IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
News
30 Apr 2025
Current SaaS delivery model a risk management nightmare, says CISO
JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience Continue Reading
-
News
30 Apr 2025
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack Continue Reading
-
News
10 Oct 2024
NCSC issues fresh alert over wave of Cozy Bear activity
The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks Continue Reading
-
News
10 Oct 2024
Government launches cyber standard for local authorities
Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks Continue Reading
-
News
10 Oct 2024
Internet Archive web historians target of hacktivist cyber attack
The Internet Archive nonprofit digital library and Wayback Machine operator has been attacked by pro-Palestinian hacktivists Continue Reading
-
News
10 Oct 2024
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them Continue Reading
-
News
10 Oct 2024
UK and US pledge closer working on children’s online safety
In their first agreement on the subject of children’s online safety, the UK and US governments have said they will create a new working group to boost cooperation Continue Reading
-
News
10 Oct 2024
Australia bolsters cyber defences with security bill
Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience Continue Reading
-
News
09 Oct 2024
MoneyGram customer data breached in attack
MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff Continue Reading
-
News
09 Oct 2024
Five zero-days to be fixed on October Patch Tuesday
Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform Continue Reading
-
News
08 Oct 2024
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks Continue Reading
-
News
08 Oct 2024
Post Office IT transformation project was ‘set up to fail’, chairman tells inquiry
Post Office interim chairman tells Horizon public inquiry that the Post Office needs to reset New Branch IT project Continue Reading
-
News
08 Oct 2024
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses Continue Reading
-
News
08 Oct 2024
Can the Post Office project to replace Horizon be rescued?
Evidence from the Post Office public inquiry shows huge problems with the critical project to replace the troubled Horizon IT system – after two government-mandated reviews, is there any sign it can succeed? Continue Reading
-
News
07 Oct 2024
Labour sets up new office to coordinate tech innovation regulations
The newly formed Regulatory Innovation Office has been set up to ensure existing regulations do not become barriers to emerging tech innovations Continue Reading
-
Feature
07 Oct 2024
Why responsible AI is a business imperative
Tools are emerging for real-world AI systems that focus more on responsible adoption, deployment and governance, rather than academic and philosophical questions about speculative risks Continue Reading
-
News
04 Oct 2024
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne Continue Reading
-
News
04 Oct 2024
Post Office senior executive suspended over allegations of destroying evidence
Statement to public inquiry reveals that investigation is underway over allegations that a senior Post Office executive instructed staff to destroy evidence Continue Reading
-
News
03 Oct 2024
Microsoft files lawsuit to seize domains used by Russian spooks
Microsoft has been given permission to seize multiple domains used by the Russian state threat actor Star Blizzard as part of a coordinated disruption effort undertaken ahead of the US elections Continue Reading
-
News
03 Oct 2024
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report Continue Reading
-
News
03 Oct 2024
Local councils need ‘better support’ to buy AI responsibly
The Ada Lovelace Institute says there is lack of adequate support on how councils can safely and responsibly procure artificial intelligence systems in the public interest Continue Reading
-
Opinion
03 Oct 2024
Rise of the cyber clones: When seeing isn’t believing
It is frighteningly easy to clone someone else's identity using readily-available artificial intelligence tools Continue Reading
-
News
03 Oct 2024
Post Office and Fujitsu: from blood brothers to bad blood
Former Post Office chief transformation officer’s evidence to the public inquiry reveals organisation’s strained relationship with main IT supplier Fujitsu Continue Reading
-
News
02 Oct 2024
UK and Singapore to collaborate on supporting ransomware victims
At the fourth Counter Ransomware Initiative Summit in the US, both the UK and Singapore have committed to working on new guidance designed to better support victims and undermine cyber criminal business models Continue Reading
-
News
01 Oct 2024
APAC organisations embrace generative AI
Study reveals a surge in GenAI adoption across APAC, with businesses looking to train their own models, likely to address specific regional needs and market dynamics Continue Reading
-
News
01 Oct 2024
Post Office ditches MoneyGram after cyber attack
The Post Office offered a short extension to enable it to asses the impact of the MoneyGram cyber incident, but the contract has now expired and MoneyGram services are no longer available in Post Office branches Continue Reading
-
Opinion
30 Sep 2024
The cyber industry needs to accept it can't eliminate risk
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
30 Sep 2024
Investigation finds 'reasonable likelihood' Post Office Capture software caused accounting losses
An independent forensic analysis finds the predecessor to Horizon IT system was also likely to have caused shortfalls for which subpostmasters were blamed, years before the Post Office scandal Continue Reading
-
News
27 Sep 2024
Printing vulnerability affecting Linux distros raises alarm
Security pros need to get in front of a series of vulnerabilities affecting the Cups Linux printing service after an apparently botched disclosure process saw technical details published in advance of a patch Continue Reading
-
Opinion
27 Sep 2024
Defaulting to open: Decoding the (very public) CrowdStrike event
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
Opinion
27 Sep 2024
Cyber companies need a best practice approach to major incidents.
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
26 Sep 2024
Racist Network Rail Wi-Fi hack was work of malicious insider
Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers Continue Reading
-
News
26 Sep 2024
Subpostmasters living years with disputed but unresolved debts to the Post Office, inquiry told
Continued errors with the Horizon system mean subpostmasters have unresolved account shortfalls hanging over them for years Continue Reading
-
News
26 Sep 2024
Islamophobic cyber attack downs Wi-Fi at UK transport hubs
An apparent hacktivist attack disrupted public-facing Wi-Fi networks at UK rail stations to display Islamophobic content Continue Reading
-
News
25 Sep 2024
CrowdStrike apologises to US government for global mega-outage
CrowdStrike executive Adam Meyers appears before a US government committee to explain the series of errors that led directly to one of the biggest IT outages in history Continue Reading
-
News
25 Sep 2024
Post Office IT procurement mess saw £35m spent on air conditioner, says board member
Post Office IT procurement mistakes have wasted millions of pounds of taxpayers money, non-executive board member tells public inquiry Continue Reading
-
News
24 Sep 2024
Money transfer firm MoneyGram rushes to contain cyber attack
Money transfer specialist MoneyGram services remain down several days after a network outage developed into a full-blown cyber security incident Continue Reading
-
News
24 Sep 2024
Unique malware sample volumes seen surging
BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks Continue Reading
-
Opinion
24 Sep 2024
How to respond when your cyber company becomes the story
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
23 Sep 2024
Microsoft shares progress on Secure Future Initiative
Microsoft has published a progress report on its Secure Future Initiative, launched last year in the wake of multiple security incidents, and made a series of commitments to improve its internal cyber culture Continue Reading
-
News
23 Sep 2024
Home Office eVisa scheme is ‘broken’, says Open Rights Group
Digital rights campaigners say the Home Office’s plan to make its new electronic Visa scheme a real-time online-only process is part and parcel of the 'hostile environment' around immigration status Continue Reading
-
Opinion
23 Sep 2024
Gartner: Mitigating security threats in AI agents
Agents represent a step-change in the use of artificial intelligence in the enterprise - as attendees at Salesforce's annual conference saw first hand this month - but do not come without their risks Continue Reading
-
Feature
23 Sep 2024
Driving IT sustainability in datacentres
Europe’s datacentre operators need to get their power report cards to comply with the European Commission’s drive to greener EU datacentres Continue Reading
-
News
20 Sep 2024
UN body urges ‘globally inclusive and distributed’ AI governance
A United Nations body set up to investigate the international governance of AI says the nature of how the technology currently operates requires a global approach to regulation that prioritises equity and inclusion Continue Reading
-
Opinion
20 Sep 2024
CrowdStrike incident shows we need to rethink cyber
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
19 Sep 2024
CIOs urged to pace AI adoption
At the recent Gartner IT Symposium 2024 in Gold Coast, experts call for CIOs to pace their adoption of AI, manage costs and embrace ‘augmented leadership’ Continue Reading
-
News
18 Sep 2024
NCSC exposes Chinese company running malicious Mirai botnet
The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions Continue Reading
-
Opinion
18 Sep 2024
Global AI regulation is heating up: can the UK afford to remain silent?
Why UK lawmakers should be pro-active about introducing AI regulation Continue Reading
-
News
18 Sep 2024
Public digital transformation will be challenged by austerity
Public sector and IT industry figures gathered at TechUK’s 10th annual Building the Smarter State event discussed how Labour’s ‘mission-driven’ policy approach can drive digital transformation efforts in the context of fresh austerity measures Continue Reading
-
News
17 Sep 2024
Salesforce’s agentic AI platform to transform business automation
CRM giant’s Agentforce lets organisations build and deploy autonomous agents to automate business processes through advanced learning and data integration Continue Reading
-
News
17 Sep 2024
Fujitsu loses £50m in sales after Post Office scandal furore
Supplier of the controversial Horizon IT system has been hit by public outrage after the Post Office scandal became mainstream news Continue Reading
-
Feature
16 Sep 2024
Will autonomous weapons make humans passive participants in war?
Experts warn the emergence and adoption of AI-powered military systems may eventually push battlefield decision-making beyond the limits of human cognition Continue Reading
-
Opinion
13 Sep 2024
Why digital resilience is critical to success with AI at scale
Many early adopters of AI find implementation realities do not live up to the technology's promise - organisations can avoid such frustrations through a greater focus on digital resilience Continue Reading
-
Feature
12 Sep 2024
Kubernetes disaster recovery: Five key questions
We look at disaster recovery for Kubernetes environments, the key challenges to deployment of K8s DR, the risks we aim to mitigate, how to build a plan and the key infrastructure requirements Continue Reading
-
News
12 Sep 2024
Lord introduces bill to regulate public sector AI and automation
A private members’ bill seeking to regulate the use of artificial intelligence (AI) and other automated technologies throughout the public sector has been brought to Parliament Continue Reading
-
News
12 Sep 2024
Data sharing for immigration raids ferments hostility to migrants
Data sharing between public and private bodies for the purposes of carrying out immigration raids helps to prop up the UK’s hostile environment by instilling an atmosphere of fear and deterring migrants from accessing public services Continue Reading
-
News
12 Sep 2024
UK and others sign first ‘binding’ treaty on AI and human rights
The UK, US and EU have all signed a treaty from the Council of Europe that aims to mitigate the threat AI poses to human rights, democracy and the rule of law, but commentators say it lacks enforcement mechanisms and creates loopholes Continue Reading
-
News
11 Sep 2024
Datacentres granted critical national infrastructure status
The global IT outage caused by CrowdStrike has shown why keeping datacentres secure and safe is critical to the UK Continue Reading
-
News
11 Sep 2024
HMRC could lose millions in unpaid tax as non-compliant umbrella enters pre-pack administration
HMRC looks set to miss out on millions of pounds in unpaid tax it is owed by a non-compliant umbrella company that slipped into administration, prompting renewed calls for the sector to be regulated Continue Reading
-
Opinion
09 Sep 2024
Developing nations need the UN cyber crime treaty to pass
The UN cyber crime treaty is flawed but represents a move in the right direction for developing nations seeking greater digital sovereignty Continue Reading
-
News
05 Sep 2024
NCSC and allies call out Russia's Unit 29155 over cyber warfare
The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155 Continue Reading
-
News
05 Sep 2024
Fog ransomware crew evolving into wide-ranging threat
The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims Continue Reading
-
News
05 Sep 2024
Ongoing TfL cyber attack takes out Dial-a-Ride service
The Dial-a-Ride assisted transit service for disabled people had to temporarily suspend part of its operations as Transport for London deals with an ongoing cyber attack, but the service has now been recovered Continue Reading
-
Opinion
05 Sep 2024
Building the next generation of digital public services
The UK's plans for the digital transformation of public services have lost their way - making it even harder to engage with government digitally. Other countries are showing us there is a better solution Continue Reading
-
News
04 Sep 2024
Retailers question using live facial recognition for shoplifting
Retailers praise benefits of retrospective over live facial recognition in dealing with shoplifting, but stress there are ongoing concerns around the ethical, legal and safety implications of using the technology in stores Continue Reading
-
News
04 Sep 2024
CMA clears Microsoft and Inflection AI transaction
Microsoft’s hiring of Inflection AI teams is regarded as a merger under UK law, but this deal has not curbed competition in the artificial intelligence market Continue Reading
-
News
04 Sep 2024
Fraud and scam complaints hit highest ever level in UK
The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded Continue Reading
-
Feature
04 Sep 2024
ERP firms target carbon reporting role
As their customers face regulatory challenges ahead, ERP providers have been busy adding functionality to support reporting their green initiatives Continue Reading
-
News
04 Sep 2024
Post Office and Fujitsu malevolence and incompetence means huge final taxpayers’ bill
The human tragedy caused by the Post Office scandal cannot be measured, but the total financial cost will be well beyond the £1bn set aside by the government Continue Reading
-
Opinion
04 Sep 2024
Cyber firms need to centre their own resilience
The Computer Weekly Security Think Tank panel considers incident response in the wake of the July CrowdStrike incident, sharing their views on what CrowdStrike got wrong, what it did right, and next steps Continue Reading
-
News
03 Sep 2024
TSB systems could be on the move again as BBVA eyes its parent
TSB was migrated to the systems of Sabadell in a project remembered for its monumental IT meltdown in 2018 Continue Reading
-
News
30 Aug 2024
Norwegian Refugee Council leverages Okta for Good cyber scheme
Pietro Galli, CIO of the Norwegian Refugee Council, reveals how the globally distributed NGO has been taking advantage of the Okta for Good CSR programme to improve its own cyber security and data protection practice, and elevate good practice in the third sector Continue Reading
-
News
29 Aug 2024
Iranian APT caught acting as access broker for ransomware crews
Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits Continue Reading
-
Opinion
29 Aug 2024
Cyber law reform should be top of Labour's policy list
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
29 Aug 2024
Study highlights secure software supply chain best practices
Security trends report from open source firm shows the approaches IT leaders take to secure their software supply chain Continue Reading
-
News
29 Aug 2024
Met Police deploy LFR in Lewisham without community input
The Met’s latest live facial recognition deployment in Catford has raised concerns over the lack of community engagement around the police force’s use of the controversial technology Continue Reading
-
Opinion
29 Aug 2024
Governments looking to "small IT” for greater project success
Governments should invest in smaller pilots, hypothesis testing and co-development with vendors before committing to large production rollouts to avoid project failures Continue Reading
-
Opinion
28 Aug 2024
A coherent Labour cyber strategy depends on consistency
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
28 Aug 2024
Iranian APT Peach Sandstorm teases new Tickler malware
Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence Continue Reading
-
News
28 Aug 2024
Global cyber spend to rise 15% in 2025, pushed along by AI
Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner Continue Reading
-
Opinion
27 Aug 2024
Extending zero-trust principles to endpoints
By combining zero-trust principles with other security strategies and continuously monitoring and improving their security posture, organisations can effectively mitigate risks and protect their resources, says Gartner's Nikul Patel Continue Reading
-
Opinion
27 Aug 2024
The US courts may have thrown a wrench into cyber regulation
A recent decision by the US Supreme Court to overrule the longstanding Chevron Deference has serious implications for global cyber security regulation Continue Reading
-
Opinion
27 Aug 2024
Public education on security must be a top priority for Labour
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
26 Aug 2024
Linus Torvalds discusses Linux development, security and AI at KubeCon
Linus Torvalds delves into the challenges in Linux development, the importance of swift security responses, and artificial intelligence’s future role in kernel programming Continue Reading
-
News
22 Aug 2024
Post Office apologises for IT problem text alert that was never sent
After subpostmasters complained they received no communications from the Post Office when they could not log in to the Horizon IT system, the organisation admits a text message alert failed to be sent Continue Reading
-
News
21 Aug 2024
Pakistani national arrested over Southport ‘cyber terrorism’
Authorities in Pakistan have arrested a man on suspicion of cyber terrorism over his role in the spread of online misinformation in the wake of the Southport knife attack Continue Reading
-
Opinion
20 Aug 2024
From manifesto to material: What No. 10 needs to make reality
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
20 Aug 2024
ICO launches privacy notice tool for SMEs
ICO tool designed to make it easier for small businesses and sole traders operating online to create bespoke data privacy notices for compliance purposes Continue Reading
-
News
20 Aug 2024
Phishing links becoming bigger threat than email attachments
Phishing techniques are evolving away from malicious email attachments, according to a report Continue Reading
-
News
19 Aug 2024
Popular Microsoft apps for Mac at risk of code injection attacks
Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem Continue Reading
-
Opinion
19 Aug 2024
How might the UK's cyber landscape change under Labour?
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
16 Aug 2024
Thousands of NetSuite customers accidentally exposing their data
Misconfigured permissions across live websites are leaving thousands of NetSuite users open to having their valuable customer data stolen, researchers say Continue Reading
-
News
16 Aug 2024
Campaigners criticise Starmer post-riot public surveillance plans
A UK government programme to expand police facial recognition and information sharing after racist riots is attracting criticism from campaigners for exploiting the far-right unrest to generally crack down on protest and increase surveillance Continue Reading
-
Opinion
15 Aug 2024
Google's cookie conundrum: What comes next?
Google's revised approach to third-party cookies shouldn't come as a surprise, and may also be welcome Continue Reading
-
Opinion
15 Aug 2024
With the right tools and strategy, public cloud should be safe to use
Despite the complexity and evolving nature of threats, with the right strategy, tools, and constant vigilance, businesses can safely and securely leverage public cloud services Continue Reading
-
News
14 Aug 2024
Automated police tech contributes to UK structural racism problem
Civil society groups say automated policing technologies are helping to fuel the disparities that people of colour face across the criminal justice sector, as part of wider warning about the UK’s lack of progress in dealing with systemic racism Continue Reading
-
News
14 Aug 2024
IR35 public sector reforms: HS2 finalises £6.2m settlement with HMRC over compliance failings
After setting aside over £10m to cover its IR35 compliance liabilities, HS2 accounts confirm the organisation reached a final settlement with HMRC totalling £6.2m Continue Reading
-
News
13 Aug 2024
NIST debuts three quantum-safe encryption algorithms
NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can Continue Reading
-
Opinion
13 Aug 2024
Labour's first cyber priority must be the NHS
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
Feature
12 Aug 2024
AI interview: Thomas Dekeyser, researcher and film director
On the politics of ‘techno-refusal’, and the lessons that can be learned from a clandestine group of French IT workers who spent the early 1980s sabotaging technological infrastructure Continue Reading
-
Feature
09 Aug 2024
How UK firms can get ready for the implementation of NIS2
Many British companies will need to adhere to NIS2’s cyber security risk management and reporting requirements if they want to continue operating in the EU market and avoid huge fines Continue Reading
-
News
09 Aug 2024
The Security Interviews: Google’s take on confidential computing
We speak to Google’s Nelly Porter about the company’s approach to keeping data as safe as possible on Google Cloud Continue Reading