IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
Opinion
01 May 2025
Explaining what’s happening in a cyber attack is hard but crucial
The recent attacks on Marks & Spencer, Harrods and the Co-op show why it is essential for organisations to have a strategy to communicate effectively with customers affected. Continue Reading
-
Opinion
01 May 2025
Signalgate: Learnings for CISOs securing enterprise data
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error. Continue Reading
-
News
16 Apr 2020
NHS Wales to get free security services during coronavirus pandemic
NHS Wales Informatics Services enlists Thales to help it face down security threats and let its teams focus on the Covid-19 coronavirus crisis Continue Reading
-
News
16 Apr 2020
Coronavirus: Cyber attacks on banks seen spiking, says Carbon Black
VMware’s Carbon Black observes a spike in cyber attacks on financial services organisations Continue Reading
-
News
16 Apr 2020
Coronavirus: Indian IT sector takes hit
India’s IT market will see slower growth this year though opportunities abound in artificial intelligence and cyber security Continue Reading
-
News
15 Apr 2020
Coronavirus: Standard Chartered bans employees from Zoom
Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom Continue Reading
-
News
15 Apr 2020
Coronavirus: Researcher finds security vulnerability in Slack
Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher Continue Reading
-
News
15 Apr 2020
Microsoft patches 19 critical bugs in another heavy Patch Tuesday
The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday Continue Reading
-
Opinion
15 Apr 2020
A legal perspective on data breaches and home working
Legal experts from Fieldfisher share guidance on how to deal with cyber attacks during the coronavirus crisis, and what the ICO expects in terms of notification Continue Reading
-
News
14 Apr 2020
Apple and Netflix most imitated brands in phishing attacks
A new report highlights the brands which are being most frequently spoofed by cyber criminals in phishing attacks Continue Reading
-
News
14 Apr 2020
Coronavirus: Zoom user credentials for sale on dark web
IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web Continue Reading
-
News
14 Apr 2020
Coronavirus puts brakes on 5G core deployments
Research firm identifies short- and long-term impacts that global pandemic will have on 5G core and edge networks Continue Reading
-
News
13 Apr 2020
How Singapore’s Niometrics is changing network analytics
By extracting granular data and emphasising privacy protection, Niometrics’ network analytics technology is being put through its paces in a variety of use cases Continue Reading
-
News
09 Apr 2020
Coronavirus: Zoom restricted or banned at multiple organisations
Use of videoconferencing tool has been banned at Google and in parts of the German and US governments Continue Reading
-
News
08 Apr 2020
Revealed: Estonia targeted by Russia-linked disinformation deluge
Kremlin-linked threat actors are undermining the government of Estonia and its relationship with the European Union through a concerted disinformation campaign, with wider ramifications Continue Reading
-
News
08 Apr 2020
Despite coronavirus, overall cyber crime volumes hold steady
The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being Continue Reading
-
News
08 Apr 2020
Coronavirus: McAfee unearths dark web blood bank
Cyber criminals are selling fake goods and running scams on online marketplaces during the Covid-19 pandemic. Don’t be taken in Continue Reading
-
News
08 Apr 2020
Coronavirus threats ramp up as more hospitals come under attack
The Covid-19 Cyber Threat Coalition finds the majority of security pros have been targeted by cyber criminals exploiting the coronavirus pandemic, and adds to warnings of increased activity targeting the health sector Continue Reading
-
News
07 Apr 2020
Judge refuses to delay Assange's extradition hearing over coronavirus pandemic
District Judge Vanessa Baraitser says extradition proceedings will go ahead against Julian Assange, after his lawyers argued that the coronavirus lockdown means they cannot prepare their defence Continue Reading
-
News
07 Apr 2020
Happy developers write secure code, report claims
DevOps specialist Sonatype claims to have found a direct correlation between satisfied developers and application security hygiene Continue Reading
-
Feature
07 Apr 2020
How APAC firms are coping with the Covid-19 outbreak
The air of change looms large in companies operating in the Asia-Pacific region, with some doing better than others in keeping the lights on amid the coronavirus pandemic Continue Reading
-
E-Zine
07 Apr 2020
Adapting IT to the new normal
In this week’s Computer Weekly, we talk to four top IT leaders to find out how they are supporting their organisations through the coronavirus crisis. We look at the security best practices recommended by experts to ensure safe remote working for staff. And the CISO of Equifax explains why the firm is moving to public cloud. Read the issue now. Continue Reading
-
News
06 Apr 2020
Two-factor authentication is broken: What comes next?
Two-factor authentication is seen by many as a robust authentication method, but is it really as impervious as it seems? Continue Reading
-
News
06 Apr 2020
BA and Marriott get GDPR fine reprieve
Both British Airways and Marriott International have had their General Data Protection Regulation fines deferred until later in 2020 Continue Reading
-
News
06 Apr 2020
Zero-day exploits increasingly commodified, say researchers
The exploitation of zero-day vulnerabilities increasingly demonstrates access to cash, rather than skills Continue Reading
-
Opinion
06 Apr 2020
Security Think Tank: Why and how cyber criminals exploit world events
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
05 Apr 2020
Interpol warns of more ransomware attacks against healthcare sector
Purple notice issued to alert police forces around the world of ransomware attacks against hospitals and other healthcare institutions Continue Reading
-
News
05 Apr 2020
Google data shows high interest in security and remote working
An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis Continue Reading
-
Opinion
03 Apr 2020
JavaScript skimmers: An evolving and dangerous threat
Cyber attacks exploiting Magecart JavaScript skimmers are spiking during the coronavirus pandemic, and like biological viruses, they just keep evolving Continue Reading
-
Opinion
03 Apr 2020
Security Think Tank: Continuity planning doesn’t have to be complex
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
02 Apr 2020
Coronavirus: Magecart attacks on online retailers jump 20%
RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic Continue Reading
-
News
02 Apr 2020
Morrisons appeal success is cold comfort for enterprises
The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them Continue Reading
-
News
02 Apr 2020
Coronavirus: Is Zoom safe and should security teams ban it?
Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright? Continue Reading
-
Podcast
02 Apr 2020
Podcast: Covid-19, compliance risk, remote assessment and training
We talk to Mathieu Gorge, CEO of Vigitrust, about why organisations cannot drop their guard on compliance during the increased risks faced as a result of the coronavirus crisis Continue Reading
-
News
01 Apr 2020
What we can learn from Marriott’s new data breach embarrassment
Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences Continue Reading
-
News
01 Apr 2020
Morrisons not liable for 2014 data breach, says Supreme Court
Court allows supermarket chain’s appeal against judgments holding it liable for a 2014 insider data breach, saying previous rulings misunderstood the concept of vicarious liability Continue Reading
-
Feature
01 Apr 2020
Malaysia’s business continuity planning readiness a mixed bag
Larger Malaysian enterprises have BCP in place, but SMEs lag behind and will find it harder to weather the Covid-19 storm Continue Reading
-
News
01 Apr 2020
Coronavirus: WHO, Rakuten collaborate on anti-disinformation chatbot
The World Health Organisation and Rakuten Viber have built an interactive, multi-language chatbot to try to get on top of the growing problem of disinformation during the coronavirus pandemic Continue Reading
-
News
31 Mar 2020
Nigerian email attacks evolving into credible, dangerous threat
Palo Alto’s Unit 42 reports on Nigeria’s SilverTerrier cyber crime group, which is becoming a highly dangerous threat to businesses worldwide Continue Reading
-
News
31 Mar 2020
Too late to protect online privacy, say Brits
Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report Continue Reading
-
Feature
31 Mar 2020
Why security validation matters
FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape Continue Reading
-
News
30 Mar 2020
Coronavirus: Don’t fall for fake cures, warns UK government
Government urges people to be more vigilant about what they read and share online as it relaunches its Don’t Feed the Beast campaign to counter coronavirus disinformation Continue Reading
-
News
27 Mar 2020
Lorca calls on security scaleups to tackle coronavirus challenge
Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges Continue Reading
-
News
26 Mar 2020
Coronavirus: What are the latest free cyber security offers?
We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis Continue Reading
-
News
26 Mar 2020
Coronavirus: Be alert to rogue mobile apps exploiting outbreak
Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them Continue Reading
-
News
26 Mar 2020
Developed APAC states most exposed to cyber risks
Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds Continue Reading
-
News
25 Mar 2020
Almost half of UK businesses suffered a cyber attack in past year
Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism Continue Reading
-
News
24 Mar 2020
Fake antivirus site promises coronavirus protection, delivers trojan
Researchers at Malwarebytes have warned of an increasing volume of scam sites exploiting the Covid-19 coronavirus Continue Reading
-
Opinion
24 Mar 2020
Coronavirus and privacy – finding the middle ground
Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used Continue Reading
-
News
24 Mar 2020
Legacy AV defenceless against onslaught of evasive malware
More than two-thirds of malware detected by WatchGuard in the last three months of 2019 was able to evade signature-based antivirus products, rendering them effectively useless in most instances Continue Reading
-
Feature
23 Mar 2020
The AWS bucket list: Keep your cloud secure
Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter Continue Reading
-
News
23 Mar 2020
Coronavirus: Kaspersky, Bitdefender make products free to NHS
Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies Continue Reading
-
News
23 Mar 2020
Thousands of Netflix, Disney+ streaming accounts being stolen
Proofpoint has urged users of streaming services to be alert to cyber criminals hijacking their accounts Continue Reading
-
Opinion
23 Mar 2020
Why zero trust may not be all it’s cracked up to be
While they are discussed ad nauseam in the security industry, zero-trust architectures may not be all they’re cracked up to be, according to analyst Sam Bocetta Continue Reading
-
News
22 Mar 2020
Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack
The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems Continue Reading
-
News
20 Mar 2020
Coronavirus: Sans Institute issues cyber security advice for parents
With schools now shut across the UK, parents will bear more responsibility for keeping children safe online and educating them about online harms Continue Reading
-
News
20 Mar 2020
Unpatched Zyxel storage devices co-opted into IoT botnet
Owners of Zyxel network-attached storage devices are in danger of being hijacked by Mukashi, a descendant of the infamous Mirai botnet, if they don’t patch a critical vulnerability Continue Reading
-
News
19 Mar 2020
IT Priorities 2020: ANZ firms to spend more on cyber security
Over half of respondents in Australia and New Zealand plan to invest more in cyber security, especially in key areas such as data loss prevention Continue Reading
-
19 Mar 2020
Inside the security operations centre: The nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
Feature
19 Mar 2020
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
News
18 Mar 2020
Ocado pulls website amid coronavirus shopping frenzy
Ocado has closed its website and will not take any new orders for several days thanks to sheer volume of traffic Continue Reading
-
News
18 Mar 2020
Coronavirus now possibly largest-ever cyber security threat
The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever Continue Reading
-
News
18 Mar 2020
Prudential turns to AI to secure computer networks against cyber attacks
Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats Continue Reading
-
News
18 Mar 2020
Push for digitisation in Malaysia amid coronavirus crisis
Event cancellations and travel bans are spurring more companies to embrace digital tools to support remote and flexible working arrangements Continue Reading
-
Opinion
18 Mar 2020
Security Think Tank: Amid panic, how to find a sound level of security
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
17 Mar 2020
Covid-19: NCSC issues secure remote working guidance
With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them Continue Reading
-
News
17 Mar 2020
Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll
Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency Continue Reading
-
News
17 Mar 2020
SentinelOne makes security platform free to support remote workers
Endpoint protection platform service will be made free until 16 May 2020 to help protect remote workers during the Covid-19 coronavirus crisis Continue Reading
-
Opinion
17 Mar 2020
Security Think Tank: To tackle Covid-19, be prepared, flexible and resilient
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
17 Mar 2020
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel. Continue Reading
-
News
17 Mar 2020
UK makes its case for post-Brexit data adequacy decision
Government sets out an explanatory framework as it seeks adequacy decisions from the European Commission to maintain the free flow of personal data between the European Union, the UK and Gibraltar Continue Reading
-
News
16 Mar 2020
NCSC issues coronavirus cyber security alert
The UK’s National Cyber Security Centre has issued a public alert and fresh guidance as more cyber criminals get wise to the lucrative potential of Covid-19 Continue Reading
-
News
13 Mar 2020
Coronavirus-linked hacks likely as Czech hospital comes under attack
The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe Continue Reading
-
Opinion
13 Mar 2020
Security Think Tank: A guide to security best practice for pandemics
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
13 Mar 2020
UK’s security sector failing on most diversity measures
A DCMS report on the state of the UK’s cyber security workforce highlights a huge lack of diversity and a substantial skills gap Continue Reading
-
News
12 Mar 2020
Turla’s use of Iranian infrastructure probably opportunistic
Turla, the Kremlin-linked APT group that last year hijacked an Iranian group’s infrastructure, was likely to have been operating opportunistically, according to researchers Continue Reading
-
News
12 Mar 2020
Security pros just want to be loved, report finds
Being valued by the business for their role in keeping the organisation safe and upholding ethical standards is a primary motivator for CISOs and other security professionals Continue Reading
-
News
12 Mar 2020
Failings in open source disclosure put users at risk
As more projects rely on open source components, IT departments need to keep on top of critical vulnerabilities to ensure they are secure Continue Reading
-
E-Zine
12 Mar 2020
CW Europe: Experts examine Dutch government’s IT problems
Technology experts discuss the challenges and potential solutions to the Netherlands government’s IT problems. Also read how Russia’s VTB and Rostelecom are creating a platform to utilise big data technology, and how Spain’s CaixaBank is using AI to help its staff training. Continue Reading
-
Opinion
12 Mar 2020
Security Think Tank: Coronavirus crisis helps put security in context
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
12 Mar 2020
APAC remains hotbed for digital transformation
Nearly half of organisations in the Asia-Pacific region see digital transformation as their top priority, followed by cloud infrastructure deployment and artificial intelligence, survey finds Continue Reading
-
News
11 Mar 2020
Security pros test positive for Covid-19 after RSA Conference
Two employees of security firm Exabeam have been diagnosed with the Covid-19 coronavirus after attending RSA Conference 2020 Continue Reading
-
News
11 Mar 2020
Microsoft locks down new vulnerability with EternalBlue echoes
Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update Continue Reading
-
News
11 Mar 2020
Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday
March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical Continue Reading
-
Opinion
11 Mar 2020
Security Think Tank: ID-driven security helps safeguard the workforce
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
10 Mar 2020
Schoolgirl security experts prepare to do battle
The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent Continue Reading
-
News
10 Mar 2020
Hacking community targeted by cyber criminals in new trojan campaign
Cybereason’s Nocturnus threat research team has uncovered a cyber criminal campaign that weaponises popular hacking tools Continue Reading
-
Opinion
10 Mar 2020
Security Think Tank: Covid-19 highlights need for embedded security
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
09 Mar 2020
Bill Gates backs Crest fintech security scheme for Africa and Asia
UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia Continue Reading
-
News
06 Mar 2020
MI5 slammed by watchdog for failing to delete intercepted phone and internet data
The Investigatory Powers Commissioner (IPCO) has criticised MI5 for failing to report serious errors in the way it handles intercepted phone and internet data Continue Reading
-
News
06 Mar 2020
Virgin Media confirms 'misconfigured database' left personal data of 900,000 people exposed
Telco provider Virgin Media confirms 'data incident' that left personal details of 900,000 people exposed, but denies its systems were hacked or that it suffered a data breach Continue Reading
-
News
06 Mar 2020
CIO interview: Sarah Wilkinson, NHS Digital
NHS Digital has been racing to ensure the systems and protocols are in place to prepare the health service for the coronavirus. We speak to its CEO about the preparations Continue Reading
-
News
05 Mar 2020
Boots and Tesco loyalty card schemes plagued by security issues
High-street retailers deal with fraudulent attempts to access the accounts of thousands of customers Continue Reading
-
News
04 Mar 2020
Australian government pulls plug on cloud certification programme
The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers Continue Reading
-
News
04 Mar 2020
5G security is a concern for most companies
A study has found that decision-makers fear that 5G technology will make organisations more vulnerable to cyber attacks and will raise security-related costs Continue Reading
-
News
03 Mar 2020
Horangi and Tokio Marine team up on cyber security services
Singapore-based Horangi will provide penetration testing, among other cyber security services, to Tokio Marine Insurance Singapore’s cyber risk insurance clients Continue Reading
-
E-Zine
03 Mar 2020
What will points-based immigration mean for IT recruitment?
In this week’s Computer Weekly, we look at the government’s new points-based immigration rules and assess the implications for the tech sector. IR35 tax rules change in April – we find out how IT contractors need to prepare. And we examine whether the rise of cloud is really displacing the datacentre. Read the issue now. Continue Reading
-
News
03 Mar 2020
Singapore among world’s top sources of online threats
Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state Continue Reading
-
Opinion
02 Mar 2020
Why ‘no breach’ is bad news for your compliance
You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case Continue Reading
-
News
02 Mar 2020
The Security Interviews: Inside the world of bug bounties
You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow Continue Reading
-
News
01 Mar 2020
Data breaches in Australia showing no signs of abating
Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019 Continue Reading
-
News
28 Feb 2020
NCSC makes ransomware attack guidance more accessible
Following a swathe of high-profile ransomware attacks, the UK’s National Cyber Security Centre has made changes to its guidance, emphasising the importance of offline backups Continue Reading