IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
29 Apr 2025
Kaspersky calls for cyber immunity amid growing cyber threats
The rise of professional cyber crime groups and state-sponsored actors targeting critical infrastructure requires a move towards inherently secure ‘cyber immune’ systems, says Kaspersky CEO Eugene Kaspersky Continue Reading
-
News
25 Apr 2025
UK MoJ crime prediction algorithms raise serious concerns
The Ministry of Justice is using one algorithm to predict people’s risk of reoffending and another to predict who will commit murder, but critics say the profiling in these systems raises ‘serious concerns’ over racism, classism and data inaccuracies Continue Reading
-
News
25 Apr 2025
UK MoJ crime prediction algorithms raise serious concerns
The Ministry of Justice is using one algorithm to predict people’s risk of reoffending and another to predict who will commit murder, but critics say the profiling in these systems raises ‘serious concerns’ over racism, classism and data inaccuracies Continue Reading
-
News
24 Apr 2025
Data breach class action costs mount up
Organisations exposed to the US market paid out over $150m in class action settlements in just six months. Security leaders must do more to address cyber gaps, respond better to incidents and demonstrate compliance Continue Reading
-
Opinion
24 Apr 2025
Challenges persist as UK’s Cyber Security and Resilience Bill moves forward
Elements of the Cyber Security and Resilience Bill are welcome but questions remain about how best to act in the face of persistent challenges like geopolitical chaos, threats to critical infrastructure, and technological advances Continue Reading
-
Podcast
24 Apr 2025
Podcast: RSA 2025 to grapple with AI compliance, US and EU regulation
We preview RSA 2025 with Vigitrust CEO Mathieu Gorge who looks forward to learning lots around compliance and regulation as CIOs wrestle with artificial intelligence and geopolitical upheavals Continue Reading
-
Opinion
23 Apr 2025
Rethink authentication to remove the burden on users
The rise of AI powered threats and non-human identities will push an already strained identity security model over the edge Continue Reading
-
Feature
23 Apr 2025
Enterprise strategies for API management
Application programming interfaces are the connective tissue of the modern enterprise, driving innovation and integration. But managing them effectively requires enterprises to consider governance, security and lifecycle management while preparing for emerging threats and technologies like AI Continue Reading
-
News
23 Apr 2025
Amid uncertainty, Armis becomes newest CVE numbering authority
Amid an uncertain future for vulnerability research, exposure management company Armis has been given the authority to assign CVE IDs to newly discovered vulnerabilities Continue Reading
-
Opinion
22 Apr 2025
Beyond baselines - getting real about security and resilience
In an increasingly contested world, the UK government needs a security certification that goes beyond baseline measures. Continue Reading
-
News
22 Apr 2025
AI-powered APIs proving highly vulnerable to attack
The growth of AI is proving a double-edged sword for API security, presenting opportunities for defenders to enhance their resilience, but also more risks from AI-powered attacks, according to report Continue Reading
-
News
21 Apr 2025
Top APAC firms recognised at innovation awards
Citic Telecom, CapitaLand Investment and DBS Bank were among the region’s top industry innovators recognised for their digital transformation efforts at the Computer Weekly Innovation Awards APAC 2025 Continue Reading
-
News
21 Apr 2025
CW Innovation Awards: Transforming cyber security with AI
Facing rising cyber threats and a shortage of experts, Citic Telecom International CPC developed an AI-powered penetration testing tool to automate security audits and reduce costs Continue Reading
-
E-Zine
17 Apr 2025
CW EMEA: Shutting down cyber crime
In the Netherlands, the average ransomware attack costs firms about €514,000, and these huge sums mean it makes sense that the police invest their time and resources into combating it. One PhD student spent four years embedded in Dutch police cyber teams to conduct research on their efficacy. Continue Reading
-
News
17 Apr 2025
Tariff turmoil is making supply chain security riskier
Many businesses around the world are taking the decision to alter their supplier mix in the face of tariff uncertainty, but in doing so are creating more cyber risks for themselves, according to a report Continue Reading
-
Opinion
17 Apr 2025
Collaboration is the best defence against nation-state threats
The rise of DeepSeek has prompted the usual well-documented concerns around AI, but also raised worries about its potential links to the Chinese state. The Security Think Tank considers the steps security leaders can take to counter threats posed by nation state industrial espionage? Continue Reading
-
News
17 Apr 2025
Standard Chartered grounds AI ambitions in data governance
The bank’s group chief data officer, Mohammed Rahim, outlines how the bank is modernising its data infrastructure and governance practices to support its AI initiatives Continue Reading
-
News
16 Apr 2025
Footballers object to processing of performance data
Football players are seeking to gain more control of their performance data through ‘stop processing’ requests, in an attempt to strike a better balance between firms’ commercial interests and the data rights of footballers Continue Reading
-
News
16 Apr 2025
CISA extends Mitre CVE contract at last moment
The US Cybersecurity and Infrastructure Security Agency has ridden to the rescue of the under-threat Mitre CVE Programme, approving a last-minute, 11-month contract extension to preserve the project’s vital security vulnerability work Continue Reading
-
News
16 Apr 2025
Security leaders grapple with AI-driven threats
Experts warn of AI’s dual role in both empowering and challenging cyber defences, and called for intelligence sharing and the need to strike a balance between AI-driven innovation and existing security practices Continue Reading
-
News
15 Apr 2025
Mitre warns over lapse in CVE coverage
Mitre, the operator of the world-renowned CVE repository, has warned of significant impacts to global cyber security standards, and increased risk from threat actors, as it emerges its US government contract will lapse imminently Continue Reading
-
News
14 Apr 2025
Meta settles lawsuit over surveillance business model
Meta settles lawsuit over use of personal data in targeted advertising, opening up the possibility of other UK users raising legal objections to its processing Continue Reading
-
News
14 Apr 2025
Government faces claims of serious security and data protection problems in One Login digital ID
The Government Digital Service was warned about serious cyber security and data protection problems in its flagship digital identity system, with insider claims that the data of three million users may still be at risk Continue Reading
-
Feature
14 Apr 2025
The role of small language models in enterprise AI
Small language models do not require vast amounts of expensive computational resources and can be trained on business data Continue Reading
-
Opinion
14 Apr 2025
Defending the grid with secure connectivity
Connectivity providers, device manufacturers and the energy companies they support must prioritise cyber security as the use of IoT grows in Singapore's energy sector Continue Reading
-
News
11 Apr 2025
AI surveillance towers place migrants in ‘even greater jeopardy’
The use of autonomous surveillance towers throughout the English coast forces migrants into increasingly dangerous routes and contributes to their criminalisation Continue Reading
-
News
11 Apr 2025
Met Police to deploy permanent facial recognition tech in Croydon
The Met Police is set deploy permanent live facial recognition cameras on street furniture in Croydon from summer 2025, but local councillors say the decision – which has taken place with no community input – will further contribute the over-policing of Black communities Continue Reading
-
News
11 Apr 2025
Warranty fraud fuels hidden army of hardware hackers
Widespread warranty fraud is not only costing companies billions but also creating a breeding ground for advanced hardware exploits, warns hardware hacker and researcher Bunnie Huang at Black Hat Asia 2025 Continue Reading
-
News
10 Apr 2025
Spirit of openness helps banks get serious about stopping scams
Recent announcements show that banks, financial services firms and IT companies are increasing efforts to curb online scams Continue Reading
-
Opinion
08 Apr 2025
DeepSeek will help evolve the conversation around privacy
The rise of DeepSeek has prompted the usual well-documented concerns around AI, but also raised worries about its potential links to the Chinese state. The Security Think Tank considers the steps security leaders can take to counter threats posed by nation state industrial espionage? Continue Reading
-
Definition
08 Apr 2025
What is sustainability risk management (SRM)?
Sustainability risk management (SRM) is a business strategy that aligns profit goals with a company's environmental, social and governance (ESG) policies. Continue Reading
-
News
08 Apr 2025
IBM boosts AI mainframe capabilities with Z17
IBM continues to try to break out of the mindset that mainframes are just for transaction processing. The latest server offers greater AI capabilities Continue Reading
-
Opinion
08 Apr 2025
It’s time to stop the victim-blaming and insist on safer software
Businesses spend too much time and money protecting themselves against flaws and vulnerabilities in modern software products, when they ought to raise their expectations and insist on better solutions from providers Continue Reading
-
News
08 Apr 2025
Government punts cyber governance code of practice for UK businesses
The Department for Science, Innovation and Technology’s cyber security minister Feryal Clark announces a cyber security code of governance for UK businesses to follow Continue Reading
-
News
08 Apr 2025
Over £18m stolen from Santander UK customers in first three months of year
Bank’s latest quarterly report on scams said over £18m was stolen from its UK customers by scammers Continue Reading
-
News
07 Apr 2025
UK SMEs losing over £3bn a year to cyber incidents
A lack of access to technology, little to no staff training, and competing priorities are losing UK SMEs up to £3.4bn to cyber incidents every year Continue Reading
-
News
07 Apr 2025
Court rejects Home Office bid for blanket secrecy in hearings over Apple encryption case
Investigatory Powers Tribunal rejects Home Office arguments that identifying the ‘bare details’ of legal action by Apple would damage national security, leaving open possibility of future open court hearings Continue Reading
-
News
07 Apr 2025
Fintech body calls on government for national anti-fraud centre
Industry body says a national anti-fraud centre could be the vehicle required to effectively fight fraud through data sharing Continue Reading
-
News
04 Apr 2025
Norway and Nordic financial sector ramps up cyber security
Finans Norge sets up cyber security unit CTSU to support the finance sector in Norway amid increasing threats Continue Reading
-
News
04 Apr 2025
Banks to share fraud data with tech firms in cross-sector collaboration
UK banks join tech firms in fraud data-sharing initiative to enable collaboration on action to stop online scams Continue Reading
-
Opinion
03 Apr 2025
Taking a ‘good enough’ approach with cloud security isn't enough
In the wake of the January 2025 'Codefinger' attacks against AWS S3 users, Thales Rob Elliss argues that many organisations are dropping the ball when it comes to their understanding of cloud security best practice Continue Reading
-
News
03 Apr 2025
Are LLM firewalls the future of AI security?
As large language models permeate industries, experts at Black Hat Asia 2025 debate the need for LLM firewalls and explore their role in fending off emerging AI threats Continue Reading
-
Opinion
02 Apr 2025
Apple’s appeal to the Investigatory Powers Tribunal over the UK’s encryption ‘backdoor’ explained
Apple has appealed to the Investigatory Powers Tribunal over an order by home secretary Yvette Cooper to give the UK access to customers’ data protected by Advanced Data Protection encryption. What happens next? Continue Reading
-
News
01 Apr 2025
Apple devices are at ‘most risk’ in UK following government ‘backdoor’ order
Home Office refuses to answer questions from Lords over technical capability notice issued against Apple’s iCloud Advanced Data Protection encryption services Continue Reading
-
News
31 Mar 2025
Top 1,000 IT service providers in scope of UK cyber bill
The government’s proposed Cyber Security and Resilience Bill is set to include regulatory provisions covering both datacentre operators and larger IT service providers Continue Reading
-
News
31 Mar 2025
Reassessing UK law enforcement data adequacy
Computer Weekly takes stock of proposed changes to the UK’s law enforcement data protection rules and how it could affect data adequacy with the European Union Continue Reading
-
News
31 Mar 2025
UK law enforcement data adequacy at risk
The UK government says reforms to police data protection rules will help to simplify law enforcement data processing, but critics argue the changes will lower protection to the point where the UK risks losing its European data adequacy Continue Reading
-
Feature
31 Mar 2025
Meeting the UK’s compute capacity needs: Alternatives to hyperscale datacentre builds
Since coming to power, the Labour government has set out plans to accelerate new datacentre builds. We look at how this is evolving Continue Reading
-
Opinion
28 Mar 2025
Countering nation-state cyber espionage: A CISO field guide
The rise of DeepSeek has prompted the usual well-documented concerns around AI, but also raised worries about its potential links to the Chinese state. The Security Think Tank considers the steps security leaders can take to counter threats posed by nation state industrial espionage? Continue Reading
-
News
26 Mar 2025
Military AI caught in tension between speed and control
The use of artificial intelligence in military contexts can unlock a range of benefits for defence organisations, but also highlights a clear tension between speed and control baked into the technology Continue Reading
-
Podcast
26 Mar 2025
Gartner on agentic AI: A Computer Weekly Downtime Upload podcast
We speak to Gartner’s Anushree Verma about the route from robotic process automation to agentic AI in corporate IT Continue Reading
-
News
25 Mar 2025
Public Accounts Committee calls out legacy IT
Unsupported and out-of-date software and hardware are hindering the government’s artificial intelligence plans for the public sector Continue Reading
-
Opinion
24 Mar 2025
Why I am challenging Yvette Cooper’s ‘secret backdoor’ order against Apple’s encryption
I took steps to lock down all personal data after I was named as an opponent of Russia. Now I am again worried about my family's safety after the home secretary issued a secret order against Apple Continue Reading
-
Feature
24 Mar 2025
Ethical qualms prompt challenging social media migrations
Changing content moderation and artificial intelligence training practices means social media has undergone a fundamental shift in the past six months, presenting organisations and people migrating away from these platforms for ethical reasons with a number of practical challenges Continue Reading
-
News
20 Mar 2025
NCSC proposes three-step plan to move to quantum-safe encryption
The NCSC urges service providers, large organisations and critical sectors to start thinking today about how they will migrate to post-quantum cryptography over the next decade Continue Reading
-
News
19 Mar 2025
DeepMind founder warns of compounding AI agent errors
Artificial general intelligence may be years away, but in the meantime, organisations are being urged to adopt agent technology Continue Reading
-
News
19 Mar 2025
How Telefónica avoided VMware price hike
While some some organisations look for alternatives to VMware, Telefónica Germany has taken a different approach based on third-party support Continue Reading
-
E-Zine
18 Mar 2025
UK under-prepared for catastrophic cyber attack
In this week’s Computer Weekly, MPs have been told the UK is under-prepared to cope with a catastrophic cyber attack – we find out where the problems lie. Our new buyer’s guide assesses the challenges of datacentre capacity planning. And one of the UK’s most successful businessmen, Sir Martin Sorrell, gives his view on the risks and opportunities of AI. Read the issue now. Continue Reading
-
News
18 Mar 2025
Seaco charts course for unified security strategy
Shipping container leasing giant consolidates security tools onto a single platform, leveraging AI and extended detection and response to improve security operations Continue Reading
-
News
17 Mar 2025
PSNI’s ‘ridiculous’ withholding of evidence in spying operation delayed court hearings
Landmark ruling by the Investigatory Powers Tribunal will decide whether the surveillance court can award costs against government bodies accused of unreasonable behaviour Continue Reading
-
News
17 Mar 2025
Online Safety Act measures come into effect
Regulator Ofcom is now able to take enforcement action against platforms under the Online Safety Act if they fail to proactively safeguard against content such as terrorist or child sexual abuse material Continue Reading
-
News
17 Mar 2025
How Oracle is using AI to combat financial crime
The tech giant is leveraging artificial intelligence to surface fraudulent financial transactions and improve the efficiency of financial crime investigations, offering relief to banks battling high costs and alert fatigue Continue Reading
-
News
14 Mar 2025
Apple encryption legal challenge heard behind closed doors despite calls for public hearing
Investigatory Powers Tribunal hearing held behind closed doors as press and civil society groups argue for open hearings Continue Reading
-
News
14 Mar 2025
AI Action Summit review: Differing views cast doubt on AI’s ability to benefit whole of society
Governments, companies and civil society groups gathered at the third global AI summit to discuss how the technology can work for the benefit of everyone in society, but experts say competing imperatives mean there is no guarantee these visions will win out Continue Reading
-
Definition
14 Mar 2025
What is pharming?
Pharming is a scamming practice in which malicious code is installed on a PC or server, misdirecting users to fraudulent websites without their knowledge or consent. Continue Reading
-
Opinion
14 Mar 2025
How CISOs can counter the threat of nation state espionage
The rise of DeepSeek has prompted the usual well-documented concerns around AI, but also raised worries about its potential links to the Chinese state. The Security Think Tank considers the steps security leaders can take to counter threats posed by nation state industrial espionage? Continue Reading
-
News
13 Mar 2025
Chinese espionage group UNC3886 targets Juniper routers
Advanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring Continue Reading
-
News
13 Mar 2025
SuperBlack ransomware may have ties to LockBit
Forescout researchers report on a new ransomware gang that appears to be keeping the legacy of the notorious LockBit crew alive Continue Reading
-
News
13 Mar 2025
HMRC looks to upgrade SOC with advanced SIEM tech
HMRC issues a request for information notice ahead of opening up bids for a new security information and event management project that aims to reinforce its ability to respond to cyber threats Continue Reading
-
News
13 Mar 2025
Driving licence data could be used for police facial recognition
The government’s Crime and Policing Bill could allow police to access the UK driving licence database for use in facial recognition watchlists, but the Home Office denies biometric data would be repurposed in this way Continue Reading
-
News
11 Mar 2025
March Patch Tuesday brings 57 fixes, multiple zero-days
The third Patch Tuesday of 2025 brings fixes for 57 flaws and a hefty number of zero-days Continue Reading
-
News
11 Mar 2025
Perimeter security appliances source of most ransomware hits
Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports Continue Reading
-
News
11 Mar 2025
Dutch police disrupt half of ransomware operations, finds embedded PHD student
Dutch PhD study reveals the impact of centralised intelligence and strategic interventions in the fight against ransomware Continue Reading
-
News
11 Mar 2025
UK government under-prepared for catastrophic cyber attack, hears PAC
The Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par Continue Reading
-
News
11 Mar 2025
Singapore IT leaders boost AI security defences
Study reveals a surge in perceived importance of artificial intelligence for cyber security in Singapore, but declining investment in traditional measures raises concerns as sophisticated cyber attacks intensify Continue Reading
-
News
10 Mar 2025
How CISOs are tackling cyber security challenges
Security chiefs at the recent Gartner Security and Risk Management Summit in Sydney share insights on navigating board communication, organisational resilience and the importance of understanding business needs Continue Reading
-
News
07 Mar 2025
Managing security in the AI age
Gartner experts offer guidance on harnessing AI’s power while mitigating its risks, from managing shadow AI to implementing security controls and policies Continue Reading
-
News
06 Mar 2025
UK cyber security damaged by ‘clumsy Home Office political censorship’
Britain’s National Cyber Security Centre secretly censors computer security guidance and drops references to encryption Continue Reading
-
Feature
06 Mar 2025
Norway says ‘no way’ to global financial crime
Oslo’s startup ecosystem is fighting back against cyber criminals with tech to wipe out attacks rather than just detect them Continue Reading
-
News
06 Mar 2025
Going beyond search: Elastic’s observability and security play
Elastic’s chief product officer Ken Exner talks up the company’s expansion into observability and security and how it balances innovation with community contributions and monetisation Continue Reading
-
News
05 Mar 2025
Apple IPT appeal against backdoor encryption order is test case for bigger targets
The Home Office decision to target Apple with an order requiring access to users’ encrypted data is widely seen as a ‘stalking horse’ for attacks against encrypted messaging services WhatsApp, Telegram and Signal Continue Reading
-
News
05 Mar 2025
NHS investigating how API flaw exposed patient data
NHS patient data was left vulnerable by a flaw in an application programming interface used at online healthcare provider Medefer Continue Reading
-
News
04 Mar 2025
Aussie businesses ramp up security spending
Australian organisations are set to spend A$6.2bn on security and risk management in 2025, a 14.4% jump from the previous year, driven by the rise of AI and a growing threat landscape Continue Reading
-
News
03 Mar 2025
Singapore’s HomeTeamNS hit by ransomware attack
The non-profit organisation suffered a ransomware attack that affected some servers containing employee and member data, prompting an investigation and enhanced security measures Continue Reading
-
News
28 Feb 2025
France pushes for law enforcement access to Signal, WhatsApp and encrypted email
Proposals to be discussed in the French Parliament will require tech companies to hand over decrypted messages and email or face huge fines Continue Reading
-
News
28 Feb 2025
NHS staff lack confidence in health service cyber measures
NHS staff understand their role in protecting the health service from cyber threats and the public backs them in this aim, but legacy tech and a lack of training are hindering efforts, according to BT Continue Reading
-
Opinion
27 Feb 2025
Secure software: Third-party suppliers your first-party risk
Outgoing CISA chief Jen Easterly called on buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what best practice for secure software procurement looks like in 2025 Continue Reading
-
News
27 Feb 2025
CVE volumes head towards 50,000 in 2025, analysts claim
Many trends, notably a big shift to open source tools, are behind an expected boom in the number of disclosed vulnerabilities Continue Reading
-
News
26 Feb 2025
CISOs spending more on insider risk
Insider risk management budgets have more than doubled in the past 12 months and look set to grow further still in 2025, according to a report Continue Reading
-
Opinion
26 Feb 2025
Everything, everywhere, all at once: automated decision-making in public services
Despite the UK government's fervent embrace of artificial intelligence, there is still little meaningful transparency around the scope of the technology's deployment throughout public services Continue Reading
-
News
26 Feb 2025
Scottish police fail to record ethnicity in DNA database
Scottish policing bodies are failing to properly record and publish data on the ethnicity of arrested people, making it impossible to determine whether they are discriminating against certain sections of the population Continue Reading
-
News
25 Feb 2025
Singapore rolls out guidelines to bolster cloud and datacentre resilience
New advisory guidelines to enhance resilience and security of cloud services and datacentres in Singapore amid potential service disruptions and growing cyber threats Continue Reading
-
Opinion
25 Feb 2025
Reflecting on three years of cyber warfare in Ukraine
With the third anniversary of Russia's illegal invasion of Ukraine passing this week, Charl Van Der Walt reflects on how the cyber threat landscape in Europe has changed since 2022 Continue Reading
-
E-Zine
25 Feb 2025
Rethinking the route to net zero
In this week’s Computer Weekly, our latest buyer’s guide looks at the need to apply innovative and long-term thinking to reducing carbon emissions in IT. We find out how retailer Dunelm is benefiting from a programme to attract, retain and support women in tech. And Volvo Cars explains why the future for its vehicles is software-defined. Read the issue now. Continue Reading
-
News
24 Feb 2025
European Union calls for more cyber data-sharing with Nato
Updates to the EU’s Cyber Blueprint, establishing best practice for multilateral security incident response in Europe, include calls for more collaboration with Nato member states, as the geopolitical environment becomes ever more fractious Continue Reading
-
News
23 Feb 2025
Check Point co-founder on AI, quantum and independence
Gil Shwed, Check Point’s co-founder and executive chairman, discusses the company’s focus on artificial intelligence-driven security and his commitment to remaining an independent force in the cyber security market Continue Reading
-
News
21 Feb 2025
UK police forces ‘supercharging racism’ with predictive policing
Amnesty International says predictive policing systems are ‘supercharging racism’ in the UK by taking historically biased data to further target poor and racialised communities Continue Reading
-
News
20 Feb 2025
Watchdog approves Sellafield physical security, but warns about cyber
The Office for Nuclear Regulation has taken Sellafield out of special measures for physical security, but harbours cyber security concerns Continue Reading
-
E-Zine
20 Feb 2025
CW APAC – Trend Watch: CIO trends 2025
It will be no surprise to see artificial intelligence high on the agenda for 2025. In this handbook, focused on CIO trends in the Asia-Pacific region, Computer Weekly looks at how banks are navigating technology, the continued importance of cyber security, and how enterprises can cement their AI future. Continue Reading
-
Opinion
20 Feb 2025
Privacy at a crossroads in the age of AI and quantum
The confluence of artificial intelligence and quantum computing magnifies the risk to privacy, data security and trust, says Gartner's Bart Willemsen Continue Reading
-
Feature
19 Feb 2025
Quantum computing in cyber security: A double-edged sword
Scepticism still abounds, but quantum computing stocks have boomed this year. In the world of cyber, however, quantum brings both unprecedented capabilities and significant threats, demanding careful attention Continue Reading
-
News
19 Feb 2025
Warning over privacy of encrypted messages as Russia targets Signal Messenger
Russia is using phishing attacks to compromise encrypted Signal Messenger services used by targets in the Ukraine. Experts warn that other encrypted app users are at risk Continue Reading