IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
02 May 2025
Government and Ofcom disagree about scope of Online Safety Act
MPs heard different views from the online harms regulator and the UK government about whether and how the Online Safety Act obliges platforms to deal with disinformation Continue Reading
-
News
01 May 2025
Harrods becomes latest UK retailer to fall victim to cyber attack
Harrods confirms it is the latest UK retailer to experience a cyber attack, shutting off a number of systems in an attempt to lessen the impact Continue Reading
-
News
19 Feb 2020
Swedish consumer-protection legislation will hit fintechs
New financial regulation to protect consumers from agreeing to unnecessary credit will force financial technology companies to make changes to their products Continue Reading
-
News
19 Feb 2020
Blasé directors put business data at risk
The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress Continue Reading
-
News
19 Feb 2020
Questions raised over Office 365 shared content policy
Buried 300 words into Microsoft’s standard service level agreement is a clause that affects intellectual property and privacy Continue Reading
-
Feature
18 Feb 2020
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
Opinion
18 Feb 2020
Security Think Tank: Zero trust strategies must start small, then grow
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
17 Feb 2020
Mastercard opens European security resilience unit
Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience Continue Reading
-
Feature
17 Feb 2020
Zero trust: Taking back control of IT security
Trust on the network is a crucial factor in security risk, and zero trust changes the traditional model of ‘trust but verify’ Continue Reading
-
Opinion
17 Feb 2020
Security Think Tank: Ask yourself if zero trust is right for you
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
14 Feb 2020
AWS secures temporary halt to Microsoft’s work on $10bn US JEDI cloud contract
Restraining order prevents Microsoft doing any “substantial” work on the JEDI cloud contract as Amazon’s legal action against the US government gathers pace Continue Reading
-
News
14 Feb 2020
CIO Interview: Siim Sikkut, Estonian government CIO
Siim Sikkut is one of a generation of tech native Estonians, who is turning his knowledge and experience to transforming government services Continue Reading
-
Opinion
14 Feb 2020
Security Think Tank: How zero trust lets you take back control
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust architecture? Continue Reading
-
Feature
13 Feb 2020
How IT can back up ESG efforts to do environmental and social good
Organisations’ environmental, social and governance programmes depend on IT leaders for technological backup Continue Reading
-
Opinion
13 Feb 2020
Security Think Tank: Practical steps to achieve zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
12 Feb 2020
Communications watchdog Ofcom to gain extra powers as online harms regulator
The government has released its initial response to 2019’s Online Harms White Paper, setting out a number of decisions about how it will regulate harmful content on the internet Continue Reading
-
News
12 Feb 2020
IR35 private sector reforms: Protesters demand government halts April 2020 roll-out date
With contractors due to stage an anti-IR35 reform protest march at the Houses of Parliament today, stakeholders pen open letter to the Chancellor outlining their concerns about how the changes are affecting the self-employed sector Continue Reading
-
News
11 Feb 2020
MI5 failed to disclose failings in handling intercepted data, court hears
MI5 failed to disclose serious failures in the way it handled intelligence data to the Investigatory Powers Tribunal, the surveillance regulator and ministers. Continue Reading
-
News
11 Feb 2020
IR35 private sector reforms: Research suggests 75% of contractors will leave posts by April 2020
Just eight weeks before the IR35 reforms are due to be extended to the private sector, new research suggests contractors are planning to vote with their feet and leave their positions as blanket bans take hold Continue Reading
-
News
11 Feb 2020
Chinese military personnel accused of Equifax hack
A US federal grand jury has indicted four Chinese army personnel over the 2017 Equifax breach Continue Reading
-
News
10 Feb 2020
What should be in Australia’s next cyber security strategy
The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues? Continue Reading
-
News
10 Feb 2020
AI in public service must be accountable
Committee on Standards in Public Life recommends that government departments make ethics a top priority when tendering artificial intelligence systems Continue Reading
-
Opinion
10 Feb 2020
Security Think Tank: Zero trust is complex, but has rich rewards
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
05 Feb 2020
Loan charge MPs quiz contractors on ‘unreasonable behaviour’ claims made about HMRC’s case handling
The Loan Charge All Party Parliamentary Group’s first meeting results in cross-party group of MPs quizzing contractors on their dealings with HM Revenue and Customs Continue Reading
-
Opinion
05 Feb 2020
Security Think Tank: Zero trust is not the answer to all your problems
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Feature
04 Feb 2020
Caribbean island hospital rebuilds after hurricane with DataCore
Hurricane Irma tore the roof off a server room and flooded IT hardware, but that was an opportunity to rebuild redundant IT using DataCore’s SANsymphony software-defined storage Continue Reading
-
News
04 Feb 2020
Acronis CEO bullish as specialist goes beyond backup
Acronis is set to launch Cyber Protect as it rides a wave of confidence based on increasing revenues and investor funding. Will the backup-plus-cyber protection calculation pay off? Continue Reading
-
Opinion
04 Feb 2020
The fight against cyber crime: Why cooperation matters
With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today Continue Reading
-
News
04 Feb 2020
MI5 faces court ruling over unlawful surveillance warrants
Privacy groups Liberty and Privacy International ask the Investigatory Powers Tribunal to order MI5 to disclose full details of ‘unlawful’ conduct, after classified documents reveal the spy agency failed to comply with surveillance laws Continue Reading
-
Opinion
04 Feb 2020
Security Think Tank: Facing the challenge of zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
03 Feb 2020
Cost-cutting and digital transformation spur increased European IT outsourcing in 2019
The need to rein in costs while digitally transforming has led to growth in traditional and as-a-service base outsourcing Continue Reading
-
News
03 Feb 2020
Government refuses request to pay legal costs for subpostmasters in Post Office case
The government has refused to pay the huge legal costs subpostmasters incurred in their battle with the government-owned Post Office, which they won Continue Reading
-
Opinion
03 Feb 2020
Security Think Tank: Zero trust – just another name for the basics?
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
31 Jan 2020
Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks
Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum Continue Reading
-
News
30 Jan 2020
Avast cans data harvesting subsidiary after outcry
Avast will close its Jumpshot big data unit following repeated allegations of inappropriate handling of customer data Continue Reading
-
News
30 Jan 2020
Sorting out the Dutch government’s IT mess
Tech experts discuss the challenges and potential solutions to the Netherlands government’s IT problems Continue Reading
-
News
29 Jan 2020
NHS suffers fewer ransomware attacks, but threat persists
Ransomware attacks against the NHS have tapered off dramatically, according to statistics obtained under FoI legislation, but this does not mean the threat has diminished Continue Reading
-
Podcast
29 Jan 2020
Podcast: How to boost staff awareness of compliance
Employee awareness of compliance, of the laws and regulations that affect your business, is vital, in some cases even mandatory. We look at the key ways to achieve it Continue Reading
-
Feature
28 Jan 2020
Top four compliance considerations for SMEs
We look at the key data compliance regulations that affect smaller companies – such as GDPR, the Data Protection Act, PCI-DSS and PECR – and some key industry-specific frameworks Continue Reading
-
News
28 Jan 2020
Data privacy benefits outweigh spend, says Cisco
Cisco’s 2020 data privacy study shows organisations can generate substantial returns on their data privacy and protection spending Continue Reading
-
News
24 Jan 2020
Cyber gangsters publish staff passwords following ‘Sodinokibi’ attack on car parts group Gedia
Sodinokibi hacking group steps up pressure on German automotive manufacturer by publishing information, including the CEO’s computer password and sensitive details of its IT systems, on the internet Continue Reading
-
News
23 Jan 2020
Travelex hackers shut down German car parts company Gedia in massive ‘cyber attack’
Car parts manufacturer says cyber attack will have far-reaching consequences for its business, and it has put emergency plans in place to continue deliveries Continue Reading
-
News
23 Jan 2020
Seven projects funded to explore CAV security
The winners of the Cyber Securities Feasibility Studies contest, exploring cyber security for self-driving cars, have been revealed Continue Reading
-
News
23 Jan 2020
End-user security ignorance laid bare in new report
Proofpoint’s 2020 State of the Phish report highlights an urgent need for better user training and reporting Continue Reading
-
News
22 Jan 2020
Computer Misuse Act ‘crying out for reform’
Group of campaigners says the Computer Misuse Act of 1990 risks criminalising cyber security professionals and needs reforming Continue Reading
-
News
22 Jan 2020
ICO code sets out digital privacy standards for children
The Information Commissioner’s Office has published its Age Appropriate Design Code, a set of 15 standards that online platforms must meet to protect the privacy of younger users Continue Reading
-
News
21 Jan 2020
Singapore updates model AI governance framework
Second edition of Singapore’s artificial intelligence governance framework includes new guidance, use cases and a self-assessment guide Continue Reading
-
Podcast
21 Jan 2020
Podcast: The Computer Weekly Downtime Upload – Episode 43
In this week’s episode of the Computer Weekly Downtime Upload podcast, Caroline Donnelly, Clare McDonald and Brian McKenna talk about the loan charge review that is bearing down on IT contractors, the Tech Talent Charter, Windows 7, and combating loneliness among remote workers Continue Reading
-
News
21 Jan 2020
Loan charge under review: HMRC to invest £200,000 in readying IT systems for planned policy changes
Tax collection agency counts costs of having to upgrade IT systems to prepare for incoming changes to its controversial loan charge disguised remuneration policy, which has left thousands of IT contractors facing financial ruin Continue Reading
-
News
20 Jan 2020
GDPR nets more than €100m in fines, with more to come
Fines totalling €114m have already been collected under GDPR, and this figure will spike in 2020 if the UK regulator succeeds in imposing record fines on BA and Marriott Continue Reading
-
News
17 Jan 2020
App developers sue Facebook over ‘anti-competitive conduct’
Lawsuit is based on leaked internal Facebook documents obtained and published by Computer Weekly and NBC last year Continue Reading
-
News
17 Jan 2020
CAA debuts aviation cyber security assurance scheme
Civil Aviation Authority and Crest announce the first companies to be accredited under the CAA’s new cyber security oversight scheme, Assure Continue Reading
-
News
16 Jan 2020
UK’s phone and internet bulk data surveillance unlawful, says EU court opinion
The Advocate General of the European Court of Justice issues legal opinions finding that the UK, French and Belgian bulk surveillance regimes are unlawful Continue Reading
-
News
15 Jan 2020
TSB signs up IBM Services and announces Edinburgh tech hub
TSB has contracted IBM to provide hybrid cloud services as part of its £120m digital transformation plans, which will see more tech jobs in Scotland Continue Reading
-
News
15 Jan 2020
Last Windows 7 patch updates critical remote desktop flaw
It is no longer being supported with free updates, but Microsoft's final Patch Tuesday for Windows 7 fixes a major flaw in the 10-year-old operating system Continue Reading
-
News
15 Jan 2020
LGBTQ+ social app Grindr accused of breaching GDPR
Norwegian Consumer Council files complaints about LGBTQ+ social networking app, alleging it is in breach of the General Data Protection Regulation Continue Reading
-
News
13 Jan 2020
Travelex to begin restoring foreign exchange services two weeks after ‘Sodinokibi’ attack
Travelex says it is making “good progress” in its recovery and is to begin restoring electronic foreign exchange services, but is silent about whether it has agreed to pay hackers a $6m ransom to decrypt computer files Continue Reading
-
Opinion
10 Jan 2020
Learning from the Travelex cyber attack: Failing to prepare is preparing to fail
The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department Continue Reading
-
News
09 Jan 2020
Travelex hackers threaten to sell credit card data on dark web
Sodinokibi cyber gangsters have threatened to sell Travelex customers’ private data on a Russian underground cyber crime forum if it fails to pay a $6m ransom Continue Reading
-
Feature
09 Jan 2020
DRaaS decisions: Key choices in disaster recovery as a service
We examine the key decisions when considering DRaaS. Whether to go full self-service, assisted or managed will depend on what you need to protect and your in-house resources Continue Reading
-
News
09 Jan 2020
New GDPR service aims to ease compliance challenges
Security consultants claim their software platform will address a pressing need for an effective and efficient means of complying with data protection rules Continue Reading
-
News
08 Jan 2020
Half of UK citizens want tighter data regulations
Over 50% of UK citizens believe the gathering and use of personal data should be subject to more stringent government oversight, according to Fujitsu Continue Reading
-
News
07 Jan 2020
Government confirms IR35 private sector reforms under review ahead of April 2020 start date
Government honours pledge to embark on a review of its plans to extend the IR35 off-payroll rules to the private sector that will focus on ensuring the changes are introduced in a “smooth” way in April 2020 Continue Reading
-
News
07 Jan 2020
Broadcom flogs Symantec enterprise security unit to Accenture
Acquisition is set to make Accenture a global leader in managed cyber security services Continue Reading
-
News
06 Jan 2020
Cyber gangsters demand payment from Travelex after ‘Sodinokibi’ attack
Cyber criminals are demanding payment to decrypt Travelex’s computer files after a devastating malware attack. New questions have been raised about the security of Travelex’s computer network after it emerged the company waited eight months to patch vulnerable VPN servers Continue Reading
-
News
03 Jan 2020
Suspected ransomware attack causes worldwide disruption for Travelex
Travelex switches off computer systems and resorts to cash-only currency sales after malware attack. Insiders claim the currency exchange chain has been hit by ransomware which has left critical files containing customer data encrypted Continue Reading
-
News
02 Jan 2020
Google Health pioneers breast cancer AI scanning
An algorithm developed by Google Health promises to reduce the likelihood of patients being wrongly diagnosed, and improve abnormal mammogram scan identification Continue Reading
-
News
02 Jan 2020
California’s CCPA an opportunity for security industry to do better
California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners Continue Reading
-
News
02 Jan 2020
Interview: Why we need a GDPR for dead people
Back in 2000, there was no Facebook or Twitter and the smartphone revolution had not begun. Today, digital identities outlive the people they represent Continue Reading
-
News
31 Dec 2019
Top 10 investigative stories of 2019
Here are Computer Weekly’s top 10 investigative stories of 2019 Continue Reading
-
News
24 Dec 2019
Top 10 software development stories of 2019
Here are Computer Weekly’s top 10 software development stories of 2019 Continue Reading
-
News
20 Dec 2019
Loan charge review results: Government agrees to policy amendments to cut tax bills of 30,000 people
The government has announced a package of amendments to the loan charge policy that will remove 11,000 people from its scope, and cut the tax bills of 30,000 others Continue Reading
-
News
19 Dec 2019
EU court opinion finds EU-US data transfers lawful but raises questions over Privacy Shield
The Advocate General of the European Court says standard contractual clauses are lawful, but raises questions over the impact of US surveillance on the legality of Privacy Shield Continue Reading
-
News
19 Dec 2019
New UK government pledges to accelerate gigabit broadband delivery
New Conservative government’s Queen’s Speech reaffirms commitment to providing gigabit broadband access across the UK, but provides no specific timetable to meet commitments and targets Continue Reading
-
News
19 Dec 2019
Top 10 artificial intelligence stories of 2019
Here are Computer Weekly’s top 10 artificial intelligence stories of 2019 Continue Reading
-
Feature
19 Dec 2019
Human factors are critical to securing digital transformation
Sourcing the latest cyber security technology to support digital transformation projects is all well and good, but it’s meaningless if you fail to address your organisational culture and the people within it Continue Reading
-
News
18 Dec 2019
European Court of Justice rules that under-licensing is IP theft
Ruling from the European Court of Justice says that French mobile operator, Free Mobile, infringed the copyright of software company IT development Continue Reading
-
News
18 Dec 2019
Major US tech companies named in lawsuit over mining deaths of Congolese children
Multinational technology companies have been accused of knowingly benefiting from human rights abuses in the Democratic Republic of Congo Continue Reading
-
Feature
17 Dec 2019
What are the key issues facing healthcare CIOs?
Six healthcare IT leaders give their views on the major challenges for digital transformation across the NHS Continue Reading
-
News
17 Dec 2019
Subpostmasters proved right on IT system failures as calls for full public inquiry mount
Post Office has been “in denial” about the robustness of its core retail system, which a judge said was to blame for problems experienced by subpostmasters in a multimillion-pound group action Continue Reading
-
News
13 Dec 2019
Alarm bells ring, the IoT is listening
With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts Continue Reading
-
News
13 Dec 2019
New government faces calls to urgently deliver on pre-election pledge to review IR35 reforms
Contracting groups and trade associations say prime minister Boris Johnson must deliver on his party’s pledge to review the IR35 reforms and allay fears that it was an empty promise made to secure votes Continue Reading
-
Opinion
13 Dec 2019
Security Think Tank: Data-centric security requires context and understanding
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
13 Dec 2019
Subpostmasters got the best deal possible in legal battle with the Post Office, says lawyer
Subpostmasters ended their legal battle with the Post Office at the optimal time, according to the lawyer that managed the High Court action Continue Reading
-
Opinion
13 Dec 2019
Top tips for avoiding and dealing with data breaches
Been hacked, lost a laptop or sent an email to the wrong address? Do you need to notify anyone and what should you do? Find out in this simple guide Continue Reading
-
E-Zine
12 Dec 2019
CW Europe: Deutsche Bank creates innovation division
German banking giant Deutsche Bank is opening a division focused on innovation which will be led by former SAP executive Bernd Leukert. It will create agile teams with business and infrastructure divisions leading teams of technologists, using agile principles. Also read why China’s Huawei has offered governments an anti-industrial espionage commitment, and how software robots are helping social workers in Sweden. Continue Reading
-
News
11 Dec 2019
Lloyd's of London secures £300m for digital transformation
Lloyd's of London has secured funding for a modernisation programme that will start next year Continue Reading
-
Opinion
11 Dec 2019
How CI/CD helps digital organisations
Developments in technology have transformed IT management practices. We discuss the management implications of using CI/CD to drive digitisation initiatives Continue Reading
-
News
11 Dec 2019
Post Office settles legal dispute with subpostmasters, ending 20-year battle for lead claimant
The Post Office has settled its long-running legal dispute with subpostmasters, and will pay £57.75m in damages Continue Reading
-
Opinion
11 Dec 2019
Security Think Tank: Risk-based response critical to protect data
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
10 Dec 2019
Scottish Justice Committee wants extra powers for biometrics commissioner
Members of Scottish Parliament in the Justice Committee have welcomed the creation of a biometrics commissioner for Scotland, but want ensure that they have the ‘necessary teeth’ for the job Continue Reading
-
News
09 Dec 2019
US Department of Justice orders Ericsson to pay $1bn fine to settle bribery case
Swedish comms tech giant admitted what US attorney described as “years-long campaign of corruption in five countries to solidify its grip on telecommunications business” Continue Reading
-
News
06 Dec 2019
Dutch government must sort IT mess as priority
Dutch government lacks the knowledge and skills for its own IT strategy, according to scathing report Continue Reading
-
Opinion
05 Dec 2019
Security Think Tank: Time for a devolution of responsibility
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
05 Dec 2019
Huawei mounts legal challenge to US subsidy programme ban
Chinese tech giant fights back against FCC ban on carriers in the rural US from using the Universal Service Fund to buy its equipment and designation as threat to US national security Continue Reading
-
Opinion
04 Dec 2019
Security Think Tank: Optimise data-centric strategies with AI
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
03 Dec 2019
General Election 2019: Which manifesto is best for the UK’s tech sector?
Computer Weekly breaks down each political party’s technology policies ahead of the upcoming General Election to see how they compare Continue Reading
-
Opinion
03 Dec 2019
Cyber security: How to avoid a disastrous PICNIC
Fieldfisher’s David Lorimer examines how individual employees often facilitate cyber attacks, and what can be done to reduce the risk Continue Reading
-
Opinion
03 Dec 2019
Liberal Democrats: We want to lead the world in ethical, inclusive technology
Layla Moran, Liberal Democrat MP and party spokesperson for digital, culture, media and sport, writes about the party's technology policies ahead of the upcoming General Election Continue Reading
-
News
03 Dec 2019
Survey finds most firms don’t respond to GDPR requests in time
Most organisations do not respond to requests for GDPR data in the one month allowed, while many return incorrect data. The education sector does best, but the public sector lags behind Continue Reading
-
News
03 Dec 2019
Chinese web users take more risks than Brits or Americans
A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation Continue Reading
-
Opinion
28 Nov 2019
Ensuring your supplier onboarding process doesn’t undercut small suppliers
Given the unprecedented speed of global business, many companies are increasingly dependent on a great many third-party suppliers Continue Reading