IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
10 May 2024
Major breach of customer information developing at Dell
Almost 50 million data records relating to Dell customers appear to have been compromised in a major cyber breach Continue Reading
-
News
09 May 2024
Wales gets UK’s first national SOC
The first national security operations centre of its kind in the UK has opened in the south of Wales to safeguard public sector bodies across the country Continue Reading
-
News
01 Mar 2024
APAC firms bullish on IT spending
More than half of organisations plan to spend more on key areas such as cyber security, generative AI and cloud in a sign of growing optimism across the region Continue Reading
-
News
28 Feb 2024
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors Continue Reading
-
News
28 Feb 2024
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently Continue Reading
-
Feature
28 Feb 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
27 Feb 2024
Majority of UK employees ‘willingly gamble’ with security
Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report Continue Reading
-
News
27 Feb 2024
Executive interview: David Wong, Thomson Reuters
We speak to the chief product officer of Thomson Reuters about working with artificial intelligence and embedding Microsoft Copilot for Word Continue Reading
-
News
27 Feb 2024
Hycu uses AI to develop APIs for SaaS application backup
SaaS applications don’t usually come with built-in data protection, but Hycu plans to tackle that gap in the market with AI to generate the connectors needed to backup user data Continue Reading
-
News
27 Feb 2024
Cozy Bear and other APTs changing tack as cloud adoption increases
A change in APT tactics has been observed resulting from greater adoption of cloud-based services, according to the NCSC Continue Reading
-
News
26 Feb 2024
LockBit bids to save face after NCA takedown
The LockBit gang’s ringleader resurfaces with new infrastructure and new victims, claiming to have shrugged off a multinational police sting Continue Reading
-
News
26 Feb 2024
Storage and backup spend in 2024 targets risk and resilience
The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay Continue Reading
-
News
23 Feb 2024
ConnectWise users see cyber attacks surge, including ransomware
ConnectWise ScreenConnect users who have yet to patch against a critical vulnerability are now being targeted by a barrage of cyber attacks, including ransomware Continue Reading
-
Feature
23 Feb 2024
LLMs explained: A developer’s guide to getting started
A guide to help enterprise developers use large language models securely, efficiently and cost-effectively in their applications Continue Reading
-
Opinion
22 Feb 2024
How can we adapt work practices to protect CISO mental health?
Cyber leaders are finding it harder to keep up with security requirements than just two years ago, risking a domino effect of dissatisfaction, burnout and eventually, resignation Continue Reading
-
News
21 Feb 2024
Australian data breach report highlights supply chain risks
The OAIC has called for organisations to proactively address privacy risks from outsourcing personal information handling to third parties Continue Reading
-
News
21 Feb 2024
CVE volumes set to increase 25% this year
The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist Continue Reading
-
News
21 Feb 2024
How Indian fintechs can address compliance issues
Fintechs will need to bolster their know-your-customer practices and establish self-regulatory mechanisms, among other measures, to address compliance issues that have come under the spotlight Continue Reading
-
E-Zine
20 Feb 2024
Flying into cloud – EasyJet’s journey out of the datacentre to AI
In this week’s Computer Weekly, we find out how EasyJet fills an aircraft every 10 seconds while migrating to the cloud and introducing AI. There’s only 283 years to go until we have a diverse IT workforce – we find out why. And we examine how the UK anti-trust investigation into the cloud market could hit the big hyperscalers. Read the issue now. Continue Reading
-
Feature
19 Feb 2024
Gartner: Three top trends in cyber security for 2024
IT security will be influenced by generative AI, identity and access management, and continuous threat exposure management Continue Reading
-
Opinion
15 Feb 2024
Bouncing back from a cyber attack
Organisations need to move away from victim blaming when cyber attacks on OT systems occur and focus on fostering collaboration between teams to minimise downtime, among other efforts to bounce back and return to business Continue Reading
-
News
14 Feb 2024
Microsoft: Nation-state hackers are exploiting ChatGPT
Threat actors from China, Iran, North Korea and Russia have all been probing use cases for generative AI service ChatGPT, but have yet to use such tools in a full-blown cyber attack Continue Reading
-
News
14 Feb 2024
Dutch Supreme Court approves use of EncroChat evidence
Defence lawyers plan appeal to European Court of Human Rights after Supreme Court upholds a conviction based on intercepted messages from the EncroChat encrypted phone network Continue Reading
-
News
14 Feb 2024
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but campaigners warn that racial discrimination will persist with new tool Continue Reading
-
News
14 Feb 2024
Microsoft patches two zero-days for Valentine’s Day
Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues Continue Reading
-
Podcast
14 Feb 2024
Podcast: What is the impact of AI on storage and compliance?
Start now looking at artificial intelligence compliance. That’s the advice of Mathieu Gorge of Vigitrust, who says AI governance is still immature but firms should recognise the limits and still act Continue Reading
-
News
13 Feb 2024
Hunter-killer malware volumes seen surging
Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences Continue Reading
-
News
13 Feb 2024
What will result from Cohesity’s Veritas acquisition?
The $7bn backup giant will leverage huge assets in enterprise customer base, compliance and governance intelligence, AI, R&D, and Kubernetes backup and storage Continue Reading
-
E-Zine
13 Feb 2024
Intelligent defence – the role of data in the military
In this week’s Computer Weekly, we examine the role of data in tying together military operations across ground, air, sea and cyber. Has SAP finally convinced customers to migrate to cloud ERP? We assess the trends. And we talk to the CIO helping to set up the UK’s fastest supercomputer. Read the issue now. Continue Reading
-
Feature
12 Feb 2024
Trends driving cyber security in 2024
While cyber security breaches are not going away, emerging threats are driving new and innovative approaches to IT security Continue Reading
-
News
09 Feb 2024
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne Continue Reading
-
News
08 Feb 2024
CIO interview: Sandy Venugopal, SentinelOne
We speak to the former CIO of Uber and LinkedIn, current CIO of SentinelOne, about how artificial intelligence should be deployed in business Continue Reading
-
News
07 Feb 2024
Dozens of surveillance companies are supplying spyware to governments, says Google
Google’s Threat Analysis Group has identified 40 companies involved in selling and supplying security exploits and spyware services to governments Continue Reading
-
Opinion
07 Feb 2024
Security Think Tank: The phishing forecast for 2024
Egress' Jack Chapman and James Dyer explore how phishing attacks are set to grow in their scope and sophistication this year, with generative AI playing a big role Continue Reading
-
Tip
06 Feb 2024
8 dangers of shadow IT and how to manage them
Unauthorized devices, software and system changes -- and other forms of shadow IT -- can expose organizations to a range of security risks. Here are ways to manage them. Continue Reading
-
News
06 Feb 2024
Inquiry to explore cyber risk to Sunak-Starmer showdown
The UK’s Joint Committee on National Security Strategy is opening an inquiry into securing the democratic process ahead of the next general election Continue Reading
-
News
06 Feb 2024
UK and France push for international agreement on spyware
The UK and France are hosting diplomats, big tech companies and civil society groups, in a two-day conference in London targeting the proliferation of spyware tools and ‘hackers for hire’ Continue Reading
-
Opinion
06 Feb 2024
Three predictions for responding to the cyber threat landscape in 2024
Nominet's Kim Wiles looks to the coming months and calls for cooperation and collaboration on tackling cyber security threats Continue Reading
-
E-Zine
06 Feb 2024
Generative AI – an early adopter’s experience
In this week’s Computer Weekly, as IT leaders start to implement GenAI in their organisations, we look at the experiences of one early adopter. Our latest buyer’s guide examines the key security trends for 2024. And Microsoft’s head of identity talks about a future without passwords. Read the issue now. Continue Reading
-
Feature
02 Feb 2024
UK police facial recognition explained: What you need to know
In this essential guide, Computer Weekly looks at the use of facial recognition technology by UK police forces, including the points of contention around its deployment so far and where it’s heading next Continue Reading
-
News
01 Feb 2024
AI: House of Lords focuses on copyright and transparency
Large language models promise to boost UK productivity, but the tech needs greater scrutiny and questions remain over intellectual property Continue Reading
-
News
01 Feb 2024
US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers
The US government has succeeded in halting a botnet comprised of hundreds of end-of-life routers that posed a threat to critical national infrastructure (CNI) organisations in multiple countries Continue Reading
-
Opinion
30 Jan 2024
Microsoft hack: Five questions enterprises should ask their IT leaders
Following the news about a Russia-backed hacking group infiltrating Microsoft's systems, enterprises may want to seek assurances from their IT and security leaders about the implications of the attack for them Continue Reading
-
News
30 Jan 2024
We need backup! Pennsylvania police data loss shows why
Police evidence systems data was lost during ‘routine maintenance’, with human error blamed – the case clearly illustrates why data protection can’t be left to chance Continue Reading
-
E-Zine
30 Jan 2024
Tech companies warn EU over encryption plans
In this week’s Computer Weekly, tech companies are calling on the European Commission to rethink plans to weaken internet encryption – we explore the issues. We talk to credit rating agency Moody’s about why it thinks now is the time to start investing in quantum computing. And we examine how a different approach to recruitment could ease the datacentre sector skills gap. Read the issue now. Continue Reading
-
News
29 Jan 2024
Lords question legality of police facial recognition
Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability Continue Reading
-
Opinion
26 Jan 2024
Quantum, AI and geopolitical conflict: '24 will be a big year for cyber
With big trends like quantum, generative AI and geopolitical conflict, 2024 looks set to be a big year in security, but defenders have an unparalleled opportunity to harness these trends for good, says Quorum's Federico Charosky Continue Reading
-
News
26 Jan 2024
UK government consults on age verification tech in alcohol sales
The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: What to expect in cyber this year
Risk arising from insecure generative AI, an explosion in mainstream acceptance of zero-trust, and increasingly tight cyber insurance policies will all be high on the agenda in 2024, writes Forrester senior analyst Alla Valente Continue Reading
-
Opinion
25 Jan 2024
Mitigating the risks of modern application development
Organisations need to have visibility over their software supply chain, secure and monitor interfaces to legacy systems and adopt zero trust to mitigate the risks of modern application development Continue Reading
-
Opinion
25 Jan 2024
Security Think Tank: 2024 is the year we bridge the cyber divide
ISACA's Steven Sim Kok Leong shares his thoughts on the coming year in cyber security, considering the impact of regulatory change, the evolving role of the CISO, and advances in innovative cyber tech Continue Reading
-
News
24 Jan 2024
WebKit vulnerability sparks Apple’s first major security update of 2024
A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year Continue Reading
-
News
24 Jan 2024
Inside Cisco’s security platform strategy
Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform Continue Reading
-
News
24 Jan 2024
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks Continue Reading
-
Podcast
23 Jan 2024
Podcast: Storage and compliance outlook for 2024
Interesting times ahead in 2024 as we talk to Mathieu Gorge, CEO of Vigitrust, about updates to EU regs, PCI, NIST, post-Brexit divergence and 60 national elections across the globe Continue Reading
-
News
23 Jan 2024
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences Continue Reading
-
News
23 Jan 2024
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people Continue Reading
-
News
23 Jan 2024
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack Continue Reading
-
E-Zine
23 Jan 2024
Davos 2024: AI disinformation tops global risks
In this week’s Computer Weekly, AI-generated disinformation and misinformation will be the top risks for businesses, governments and the public over the next two years, according to the World Economic Forum. Intel’s CTO discusses the chip maker’s plans for the European market. And we examine the dearth of digital skills among elected officials. Read the issue now. Continue Reading
-
News
22 Jan 2024
PAC calls on MoD to fix inventory management IT
The Public Accounts Committee is concerned that the ageing and fragmented IT systems used in the MoD’s inventory management puts front-line forces at significant risk Continue Reading
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading
-
Opinion
18 Jan 2024
Powering up cyber security defences with AI
AI holds great promise when it comes to securing valuable, and vulnerable, data, but security teams face some challenges if they are to get the best out of it, writes IBM’s Christopher Meenan Continue Reading
-
News
18 Jan 2024
Cyber non-profit enlists ex-NCSC head as technical chair
Founding NCSC chief exec Ciaran Martin is to join the newly launched Cyber Monitoring Centre non-profit as chair of its technical committee Continue Reading
-
News
17 Jan 2024
NCSC invites security pros to join the big leagues
The NCSC is inviting security pros from across the UK to sign up to work with its experts on an intelligence-sharing initiative Continue Reading
-
Feature
17 Jan 2024
Biometric revolution in IAM: The future of authentication
The IAM landscape is experiencing profound change thanks to the advent of biometrics. Learn about the latest advantages and key benefits of biometrics in identity Continue Reading
-
Feature
17 Jan 2024
Cloud-to-cloud backup: What it is and why you (probably) need it
Basic cloud data protection is just not enough. Several loopholes leave business data vulnerable and that means additional cloud-to-cloud backup should be seriously considered Continue Reading
-
News
17 Jan 2024
Singapore proposes governance framework for generative AI
AI Verify Foundation and Infocomm Media Development Authority have proposed a governance framework for generative AI to address the risks and concerns about the emerging technology Continue Reading
-
Opinion
16 Jan 2024
The human toll of ransomware: how IT pros suffer during incidents
Any ransomware attack causes significant challenges for a business or organisation going through such incident. But ransomware attacks also have tremendous impact on the staff – especially IT teams – working on mitigating the attack’s effect Continue Reading
-
Feature
15 Jan 2024
British Library cyber attack explained: What you need to know
In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
-
News
15 Jan 2024
How legal disclosure failures disrupted the Post Office Horizon inquiry
From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry Continue Reading
-
News
15 Jan 2024
IT failure caused weekend chaos at Sussex hospitals
The critical incident at University Hospitals Sussex NHS Foundation Trust, caused by IT issues on Sunday night, has now been resolved Continue Reading
-
News
15 Jan 2024
NCA director sacked after WhatsApp and email security breaches
Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp Continue Reading
-
Opinion
11 Jan 2024
Redefining the cyber domain to tackle the challenges of tomorrow
Emerging technologies have brought about a new age of cyber – and we need a 360-degree collaborative approach more than ever to succeed Continue Reading
-
News
10 Jan 2024
Davos 2024: AI-generated disinformation poses threat to elections, says World Economic Forum
Disinformation and misinformation are the top risks facing businesses, governments and the public over the next two years Continue Reading
-
News
10 Jan 2024
Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs
Microsoft starts 2024 right with another slimline Patch Tuesday drop, but there are some critical vulns to be alert to, including a number of man-in-the-middle attack vectors Continue Reading
-
News
10 Jan 2024
Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill
The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK Continue Reading
-
Opinion
09 Jan 2024
Inadequate cloud logs are proving a headache for CISOs
The mass adoption of cloud environments is pushing strained CISOs to the brink and a lack of attention to logging isn't helping. Vectra's Mark Wojtasiak calls for organisations to do more to improve visibility in their clouds in 2024 Continue Reading
-
News
03 Jan 2024
Fighting money laundering with AI
Mike Foster, CEO of SymphonyAI Sensa-NetReveal, talks up how AI can be used to fight financial crime and how the company’s technology can augment existing AML investments Continue Reading
-
News
29 Dec 2023
Top 10 AI regulation stories of 2023
From the UK government’s publication of its long-awaited AI whitepaper to its convening of the world’s first AI Safety Summit, here are Computer Weekly’s top 10 AI regulation stories of 2023 Continue Reading
-
Feature
28 Dec 2023
Decoding zero trust in endpoint security: A practical guide for CISOs
The exponential increase in endpoints has vastly expanded the average organisation’s attack surface – address this by applying zero-trust best practice to endpoints Continue Reading
-
News
28 Dec 2023
Top 10 technology and ethics stories of 2023
Here are Computer Weekly’s top 10 technology and ethics stories of 2023 Continue Reading
-
News
27 Dec 2023
Top 10 ASEAN IT stories of 2023
Organisations across the region have continued to shore up their cyber security posture while investing in infrastructure to pave the way for emerging technologies like GenAI Continue Reading
-
News
21 Dec 2023
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
-
News
21 Dec 2023
Top 10 storage supplier strategy stories of 2023
In 2023, we looked at the top storage suppliers, their market share and how they set themselves for a future of hybrid cloud, containerisation and consumption models of purchasing Continue Reading
-
Opinion
20 Dec 2023
Beyond the office walls: Safeguarding remote workers from attack
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Opinion
20 Dec 2023
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Opinion
20 Dec 2023
What we learned in cyber in 2023, and what to look out for
PA Consulting's Rasika Somasiri looks back at a busy 12 months in the cyber security world, and highlights some key learnings from 2023 Continue Reading
-
Opinion
20 Dec 2023
Evolving best practice: What next for securing remote work?
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
Definition
19 Dec 2023
supply chain risk management (SCRM)
Supply chain risk management (SCRM) is the coordinated efforts of an organization to help identify, monitor, detect and mitigate threats to supply chain continuity and profitability. Continue Reading
-
Opinion
19 Dec 2023
Security Think Tank: Testing to improve remote worker security
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
News
19 Dec 2023
Top 10 cyber security stories of 2023
The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides, but it was the chaotic state of global geopolitics that really made an impact Continue Reading
-
Opinion
19 Dec 2023
Security Think Tank: Anytime, anywhere access is achievable
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
-
E-Zine
19 Dec 2023
The ransomware threat to UK critical infrastructure
In this week’s Computer Weekly, a parliamentary report warns that a lack of ransomware preparedness at the highest levels of government is leaving UK critical national infrastructure dangerously exposed – we analyse the risks. We examine how AI tools are helping to enhance cloud security. And the CTO at jewellery retailer Pandora discusses organisational change in IT. Read the issue now. Continue Reading
-
News
18 Dec 2023
How threat intelligence is applied in DNS security
Infoblox’s director of security architecture explains how the company leverages its threat intelligence capabilities to help organisations stay ahead of DNS security threats Continue Reading
-
News
14 Dec 2023
Government plans to regulate to tackle datacentre threats
DSIT outlines a range of proposals designed to protect data storage facilities from cyber attacks, as well as physical threats and the effects of climate breakdown Continue Reading
-
News
14 Dec 2023
The Security Interviews: Talking identity with Microsoft’s Joy Chik
Microsoft’s president of identity and network access, Joy Chik, joins Computer Weekly to discuss the evolving threat landscape in identity security, using innovations in artificial intelligence to stay ahead, and advocating for the coming passwordless future Continue Reading
-
News
14 Dec 2023
NCSC CEO Lindy Cameron to step down in 2024
NCSC chief exec Lindy Cameron, who helped lead and elevate the national dialogue on cyber security through major events such as Covid-19, SolarWinds Sunburst and Colonial Pipeline, is to step down in the New Year Continue Reading
-
News
14 Dec 2023
Cisco eyes opportunities in AI, sustainability in Australia
Cisco is looking to tap opportunities in sustainability, AI and cyber security as it navigates Australia’s economic headwinds Continue Reading
-
News
13 Dec 2023
How ransomware gangs use the tech media against their victims
Ransomware gangs are increasingly media-savvy operators, and this means incident response plans now need to account for communications and PR strategies too Continue Reading
-
News
13 Dec 2023
Microsoft’s Christmas present for cyber teams: no zero-days
Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023 Continue Reading
-
News
13 Dec 2023
Critical UK infrastructure a ‘hostage of fortune’ to ransomware
A lack of ransomware planning and preparedness at the highest levels of government is leaving UK operators or critical national infrastructure dangerously exposed, according to a Joint Committee report Continue Reading
-
News
12 Dec 2023
MoD fined after breach of Afghan staffers’ data put lives at risk
The MoD has been fined £350,000 by the ICO after an email blunder exposed data on Afghan nationals who had worked with British forces and were at risk of Taliban reprisals Continue Reading