IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
26 Mar 2025
Military AI caught in tension between speed and control
The use of artificial intelligence in military contexts can unlock a range of benefits for defence organisations, but also highlights a clear tension between speed and control baked into the technology Continue Reading
-
Podcast
26 Mar 2025
Gartner on agentic AI: A Computer Weekly Downtime Upload podcast
We speak to Gartner’s Anushree Verma about the route from robotic process automation to agentic AI in corporate IT Continue Reading
-
Feature
24 Mar 2025
Ethical qualms prompt challenging social media migrations
Changing content moderation and artificial intelligence training practices means social media has undergone a fundamental shift in the past six months, presenting organisations and people migrating away from these platforms for ethical reasons with a number of practical challenges Continue Reading
-
News
20 Mar 2025
NCSC proposes three-step plan to move to quantum-safe encryption
The NCSC urges service providers, large organisations and critical sectors to start thinking today about how they will migrate to post-quantum cryptography over the next decade Continue Reading
-
News
19 Mar 2025
DeepMind founder warns of compounding AI agent errors
Artificial general intelligence may be years away, but in the meantime, organisations are being urged to adopt agent technology Continue Reading
-
News
19 Mar 2025
How Telefónica avoided VMware price hike
While some some organisations look for alternatives to VMware, Telefónica Germany has taken a different approach based on third-party support Continue Reading
-
E-Zine
18 Mar 2025
UK under-prepared for catastrophic cyber attack
In this week’s Computer Weekly, MPs have been told the UK is under-prepared to cope with a catastrophic cyber attack – we find out where the problems lie. Our new buyer’s guide assesses the challenges of datacentre capacity planning. And one of the UK’s most successful businessmen, Sir Martin Sorrell, gives his view on the risks and opportunities of AI. Read the issue now. Continue Reading
-
News
18 Mar 2025
Seaco charts course for unified security strategy
Shipping container leasing giant consolidates security tools onto a single platform, leveraging AI and extended detection and response to improve security operations Continue Reading
-
News
17 Mar 2025
PSNI’s ‘ridiculous’ withholding of evidence in spying operation delayed court hearings
Landmark ruling by the Investigatory Powers Tribunal will decide whether the surveillance court can award costs against government bodies accused of unreasonable behaviour Continue Reading
-
News
17 Mar 2025
Online Safety Act measures come into effect
Regulator Ofcom is now able to take enforcement action against platforms under the Online Safety Act if they fail to proactively safeguard against content such as terrorist or child sexual abuse material Continue Reading
-
News
17 Mar 2025
How Oracle is using AI to combat financial crime
The tech giant is leveraging artificial intelligence to surface fraudulent financial transactions and improve the efficiency of financial crime investigations, offering relief to banks battling high costs and alert fatigue Continue Reading
-
News
14 Mar 2025
Apple encryption legal challenge heard behind closed doors despite calls for public hearing
Investigatory Powers Tribunal hearing held behind closed doors as press and civil society groups argue for open hearings Continue Reading
-
News
14 Mar 2025
AI Action Summit review: Differing views cast doubt on AI’s ability to benefit whole of society
Governments, companies and civil society groups gathered at the third global AI summit to discuss how the technology can work for the benefit of everyone in society, but experts say competing imperatives mean there is no guarantee these visions will win out Continue Reading
-
Definition
14 Mar 2025
What is pharming?
Pharming is a scamming practice in which malicious code is installed on a PC or server, misdirecting users to fraudulent websites without their knowledge or consent. Continue Reading
-
Opinion
14 Mar 2025
How CISOs can counter the threat of nation state espionage
The rise of DeepSeek has prompted the usual well-documented concerns around AI, but also raised worries about its potential links to the Chinese state. The Security Think Tank considers the steps security leaders can take to counter threats posed by nation state industrial espionage? Continue Reading
-
News
13 Mar 2025
Chinese espionage group UNC3886 targets Juniper routers
Advanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring Continue Reading
-
News
13 Mar 2025
SuperBlack ransomware may have ties to LockBit
Forescout researchers report on a new ransomware gang that appears to be keeping the legacy of the notorious LockBit crew alive Continue Reading
-
News
13 Mar 2025
HMRC looks to upgrade SOC with advanced SIEM tech
HMRC issues a request for information notice ahead of opening up bids for a new security information and event management project that aims to reinforce its ability to respond to cyber threats Continue Reading
-
News
13 Mar 2025
Driving licence data could be used for police facial recognition
The government’s Crime and Policing Bill could allow police to access the UK driving licence database for use in facial recognition watchlists, but the Home Office denies biometric data would be repurposed in this way Continue Reading
-
News
11 Mar 2025
March Patch Tuesday brings 57 fixes, multiple zero-days
The third Patch Tuesday of 2025 brings fixes for 57 flaws and a hefty number of zero-days Continue Reading
-
News
11 Mar 2025
Perimeter security appliances source of most ransomware hits
Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports Continue Reading
-
News
11 Mar 2025
Dutch police disrupt half of ransomware operations, finds embedded PHD student
Dutch PhD study reveals the impact of centralised intelligence and strategic interventions in the fight against ransomware Continue Reading
-
News
11 Mar 2025
UK government under-prepared for catastrophic cyber attack, hears PAC
The Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par Continue Reading
-
News
11 Mar 2025
Singapore IT leaders boost AI security defences
Study reveals a surge in perceived importance of artificial intelligence for cyber security in Singapore, but declining investment in traditional measures raises concerns as sophisticated cyber attacks intensify Continue Reading
-
News
10 Mar 2025
How CISOs are tackling cyber security challenges
Security chiefs at the recent Gartner Security and Risk Management Summit in Sydney share insights on navigating board communication, organisational resilience and the importance of understanding business needs Continue Reading
-
News
07 Mar 2025
Managing security in the AI age
Gartner experts offer guidance on harnessing AI’s power while mitigating its risks, from managing shadow AI to implementing security controls and policies Continue Reading
-
News
06 Mar 2025
UK cyber security damaged by ‘clumsy Home Office political censorship’
Britain’s National Cyber Security Centre secretly censors computer security guidance and drops references to encryption Continue Reading
-
Feature
06 Mar 2025
Norway says ‘no way’ to global financial crime
Oslo’s startup ecosystem is fighting back against cyber criminals with tech to wipe out attacks rather than just detect them Continue Reading
-
News
06 Mar 2025
Going beyond search: Elastic’s observability and security play
Elastic’s chief product officer Ken Exner talks up the company’s expansion into observability and security and how it balances innovation with community contributions and monetisation Continue Reading
-
News
05 Mar 2025
Apple IPT appeal against backdoor encryption order is test case for bigger targets
The Home Office decision to target Apple with an order requiring access to users’ encrypted data is widely seen as a ‘stalking horse’ for attacks against encrypted messaging services WhatsApp, Telegram and Signal Continue Reading
-
News
05 Mar 2025
NHS investigating how API flaw exposed patient data
NHS patient data was left vulnerable by a flaw in an application programming interface used at online healthcare provider Medefer Continue Reading
-
News
04 Mar 2025
Aussie businesses ramp up security spending
Australian organisations are set to spend A$6.2bn on security and risk management in 2025, a 14.4% jump from the previous year, driven by the rise of AI and a growing threat landscape Continue Reading
-
News
03 Mar 2025
Singapore’s HomeTeamNS hit by ransomware attack
The non-profit organisation suffered a ransomware attack that affected some servers containing employee and member data, prompting an investigation and enhanced security measures Continue Reading
-
News
28 Feb 2025
France pushes for law enforcement access to Signal, WhatsApp and encrypted email
Proposals to be discussed in the French Parliament will require tech companies to hand over decrypted messages and email or face huge fines Continue Reading
-
News
28 Feb 2025
NHS staff lack confidence in health service cyber measures
NHS staff understand their role in protecting the health service from cyber threats and the public backs them in this aim, but legacy tech and a lack of training are hindering efforts, according to BT Continue Reading
-
Opinion
27 Feb 2025
Secure software: Third-party suppliers your first-party risk
Outgoing CISA chief Jen Easterly called on buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what best practice for secure software procurement looks like in 2025 Continue Reading
-
News
27 Feb 2025
CVE volumes head towards 50,000 in 2025, analysts claim
Many trends, notably a big shift to open source tools, are behind an expected boom in the number of disclosed vulnerabilities Continue Reading
-
News
26 Feb 2025
CISOs spending more on insider risk
Insider risk management budgets have more than doubled in the past 12 months and look set to grow further still in 2025, according to a report Continue Reading
-
Opinion
26 Feb 2025
Everything, everywhere, all at once: automated decision-making in public services
Despite the UK government's fervent embrace of artificial intelligence, there is still little meaningful transparency around the scope of the technology's deployment throughout public services Continue Reading
-
News
26 Feb 2025
Scottish police fail to record ethnicity in DNA database
Scottish policing bodies are failing to properly record and publish data on the ethnicity of arrested people, making it impossible to determine whether they are discriminating against certain sections of the population Continue Reading
-
News
25 Feb 2025
Singapore rolls out guidelines to bolster cloud and datacentre resilience
New advisory guidelines to enhance resilience and security of cloud services and datacentres in Singapore amid potential service disruptions and growing cyber threats Continue Reading
-
Opinion
25 Feb 2025
Reflecting on three years of cyber warfare in Ukraine
With the third anniversary of Russia's illegal invasion of Ukraine passing this week, Charl Van Der Walt reflects on how the cyber threat landscape in Europe has changed since 2022 Continue Reading
-
E-Zine
25 Feb 2025
Rethinking the route to net zero
In this week’s Computer Weekly, our latest buyer’s guide looks at the need to apply innovative and long-term thinking to reducing carbon emissions in IT. We find out how retailer Dunelm is benefiting from a programme to attract, retain and support women in tech. And Volvo Cars explains why the future for its vehicles is software-defined. Read the issue now. Continue Reading
-
News
24 Feb 2025
European Union calls for more cyber data-sharing with Nato
Updates to the EU’s Cyber Blueprint, establishing best practice for multilateral security incident response in Europe, include calls for more collaboration with Nato member states, as the geopolitical environment becomes ever more fractious Continue Reading
-
News
23 Feb 2025
Check Point co-founder on AI, quantum and independence
Gil Shwed, Check Point’s co-founder and executive chairman, discusses the company’s focus on artificial intelligence-driven security and his commitment to remaining an independent force in the cyber security market Continue Reading
-
News
21 Feb 2025
UK police forces ‘supercharging racism’ with predictive policing
Amnesty International says predictive policing systems are ‘supercharging racism’ in the UK by taking historically biased data to further target poor and racialised communities Continue Reading
-
News
20 Feb 2025
Watchdog approves Sellafield physical security, but warns about cyber
The Office for Nuclear Regulation has taken Sellafield out of special measures for physical security, but harbours cyber security concerns Continue Reading
-
E-Zine
20 Feb 2025
CW APAC – Trend Watch: CIO trends 2025
It will be no surprise to see artificial intelligence high on the agenda for 2025. In this handbook, focused on CIO trends in the Asia-Pacific region, Computer Weekly looks at how banks are navigating technology, the continued importance of cyber security, and how enterprises can cement their AI future. Continue Reading
-
Opinion
20 Feb 2025
Privacy at a crossroads in the age of AI and quantum
The confluence of artificial intelligence and quantum computing magnifies the risk to privacy, data security and trust, says Gartner's Bart Willemsen Continue Reading
-
Feature
19 Feb 2025
Quantum computing in cyber security: A double-edged sword
Scepticism still abounds, but quantum computing stocks have boomed this year. In the world of cyber, however, quantum brings both unprecedented capabilities and significant threats, demanding careful attention Continue Reading
-
News
19 Feb 2025
Warning over privacy of encrypted messages as Russia targets Signal Messenger
Russia is using phishing attacks to compromise encrypted Signal Messenger services used by targets in the Ukraine. Experts warn that other encrypted app users are at risk Continue Reading
-
News
18 Feb 2025
EY: Industrial companies worldwide stunted in emerging technology use
Businesses globally are spending more on emerging technologies year-on-year, but struggle to expand experimental use cases, finds EY’s sixth annual Reimagining Industry Futures study Continue Reading
-
News
18 Feb 2025
Cyber Monitoring Centre develops hurricane scale to count cost of cyber attacks
A non-profit company aims to measure the impact of cyber events on the economy using a 1 to 5 scale borrowed from hurricane classification Continue Reading
-
News
18 Feb 2025
MSP cuts costs with Scality pay-as-you-go anti-ransomware storage
Autodata gets Scality as-a-service for on-site immutable storage via Artesca, to allow customers to rapidly recover from ransomware and at the same cost per terabyte no matter the volume Continue Reading
-
News
18 Feb 2025
CPX 2025: Check Point CEO talks up hybrid mesh security
At CPX 2025 in Bangkok, Check Point CEO Nadav Zafrir outlined a vision for network security centred on hybrid mesh architecture and AI-powered capabilities Continue Reading
-
News
17 Feb 2025
The Security Interviews: Yevgeny Dibrov, Armis
Armis CEO Yevgeny Dibrov talks about how his military service and intelligence work opened the door into the world of cyber security entrepreneurship Continue Reading
-
Opinion
16 Feb 2025
How to get employees to take cyber risk more seriously
To combat risky cyber security behaviour, organisations must move beyond awareness training and cultivate a culture where security violations are personally felt and socially unacceptable, leveraging existing values, real-world impacts, and even humour Continue Reading
-
News
14 Feb 2025
Lenovo CSO: AI adoption fuels security paranoia
Doug Fisher, Lenovo’s chief security officer, outlines the company’s approach to security and AI governance, and the importance of having a strong security culture to combat cyber threats amplified by the use of AI Continue Reading
-
News
12 Feb 2025
Forrester: AI and cyber security drive up IT spending
Despite artificial intelligence and cyber security increasing investment, technical debt remains a significant drain on IT budgets Continue Reading
-
Definition
12 Feb 2025
What are agreed-upon procedures (AUPs)?
Agreed-upon procedures are a standard a company or client outlines in an engagement letter or other written agreement when it hires an external party to perform an audit on a specific test or business process. Continue Reading
-
News
10 Feb 2025
Apple: British techies to advise on ‘devastating’ UK global crypto power grab
A hitherto unknown British organisation – which even the government may have forgotten about – is about to be drawn into a global technical and financial battle, facing threats from Apple to pull out of the UK Continue Reading
-
News
07 Feb 2025
Tech companies brace after UK demands back door access to Apple cloud
The UK has served a notice on Apple demanding back door access to encrypted data stored by users anywhere in the world on Apple’s cloud service Continue Reading
-
Tip
07 Feb 2025
RFI vs. RFP vs. RFQ: How they differ and which is best for you
RFIs, RFPs and RFQs all help software buying teams gather different information, and teams usually only send out one or two. Learn more about when to send out each document. Continue Reading
-
Opinion
07 Feb 2025
Secure software procurement in 2025: A call for accountability
Outgoing CISA chief Jen Easterly called on buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what best practice for secure software procurement looks like in 2025. Continue Reading
-
News
07 Feb 2025
US lawmakers move to ban DeepSeek AI tool
US politicians have introduced a bill seeking to ban the use of the DeepSeek AI tool on government-owned devices, citing national security concerns due to its alleged links to the Chinese state Continue Reading
-
News
07 Feb 2025
Ransomware payment value fell over 30% in 2024
Several factors, including the impact of law enforcement operations disrupting cyber criminal gangs and better preparedness among users, may be behind a significant drop in the total value of ransomware payments Continue Reading
-
Feature
07 Feb 2025
Self-healing networks: The next evolution in network management
The age of AI is highlighting the security risks and pitfalls of traditional network management techniques. Self-healing networks may offer a solution that not only bolsters security, but makes IT and network teams more efficient Continue Reading
-
News
06 Feb 2025
UK’s Cyber Monitoring Centre begins incident classification work
The Cyber Monitoring Centre will work to categorise major incidents against a newly developed scale to help organisations better understand the nature of systemic cyber attacks and learn from their impact Continue Reading
-
News
05 Feb 2025
Youth activists protest Meta over mental health impacts
Protest outside Meta’s London offices marks launch of Mad Youth Campaign, an effort by activists to challenge the ways in which corporate power negatively shapes the conditions young people live under Continue Reading
-
News
05 Feb 2025
MoD set to develop £50m data analytics platform with Kainos
The Ministry of Defence has chosen IT services provider Kainos to develop its £50m data analytics platform across all armed services, over a three-year programme Continue Reading
-
Opinion
04 Feb 2025
“Unsafe At Any Speed”. Comparing automobiles to code risk
Outgoing CISA chief Jen Easterly called on buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what best practice for secure software procurement looks like in 2025. Continue Reading
-
News
03 Feb 2025
New Relic extends observability to DeepSeek
The observability tools supplier now offers enhanced monitoring for DeepSeek models to help businesses reduce the costs and risks of generative AI development Continue Reading
-
News
03 Feb 2025
Government sets out cyber security practice code to stoke AI growth
The government has set out a cyber security code of practice for developers to follow when building AI products Continue Reading
-
Opinion
03 Feb 2025
Vigilant buyers are the best recipe for accountable suppliers
In January 2025, outgoing CISA chief Jen Easterly called on IT buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what does best practice for secure software procurement looks like in 2025. Continue Reading
-
News
03 Feb 2025
DeepSeek-R1 more readily generates dangerous content than other large language models
Research scientists at cyber firm Enkrypt AI publish concerning findings from a red team exercise conducted against DeepSeek, the hot new generative AI tool Continue Reading
-
News
31 Jan 2025
Barclays hit by major IT outage on HMRC deadline day
Customers of Barclays Bank are left unable to access web app and online banking following a significant IT outage that seems to have come at the worst possible time Continue Reading
-
News
31 Jan 2025
AI jailbreaking techniques prove highly effective against DeepSeek
Researchers at Palo Alto have shown how novel jailbreaking techniques were able to fool breakout GenAI model DeepSeek into helping to create keylogging tools, steal data, and make a Molotov cocktail Continue Reading
-
News
31 Jan 2025
DeepSeek API, chat log exposure a ‘rookie’ cyber error
Security researchers at Wiz find a trove of DeepSeek data including API secrets and chat logs publicly exposed via an open source database management tool, raising questions about the fast-growing service’s approach to security Continue Reading
-
Opinion
31 Jan 2025
Can security operations ever be fully autonomous?
Focusing on targeted improvements, not full automation, is key to scaling security operations with AI Continue Reading
-
News
30 Jan 2025
First international AI safety report published
A global cohort of nearly 100 artificial intelligence experts publish first international AI safety report ahead of the third AI summit, outlining an array of challenges posed by the technology that will be used to inform upcoming discussions Continue Reading
-
News
29 Jan 2025
How government hackers are trying to exploit Google Gemini AI
Google’s threat intel squad has shared information on how nation state threat actors are attempting to exploit its Gemini AI tool for nefarious ends Continue Reading
-
News
29 Jan 2025
Vallance rejects latest charge to reform UK hacking laws
Science minister Patrick Vallance rejects proposed amendments to the Computer Misuse Act, arguing that they could create a loophole for cyber criminals to exploit Continue Reading
-
News
28 Jan 2025
NAO: UK government cyber resilience weak in face of mounting threats
The National Audit Office has found UK government cyber resilience wanting, weakened by legacy IT and skills shortages, and facing mounting threats Continue Reading
-
Feature
28 Jan 2025
EU law could usher in transformative change to digital ecosystems
The EU’s Digital Fairness Act aims to end exploitative practices online and enhance consumer protection, but civil society groups say it must address the power and information asymmetries between users and tech firms Continue Reading
-
Opinion
28 Jan 2025
Your first steps to improve international compliance
The Computer Weekly Security Think Tank considers how security leaders should best navigate the multitude of new national and multinational regulations affecting their work, and ensure their organisations remain compliant and protected Continue Reading
-
E-Zine
28 Jan 2025
Turbulent times ahead for tech
In this week’s Computer Weekly, the World Economic Forum in Davos highlighted growing risks to digital supply chains – we examine the turbulence ahead. Data sovereignty is becoming a growing issue as companies move to the cloud – we look at the regulatory challenges. And we analyse the best practices in automated patch management. Read the issue now. Continue Reading
-
News
27 Jan 2025
Cyber incident that closed British Museum was inside job
An IT incident that disrupted visitor access to the British Museum last week was the work of a disgruntled contractor who had been let go Continue Reading
-
Feature
27 Jan 2025
VMware backup: Key decision points if you migrate away from VMware
VMware’s pricing changes have spurred some organisations to move to new virtualisation environments, but they’ll need backing up. We look at the key points to consider Continue Reading
-
News
27 Jan 2025
Inside CyberArk’s security strategy
CyberArk CIO Omer Grossman talks up the company’s security-first ethos, the importance of an assumed breach mentality and how the company is addressing threats from the growing use of AI Continue Reading
-
News
24 Jan 2025
MPs and peers start inquiry into Russian and Chinese sabotage threats to subsea internet cables
MPs and Lords on the Joint Committee on the National Security Strategy have begun an inquiry into the resilience of UK internet cables, following heightened threats of Russian and Chinese sabotage Continue Reading
-
News
24 Jan 2025
US indicts five in fake North Korean IT contractor scandal
The US authorities have accused five men, including two American citizens, of involvement in a scheme which saw companies duped into hiring fake North Korean IT contractors Continue Reading
-
News
24 Jan 2025
High Court: Sky Betting ‘parasitic’ in targeting problem gambler
UK High Court rules that Sky Betting acted unlawfully after breaching a customer’s data protection rights when it obtained his personal data through cookies and used it to profile him for the purposes of direct marketing, despite his ‘impaired’ ability to provide meaningful consent Continue Reading
-
News
24 Jan 2025
CISOs boost board presence by 77% over two years
A global research study, from Splunk and Oxford Economics, into how chief information security officers interact with boards finds greater participation but enduring gaps Continue Reading
-
Definition
23 Jan 2025
What is threat modeling?
Threat modeling is the systematic process of identifying threats to and vulnerabilities in software applications, and then defining countermeasures to mitigate those threats and vulnerabilities to better protect business processes, networks, systems and data. Continue Reading
-
News
23 Jan 2025
UK eVisa system problems persist despite repeated warnings
Travellers are already having issues boarding UK-bound flights, while refugees have been left with no way to prove their immigration status in the UK, just two weeks after the Home Office transitioned to electronic visas Continue Reading
-
News
22 Jan 2025
Privacy professionals expect budget cuts, lack confidence
Over 50% of privacy professionals in Europe expect to see less money earmarked for data security initiatives in 2025, and many don’t have faith their organisations are taking the issue seriously, according to an ISACA report Continue Reading
-
News
22 Jan 2025
Europol seeks evidence of encryption on crime enforcement as it steps-up pressure on Big Tech
Europol wants examples of police investigations hampered by end-to-end encryption as it pressures tech companies to provide law enforcement access to encrypted messages Continue Reading
-
News
22 Jan 2025
APAC businesses face surge in email attacks
Sophisticated phishing and business email compromise campaigns are increasingly targeting organisations across the Asia-Pacific region, research reveals Continue Reading
-
E-Zine
21 Jan 2025
Will the UK become an AI powerhouse?
In this week’s Computer Weekly, we analyse the UK government’s new AI strategy and ask if the ambitious plans are achievable. The latest EU regulation affecting cyber security, called DORA, will affect digital resilience plans for many businesses – we examine the implications. We also look at the benefits and technologies behind cloud data lakes. Read the issue now. Continue Reading
-
Feature
17 Jan 2025
A guide to DORA compliance
We look at the new EU regulation for cyber resiliency, the role of IT asset management in auditing and third-party risks Continue Reading
-
News
16 Jan 2025
Biden signs new cyber order days before Trump inauguration
With days left in the White House, outgoing US president Joe Biden has signed a wide-ranging cyber security executive order with far-reaching implications Continue Reading
-
News
16 Jan 2025
Almost half of UK banks set to miss DORA deadline
A significant minority of financial services organisations in the UK will not be fully compliant with the EU’s DORA cyber and risk management regulation when it comes into force on 17 January Continue Reading