Chinese state threat actor behind a series of cyber attacks on Barracuda Networks customers embarked on a campaign targeting the supplier’s email security products in the run-up to Christmas Continue Reading
-
News
29 Dec 2023
Top 10 AI regulation stories of 2023
From the UK government’s publication of its long-awaited AI whitepaper to its convening of the world’s first AI Safety Summit, here are Computer Weekly’s top 10 AI regulation stories of 2023 Continue Reading
-
News
28 Dec 2023
Top 10 technology and ethics stories of 2023
Here are Computer Weekly’s top 10 technology and ethics stories of 2023 Continue Reading
-
News
27 Dec 2023
Top 10 police technology stories of 2023
Here are Computer Weekly’s top 10 police technology stories of 2023 Continue Reading
-
News
21 Dec 2023
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
-
News
21 Dec 2023
Top 10 storage supplier strategy stories of 2023
In 2023, we looked at the top storage suppliers, their market share and how they set themselves for a future of hybrid cloud, containerisation and consumption models of purchasing Continue Reading
-
Opinion
20 Dec 2023
Beyond the office walls: Safeguarding remote workers from attack
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Opinion
20 Dec 2023
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Opinion
20 Dec 2023
What we learned in cyber in 2023, and what to look out for
PA Consulting's Rasika Somasiri looks back at a busy 12 months in the cyber security world, and highlights some key learnings from 2023 Continue Reading
-
Opinion
20 Dec 2023
Evolving best practice: What next for securing remote work?
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
20 Dec 2023
'No hiding place' for those responsible for Post Office Horizon scandal
MPs want individuals to be held to account for their roles in causing the Post Office Horizon scandal, which destroyed thousands of lives Continue Reading
-
News
20 Dec 2023
ALPHV/BlackCat operation down, but maybe not out
Multinational law enforcement has targeted the operations of the notorious ALPHV/BlackCat cyber extortion gang, but the group’s members appear to remain defiant Continue Reading
-
Opinion
19 Dec 2023
Security Think Tank: Testing to improve remote worker security
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
19 Dec 2023
Top 10 cyber security stories of 2023
The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides, but it was the chaotic state of global geopolitics that really made an impact Continue Reading
-
News
19 Dec 2023
Top 10 information management stories of 2023
Generative AI was inescapable as the leading theme of the information management stories of 2023 gathered here. But also selected are pieces about data and healthcare, and the inexorable rise of the CDO Continue Reading
-
Opinion
19 Dec 2023
Security Think Tank: Anytime, anywhere access is achievable
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
15 Dec 2023
Police defend facial recognition target selection to Lords
Senior police officers confirm to Lords committee that facial recognition watchlist image selection is based on crime categories attached to people’s photos, rather than a context-specific assessment of the threat presented by a given individual Continue Reading
-
Opinion
14 Dec 2023
Governance best practices for citizen developers
The rise of citizen developers is revolutionising the way organisations approach software development. Here is a guide to supporting them Continue Reading
-
News
14 Dec 2023
Government plans to regulate to tackle datacentre threats
DSIT outlines a range of proposals designed to protect data storage facilities from cyber attacks, as well as physical threats and the effects of climate breakdown Continue Reading
-
News
14 Dec 2023
The Security Interviews: Talking identity with Microsoft’s Joy Chik
Microsoft’s president of identity and network access, Joy Chik, joins Computer Weekly to discuss the evolving threat landscape in identity security, using innovations in artificial intelligence to stay ahead, and advocating for the coming passwordless future Continue Reading
-
News
14 Dec 2023
NCSC CEO Lindy Cameron to step down in 2024
NCSC chief exec Lindy Cameron, who helped lead and elevate the national dialogue on cyber security through major events such as Covid-19, SolarWinds Sunburst and Colonial Pipeline, is to step down in the New Year Continue Reading
-
Blog Post
14 Dec 2023
Tesla and the risk of technological complacency
The recall of the Tesla Autopilot software is an illustration of the risks of human complacency that can occur as more and more of the tasks we’re used to become automated. Years ago, people ... Continue Reading
-
News
14 Dec 2023
Current Post Office executive in denial of Horizon cover-up
Executives at the Post Office today are still in denial of the part they played in destroying the lives of thousands of people Continue Reading
-
News
13 Dec 2023
No UK AI legislation until timing is right, says Donelan
The UK government will not legislate on artificial intelligence until it has a better understanding of the technology, so is instead focusing on building up regulatory capacity and conducting safety-focused research, says digital secretary Continue Reading
-
News
13 Dec 2023
How ransomware gangs use the tech media against their victims
Ransomware gangs are increasingly media-savvy operators, and this means incident response plans now need to account for communications and PR strategies too Continue Reading
-
News
13 Dec 2023
Microsoft’s Christmas present for cyber teams: no zero-days
Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023 Continue Reading
-
News
13 Dec 2023
Critical UK infrastructure a ‘hostage of fortune’ to ransomware
A lack of ransomware planning and preparedness at the highest levels of government is leaving UK operators or critical national infrastructure dangerously exposed, according to a Joint Committee report Continue Reading
-
News
12 Dec 2023
MoD fined after breach of Afghan staffers’ data put lives at risk
The MoD has been fined £350,000 by the ICO after an email blunder exposed data on Afghan nationals who had worked with British forces and were at risk of Taliban reprisals Continue Reading
-
News
12 Dec 2023
Outdated data protection practice key factor in PSNI data breach
The August 2023 data breach at the Police Service of Northern Ireland arose chiefly from an outdated approach to data protection and compliance at the force, according to an independent review Continue Reading
-
News
11 Dec 2023
Competition and Markets Authority looks into Microsoft/OpenAI after Altman fiasco
The firing and rehiring of OpenAI’s CEO, and the fallout, which could have seen Microsoft hire all its staff, has the regulator spooked Continue Reading
-
News
08 Dec 2023
Fancy Bear targets Nato entities via critical Outlook flaw
A vulnerability patched in March has likely been exploited by the Russian state actor Fancy Bear, for over two years, according to the latest intelligence Continue Reading
-
News
07 Dec 2023
UK names Russian FSB agents behind political hacking campaign
Russian hacking group, Star Blizzard, was part of a Russian intelligence operation aimed at interfering with UK politics and the democratic process, says government. Continue Reading
-
News
07 Dec 2023
NCSC exposes Russian cyber attacks on UK political processes
The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard Continue Reading
-
News
07 Dec 2023
2023 may have seen highest ransomware ‘body count’ yet
Ransomware, or cyber extortion as it is increasingly being termed, remained the most prominent security threat in 2023 – and thanks to large-scale supply chain attacks, the past 12 months may have seen the most victims ever Continue Reading
-
Opinion
07 Dec 2023
Considerations for the security of evolving workspaces
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
06 Dec 2023
NHS whistleblower Peter Duffy threatens trust with legal action in row over alleged email tampering
NHS whistleblower warns his former employer of potential litigation over a dispute concerning allegations of email tampering Continue Reading
-
Feature
05 Dec 2023
How to recover systems in the event of a cyber attack
Recovering compromised systems after a cyber attack isn’t easy, but understanding industry best practice offers a template for the key processes to follow Continue Reading
-
News
05 Dec 2023
Operator of Sellafield nuclear facility denies hacking claims
The operator of the Sellafield nuclear site has denied allegations that senior managers covered up a series of cyber security lapses that enabled Chinese and Russian threat actors to compromise its networks Continue Reading
-
News
05 Dec 2023
Undisclosed document could reveal pressure on Fujitsu expert witness in Post Office prosecution
Details of Post Office prosecutor’s meeting with Fujitsu IT expert witness, used in subpostmaster prosecution, not yet disclosed to public inquiry Continue Reading
-
News
04 Dec 2023
Rhysida ransomware gang hits hospital holding royal family’s data
Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital Continue Reading
-
Opinion
04 Dec 2023
Cyber and remote working: How Covid moved the cursor
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
01 Dec 2023
Human augmentation tech requires dual use oversight
Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO Drone Wars UK Continue Reading
-
News
01 Dec 2023
Report reveals sorry state of cyber security at UK football clubs
Football clubs up and down the country are putting staff, players and fans alike at risk through outdated attitudes to cyber security, according to a report Continue Reading
-
News
01 Dec 2023
Lords committee urges caution on UK use of autonomous weapons
UK government must ensure proper democratic oversight of its development and use of AI-powered weapon systems, says Lords committee Continue Reading
-
News
01 Dec 2023
The Security Interviews: Mark McClain, SailPoint Technologies
SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come Continue Reading
-
Opinion
01 Dec 2023
Security Think Tank: Four steps to secure remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Opinion
30 Nov 2023
Prepare for your worst day: How to create a cyber incident response plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading