IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
18 Apr 2024
CSA warns of emerging security risks with cloud and AI
Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh Continue Reading
-
News
16 Apr 2024
CW Innovation Awards: Balancing security and user experience
The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access Continue Reading
-
News
12 Jun 2020
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed Continue Reading
-
News
12 Jun 2020
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors Continue Reading
-
News
11 Jun 2020
CISOs buying into unified security proposition
The time is right for all-in-one security solutions, according to a report Continue Reading
-
E-Zine
11 Jun 2020
CW Europe: 5G rush in Russia
Russian mobile operators are pooling their resources to help them overcome the technical challenges of creating 5G networks. Also read why Swedbank is rebuilding its anti-money laundering systems, and how a public-private partnership in the Netherlands is combating business email compromise fraud. Continue Reading
-
News
10 Jun 2020
Decade-old vulnerability among 129 Patch Tuesday fixes
A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks Continue Reading
-
Opinion
10 Jun 2020
Security Think Tank: Container security is evolving, so must CISOs
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Feature
10 Jun 2020
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
News
10 Jun 2020
Nasty surprises lurking in furloughed employees’ inboxes
Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work Continue Reading
-
News
10 Jun 2020
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm Continue Reading
-
News
09 Jun 2020
Honda investigates suspected Snake ransomware attack
Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended Continue Reading
-
News
09 Jun 2020
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data Continue Reading
-
News
08 Jun 2020
What it takes to get DevSecOps right
DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024, but getting it right will require change management, a collaborative mindset and the right automation tools Continue Reading
-
News
05 Jun 2020
Police chiefs working with Public Health England on contact-tracing security
Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme Continue Reading
-
News
05 Jun 2020
Ministry of Defence forms new cyber security regiment
The 13th Signal Regiment brings together personnel from across the armed forces to provide specialist security services Continue Reading
-
News
04 Jun 2020
Dutch organisations invest heavily in compliance – but in vain
Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment Continue Reading
-
News
04 Jun 2020
Small businesses failing on remote worker protection
Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up Continue Reading
-
News
04 Jun 2020
Data privacy groups pile in on UK contact-tracing app
UK-based digital privacy and free speech campaigning organisation files complaint with the Information Commissioner’s Office about contact-tracing app Continue Reading
-
News
04 Jun 2020
The Security Interviews: How the BSI protects the IoT from itself
David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely Continue Reading
-
News
04 Jun 2020
Coronavirus: Cyber criminals target laid-off workers
Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic Continue Reading
-
Opinion
04 Jun 2020
Security Think Tank: Four steps to container security best practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Opinion
04 Jun 2020
Why trust is the new currency
Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy Continue Reading
-
News
03 Jun 2020
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic? Continue Reading
-
News
03 Jun 2020
Security procurement framework goes live for NHS and public sector
Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched Continue Reading
-
News
03 Jun 2020
Infosec 2020: Covid-19 an opportunity to change security thinking
The annual Infosecurity Europe is being held virtually this year, and speakers at an online panel session have been considering the impact of the pandemic on security awareness Continue Reading
-
News
03 Jun 2020
Aston Martin swaps out legacy antivirus for AI-driven service
Luxury car manufacturer says the advent of artificial intelligence-powered services will revolutionise its security posture Continue Reading
-
Opinion
02 Jun 2020
A view from the SOC: Maintaining security capabilities during the pandemic
What are the challenges of maintaining security event and incident detection capabilities in these challenging times? Continue Reading
-
News
02 Jun 2020
NIS security regulations proving effective, but more work to do
The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report Continue Reading
-
News
01 Jun 2020
How managed threat hunting helps bust malicious insiders
Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending Continue Reading
-
News
29 May 2020
Government launches IoT security funding round
A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security Continue Reading
-
News
29 May 2020
Test and Trace has not passed data protection impact assessment
Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme Continue Reading
-
News
29 May 2020
How Sega Europe slashed incident response times using cloud SIEM
Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service Continue Reading
-
Opinion
29 May 2020
Security Think Tank: CISO stress – moving from recognition to action
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
28 May 2020
Public Health England to keep contact-tracing data for 20 years
PHE will retain the data it collects via the NHS Test and Trace programme for 20 years Continue Reading
-
Video
28 May 2020
How Zoom is keeping pace with demand for conferencing tools
Magnus Falk, CIO advisor at Zoom, offers insights on how the company is scaling up its resources to meet the growing usage of its service Continue Reading
-
News
28 May 2020
IoT buyers eye private network deployments for added security
Fully private, segregated networks for IoT deployments are becoming increasingly attractive to many organisations, according to a report Continue Reading
-
Opinion
27 May 2020
Australia is painting a big red cyber target on its critical infrastructure
Australia’s critical infrastructure is particularly vulnerable to cyber attacks right now because of years of under-investment in cyber security and ageing legacy systems Continue Reading
-
Feature
27 May 2020
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
News
27 May 2020
Enterprise clouds hammered by cyber attacks during pandemic
Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee Continue Reading
-
News
27 May 2020
Fears contact-tracing app will open the floodgates for cyber criminals
Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government Continue Reading
-
News
26 May 2020
StrandHogg mobile vulnerability has evil twin
Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device Continue Reading
-
News
26 May 2020
The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?
On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance Continue Reading
-
News
25 May 2020
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector Continue Reading
-
News
22 May 2020
EasyJet to be sued over customer data breach
If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn Continue Reading
-
Opinion
22 May 2020
How effective security training goes deeper than ‘awareness’
Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same Continue Reading
-
News
22 May 2020
Covid-19 will leave organisations exposed to higher cyber risks
Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum Continue Reading
-
Opinion
22 May 2020
Identification and access management: some possible futures
Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future Continue Reading
-
News
22 May 2020
Hancock to Harman: No contact-tracing privacy law
Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data Continue Reading
-
News
22 May 2020
Coronavirus: How MyIX is keeping Malaysians connected
Malaysia’s MyIX internet exchange has been classed as critical national infrastructure, with member telcos adding more capacity to meet the surge in demand for internet services Continue Reading
-
News
20 May 2020
NCSC discloses multiple vulnerabilities in contact-tracing app
National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures Continue Reading
-
News
20 May 2020
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message Continue Reading
-
News
20 May 2020
Personal devices putting Singapore employers at risk
More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats Continue Reading
-
News
20 May 2020
Responsible Cyber acquires Secucial in S$7m deal
Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint Continue Reading
-
News
19 May 2020
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales Continue Reading
-
News
19 May 2020
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline Continue Reading
-
News
19 May 2020
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it Continue Reading
-
Feature
18 May 2020
Malaysia’s data protection practices still have some way to go
Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach Continue Reading
-
News
18 May 2020
Why a pandemic-specific BCP matters
Many organisations still do not have scenario-specific business continuity plans, which are helpful when the situation requires a customised response, such as a pandemic, according to Forrester Continue Reading
-
News
14 May 2020
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China Continue Reading
-
News
13 May 2020
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport Continue Reading
-
Podcast
13 May 2020
Podcast: UK SME planning and compliance for ‘the new normal’
We look at how UK SMEs face a “new normal” following the coronavirus lockdowns and how they can plan for compliance with more remote working and a new data landscape Continue Reading
-
Opinion
13 May 2020
Security Think Tank: Burnt out CISOs are a huge cyber risk
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
13 May 2020
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list Continue Reading
-
News
13 May 2020
Microsoft fixes 16 critical vulnerabilities on Patch Tuesday
The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities Continue Reading
-
News
12 May 2020
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app Continue Reading
-
News
12 May 2020
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos Continue Reading
-
Opinion
12 May 2020
Security Think Tank: Create healthy habits to avoid burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
12 May 2020
Maze ransomware attack will cost Cognizant at least $50m to $70m
Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold Continue Reading
-
News
12 May 2020
How Australian firms can plug data protection gaps
Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene Continue Reading
-
Feature
11 May 2020
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
News
11 May 2020
Micro Focus sees growth in mainframe migration business
Lifting and shifting Cobol code from mainframes to public cloud has been a growth driver for Micro Focus in the Asia-Pacific region, even as the software supplier continues to diversify its business Continue Reading
-
News
07 May 2020
Zoom buys secure messaging service Keybase
Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table Continue Reading
-
News
07 May 2020
SilverTerrier cyber crime group targets Covid-19 key workers
Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang Continue Reading
-
News
07 May 2020
Contact-tracing app fails to protect privacy and human rights
Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee Continue Reading
-
News
07 May 2020
FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange
FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign Continue Reading
-
News
06 May 2020
Criminal justice system is failing cyber crime victims
Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study Continue Reading
-
News
06 May 2020
HMRC tackles almost 300 coronavirus phishing websites
Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public Continue Reading
-
News
06 May 2020
End-users failing to protect themselves online
Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report Continue Reading
-
Opinion
06 May 2020
Security Think Tank: Security teams are key workers and need support
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
Feature
05 May 2020
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
News
05 May 2020
Coronavirus: NCSC issues urgent alert for healthcare sector
UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading
-
Opinion
05 May 2020
Security Think Tank: Caring for the IT security caretakers
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
05 May 2020
Building security and privacy into contact-tracing apps
Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA Continue Reading
-
News
04 May 2020
NHSX contact-tracing app needs legislative oversight
Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app Continue Reading
-
News
04 May 2020
Assange extradition hearing to take place in September following coronavirus lockdown
An extradition hearing against WikiLeaks founder Julian Assange has been delayed by four months, after defence and prosecution lawyers said the Covid-19 lockdown would make it impractical to hold a fair hearing in May Continue Reading
-
News
04 May 2020
Blogging platform Ghost hacked through Salt vulnerability
Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability Continue Reading
-
Podcast
04 May 2020
Podcast: How to get cyber accountability on the board agenda
We look at how boards should carry out strategic and operational risk profile assessments and plan for compliance on an ongoing basis to avoid fines and damage to the business Continue Reading
-
Opinion
04 May 2020
Four risks to data privacy and governance amid Covid-19
EY privacy experts assess some of the novel risks to data privacy, protection and governance during the Covid-19 coronavirus pandemic Continue Reading
-
Opinion
04 May 2020
Security Think Tank: CISOs must adapt to fight Covid-19 burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
04 May 2020
IT Priorities 2020: Compliance and risk are top security concerns
When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study Continue Reading
-
Opinion
01 May 2020
Why you should think before you Zoom
Feel free to use Zoom during the coronavirus lockdown, but think before you discuss anything confidential Continue Reading
-
Opinion
01 May 2020
Security Think Tank: How to manage security team well-being
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
30 Apr 2020
Critical SaltStack vulnerability affects thousands of datacentres
Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away Continue Reading
-
News
29 Apr 2020
Coronavirus: GCHQ gets access to NHS data to beef up security
Health secretary gave GCHQ emergency powers to obtain information relating to the security of its networks and IT systems at the beginning of April, it has emerged Continue Reading
-
News
28 Apr 2020
Almost half of security pros being redeployed during pandemic
Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic Continue Reading
-
News
27 Apr 2020
Julian Assange extradition hearing postponed amid coronavirus lockdown
Julian Assange’s lawyers say they have been unable to communicate or share legal documents with the WikiLeaks founder to enable them to prepare a defence in time for a planned extradition hearing in May Continue Reading
-
News
27 Apr 2020
Microsoft patches .gif file vulnerability in Teams
Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts Continue Reading
-
News
27 Apr 2020
UK tech companies launch online safety body
Online Safety Tech Industry Association unites 14 technology companies to drive conversation and policy around online safeguarding Continue Reading
-
News
24 Apr 2020
The Security Interviews: Can AV go from dodgy scareware to cyber hero?
Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing Continue Reading
-
News
23 Apr 2020
iOS zero-day leaves iPhone users dangerously exposed
Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices Continue Reading
-
Feature
23 Apr 2020
A carrot-and-stick approach to fixing cyber security complacency
With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it Continue Reading