IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
14 May 2025
New security paradigm needed for IT/OT convergence
Industry leaders and policymakers highlight growing cyber threats from the integration of IT and operational technology systems, calling for collaboration and regulatory frameworks to protect critical systems, among other measures Continue Reading
-
News
29 Apr 2025
Kaspersky calls for cyber immunity amid growing cyber threats
The rise of professional cyber crime groups and state-sponsored actors targeting critical infrastructure requires a move towards inherently secure ‘cyber immune’ systems, says Kaspersky CEO Eugene Kaspersky Continue Reading
-
19 Mar 2020
Inside the security operations centre: The nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
Feature
19 Mar 2020
Coronavirus: How to implement safe and secure remote working
Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading
-
News
18 Mar 2020
Ocado pulls website amid coronavirus shopping frenzy
Ocado has closed its website and will not take any new orders for several days thanks to sheer volume of traffic Continue Reading
-
News
18 Mar 2020
Coronavirus now possibly largest-ever cyber security threat
The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever Continue Reading
-
News
18 Mar 2020
Prudential turns to AI to secure computer networks against cyber attacks
Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats Continue Reading
-
News
18 Mar 2020
Push for digitisation in Malaysia amid coronavirus crisis
Event cancellations and travel bans are spurring more companies to embrace digital tools to support remote and flexible working arrangements Continue Reading
-
Opinion
18 Mar 2020
Security Think Tank: Amid panic, how to find a sound level of security
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
17 Mar 2020
Covid-19: NCSC issues secure remote working guidance
With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them Continue Reading
-
News
17 Mar 2020
Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll
Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency Continue Reading
-
News
17 Mar 2020
SentinelOne makes security platform free to support remote workers
Endpoint protection platform service will be made free until 16 May 2020 to help protect remote workers during the Covid-19 coronavirus crisis Continue Reading
-
Opinion
17 Mar 2020
Security Think Tank: To tackle Covid-19, be prepared, flexible and resilient
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
17 Mar 2020
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel. Continue Reading
-
News
17 Mar 2020
UK makes its case for post-Brexit data adequacy decision
Government sets out an explanatory framework as it seeks adequacy decisions from the European Commission to maintain the free flow of personal data between the European Union, the UK and Gibraltar Continue Reading
-
News
16 Mar 2020
NCSC issues coronavirus cyber security alert
The UK’s National Cyber Security Centre has issued a public alert and fresh guidance as more cyber criminals get wise to the lucrative potential of Covid-19 Continue Reading
-
News
13 Mar 2020
Coronavirus-linked hacks likely as Czech hospital comes under attack
The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe Continue Reading
-
Opinion
13 Mar 2020
Security Think Tank: A guide to security best practice for pandemics
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
13 Mar 2020
UK’s security sector failing on most diversity measures
A DCMS report on the state of the UK’s cyber security workforce highlights a huge lack of diversity and a substantial skills gap Continue Reading
-
News
12 Mar 2020
Turla’s use of Iranian infrastructure probably opportunistic
Turla, the Kremlin-linked APT group that last year hijacked an Iranian group’s infrastructure, was likely to have been operating opportunistically, according to researchers Continue Reading
-
News
12 Mar 2020
Security pros just want to be loved, report finds
Being valued by the business for their role in keeping the organisation safe and upholding ethical standards is a primary motivator for CISOs and other security professionals Continue Reading
-
News
12 Mar 2020
Failings in open source disclosure put users at risk
As more projects rely on open source components, IT departments need to keep on top of critical vulnerabilities to ensure they are secure Continue Reading
-
E-Zine
12 Mar 2020
CW Europe: Experts examine Dutch government’s IT problems
Technology experts discuss the challenges and potential solutions to the Netherlands government’s IT problems. Also read how Russia’s VTB and Rostelecom are creating a platform to utilise big data technology, and how Spain’s CaixaBank is using AI to help its staff training. Continue Reading
-
Opinion
12 Mar 2020
Security Think Tank: Coronavirus crisis helps put security in context
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
12 Mar 2020
APAC remains hotbed for digital transformation
Nearly half of organisations in the Asia-Pacific region see digital transformation as their top priority, followed by cloud infrastructure deployment and artificial intelligence, survey finds Continue Reading
-
News
11 Mar 2020
Security pros test positive for Covid-19 after RSA Conference
Two employees of security firm Exabeam have been diagnosed with the Covid-19 coronavirus after attending RSA Conference 2020 Continue Reading
-
News
11 Mar 2020
Microsoft locks down new vulnerability with EternalBlue echoes
Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update Continue Reading
-
News
11 Mar 2020
Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday
March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical Continue Reading
-
Opinion
11 Mar 2020
Security Think Tank: ID-driven security helps safeguard the workforce
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
10 Mar 2020
Schoolgirl security experts prepare to do battle
The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent Continue Reading
-
News
10 Mar 2020
Hacking community targeted by cyber criminals in new trojan campaign
Cybereason’s Nocturnus threat research team has uncovered a cyber criminal campaign that weaponises popular hacking tools Continue Reading
-
Opinion
10 Mar 2020
Security Think Tank: Covid-19 highlights need for embedded security
In our globalised world, high-profile events such as Covid-19 have huge business impacts and some of these impacts may be felt by CISOs. What responsibilities do security pros have in such circumstances, and what steps can they take to shore up their defences? Continue Reading
-
News
09 Mar 2020
Bill Gates backs Crest fintech security scheme for Africa and Asia
UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia Continue Reading
-
News
06 Mar 2020
MI5 slammed by watchdog for failing to delete intercepted phone and internet data
The Investigatory Powers Commissioner (IPCO) has criticised MI5 for failing to report serious errors in the way it handles intercepted phone and internet data Continue Reading
-
News
06 Mar 2020
Virgin Media confirms 'misconfigured database' left personal data of 900,000 people exposed
Telco provider Virgin Media confirms 'data incident' that left personal details of 900,000 people exposed, but denies its systems were hacked or that it suffered a data breach Continue Reading
-
News
06 Mar 2020
CIO interview: Sarah Wilkinson, NHS Digital
NHS Digital has been racing to ensure the systems and protocols are in place to prepare the health service for the coronavirus. We speak to its CEO about the preparations Continue Reading
-
News
05 Mar 2020
Boots and Tesco loyalty card schemes plagued by security issues
High-street retailers deal with fraudulent attempts to access the accounts of thousands of customers Continue Reading
-
News
04 Mar 2020
Australian government pulls plug on cloud certification programme
The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers Continue Reading
-
News
04 Mar 2020
5G security is a concern for most companies
A study has found that decision-makers fear that 5G technology will make organisations more vulnerable to cyber attacks and will raise security-related costs Continue Reading
-
News
03 Mar 2020
Horangi and Tokio Marine team up on cyber security services
Singapore-based Horangi will provide penetration testing, among other cyber security services, to Tokio Marine Insurance Singapore’s cyber risk insurance clients Continue Reading
-
E-Zine
03 Mar 2020
What will points-based immigration mean for IT recruitment?
In this week’s Computer Weekly, we look at the government’s new points-based immigration rules and assess the implications for the tech sector. IR35 tax rules change in April – we find out how IT contractors need to prepare. And we examine whether the rise of cloud is really displacing the datacentre. Read the issue now. Continue Reading
-
News
03 Mar 2020
Singapore among world’s top sources of online threats
Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state Continue Reading
-
Opinion
02 Mar 2020
Why ‘no breach’ is bad news for your compliance
You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case Continue Reading
-
News
02 Mar 2020
The Security Interviews: Inside the world of bug bounties
You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow Continue Reading
-
News
01 Mar 2020
Data breaches in Australia showing no signs of abating
Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019 Continue Reading
-
News
28 Feb 2020
NCSC makes ransomware attack guidance more accessible
Following a swathe of high-profile ransomware attacks, the UK’s National Cyber Security Centre has made changes to its guidance, emphasising the importance of offline backups Continue Reading
-
News
27 Feb 2020
Redcar & Cleveland Council confirms ransomware attack
Local authority’s systems are still offline nearly three weeks after being attacked Continue Reading
-
E-Zine
27 Feb 2020
CW Nordics: Swedes lose faith in social media as data security fears increase
Swedish citizens are becoming more concerned about the activities of social media companies and are reducing their online interaction with them as a result. Also read about new mobility-as-a-service projects gaining traction across Denmark, Finland, Norway and Sweden, and why the Finnish government has committed resources to a cyber security project aimed at local authorities. Continue Reading
-
News
27 Feb 2020
Kr00k vulnerability compromises billions of Wi-Fi devices
Billions of Wi-Fi chips used in IoT devices, laptops, smartphones and tablets are vulnerable to a serious vulnerability Continue Reading
-
News
26 Feb 2020
Fake CDNs obscuring credit card fraudsters
Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities Continue Reading
-
News
26 Feb 2020
Cloud Snooper firewall bypass may be work of nation state
Cloud Snooper deploys a combination of specialised techniques to sneak past enterprise firewalls, warns Sophos Continue Reading
-
News
26 Feb 2020
WikiLeaks founder Julian Assange cannot be legally extradited for ‘political offences’, say lawyers
Lawyers for WikiLeaks founder Julian Assange argue that he has been charged with political offences and cannot be legally extradited to the US under the US-UK extradition treaty Continue Reading
-
News
26 Feb 2020
FCA data breach could happen to anybody, but easy to avoid
Minor data breach at the Financial Conduct Authority was the result of simple human error, and highlights the need for organisations to consider a wide range of potential threats Continue Reading
-
News
25 Feb 2020
Google warns users not to mess with Huawei devices
Google tells users of Huawei devices to try to avoid bypassing controls preventing them from loading its apps Continue Reading
-
News
25 Feb 2020
Sports retailer Decathlon left employee data exposed
More than 123 million records were accidentally exposed on an unsecured ElasticSearch server Continue Reading
-
News
25 Feb 2020
The Security Interviews: Gil Shwed’s 10-year vision for security
Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years Continue Reading
-
News
25 Feb 2020
Cloud data leaks compounded by lack of automation tools
Data leaks caused by misconfigured clouds are being compounded because security teams lack appropriate automation and integration tools, according to a report Continue Reading
-
News
25 Feb 2020
Cyber criminals targeting UK motorists, warns DVLA
Cyber criminals are offering various services and tax refunds that purport to be from the DVLA Continue Reading
-
E-Zine
25 Feb 2020
Using meteorological data to prepare for the worst
In this week’s Computer Weekly, after the storms that swept across the UK, we look at the technology behind Weather Source’s meteorological data service. Oracle and SAP are battling over customers to upgrade their ERP systems to the cloud. And we report from the world’s biggest retail tech show. Read the issue now. Continue Reading
-
News
24 Feb 2020
Assange extradition is a politically motivated ‘abuse of power’, court hears
US government’s attempt to extradite WikiLeaks founder Julian Assange to face espionage charges in the US is politically motivated and an abuse of process, court told Continue Reading
-
News
24 Feb 2020
WikiLeaks founder Assange ‘put lives at risk’ by disclosing names in leaked documents, court hears
WikiLeaks founder Julian Assange ‘put lives of US informants at risk’ by publishing unredacted documents, lawyers for the US argued at the first day of a week-long extradition hearing Continue Reading
-
News
24 Feb 2020
Open security group unveils common OpenDXL language
Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework Continue Reading
-
News
24 Feb 2020
Cisco goes all-in on security integration with SecureX platform
CISOs are struggling to stitch together disparate cyber security products and services – Cisco believes its cloud-native SecureX platform will change their working lives for the better Continue Reading
-
News
21 Feb 2020
F-Secure’s AI reads mean tweets to fight abuse and trolls
Researchers working on F-Secure’s Project Blackfin have developed a model for clustering tweets to help pinpoint abuse and harassment Continue Reading
-
Opinion
21 Feb 2020
The greatest contest ever – privacy versus security
Examining the technical, legal and ethical challenges around the privacy versus security debate Continue Reading
-
Opinion
21 Feb 2020
Addressing the IoT security challenge
We consider how best to address some of the critical security challenges around the internet of things Continue Reading
-
News
20 Feb 2020
UK and US accuse Russian spooks of Georgia cyber attacks
Foreign secretary describes 2019 campaign of cyber attacks as reckless, brazen and unacceptable Continue Reading
-
News
20 Feb 2020
Google plans to send Brits’ data to US after Brexit
Move puts British user data beyond the reach of the EU’s GDPR, makes it more accessible to UK and US law enforcement agencies, and has prompted anger Continue Reading
-
News
20 Feb 2020
Facilities firm ISS World crippled by ransomware attack
An apparent ransomware attack has compromised some IT and email systems at Danish facilities firm ISS World Continue Reading
-
News
19 Feb 2020
Cost of cloud misconfigurations set at $5tn
Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months Continue Reading
-
News
19 Feb 2020
Blasé directors put business data at risk
The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress Continue Reading
-
News
19 Feb 2020
Questions raised over Office 365 shared content policy
Buried 300 words into Microsoft’s standard service level agreement is a clause that affects intellectual property and privacy Continue Reading
-
News
18 Feb 2020
US ‘breached due process’ in spying operation against Julian Assange’s lawyers
Surveillance footage of Julian Assange’s meetings with lawyers and doctors in the Ecuadorian Embassy in London was an “abuse of process” Continue Reading
-
News
18 Feb 2020
Untrusted security teams being left out of business decisions
Only a third of organisations are involving their cyber security function at the planning stage of business initiatives Continue Reading
-
Feature
18 Feb 2020
Is this Netflix-style thriller the future of security training?
Cyber awareness specialists at KnowBe4 reckon that bringing Netflix-style production values to corporate videos heralds a new approach to security training Continue Reading
-
Opinion
18 Feb 2020
Security Think Tank: Zero trust strategies must start small, then grow
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
E-Zine
18 Feb 2020
Trust no one – the benefits of zero-trust security
In this week’s Computer Weekly, we take an in-depth look at zero-trust security and examine how it changes traditional IT risk models. After SAP extended the support deadline for its ECC ERP system, we find out the options for users. And we analyse explainable AI and the ethical importance of understanding algorithms. Read the issue now. Continue Reading
-
News
17 Feb 2020
Australians more savvy about cyber security
More Australians look out for signs of security features such as SSL encryption even as they remain sceptical of the data protection capabilities of small businesses Continue Reading
-
News
17 Feb 2020
Mastercard opens European security resilience unit
Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience Continue Reading
-
Opinion
17 Feb 2020
Security Think Tank: Ask yourself if zero trust is right for you
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
14 Feb 2020
Security Think Tank: How zero trust lets you take back control
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust architecture? Continue Reading
-
News
13 Feb 2020
Cyber criminals spread coronavirus conspiracy theories
The latest email campaigns identified by Proofpoint are spreading conspiracy theories about the coronavirus outbreak Continue Reading
-
E-Zine
13 Feb 2020
CW Benelux: Ericsson helps driverless buses hit European streets
Ericsson has revealed its plans for new technologies including 5G, the internet of things and self-driving buses. Also read about the Dutch government lacking the knowledge and skills for its own IT strategy, and the Dutch government’s need to push for an electronic ID system for its citizens. Continue Reading
-
Opinion
13 Feb 2020
Security Think Tank: Practical steps to achieve zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
12 Feb 2020
Internet Explorer zero day among 99 Patch Tuesday problems
After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities Continue Reading
-
Feature
12 Feb 2020
Inside the SOC: the nerve centre of security operations
Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading
-
News
11 Feb 2020
Mac-based security threats outpacing Windows
Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes Continue Reading
-
News
11 Feb 2020
Chinese military personnel accused of Equifax hack
A US federal grand jury has indicted four Chinese army personnel over the 2017 Equifax breach Continue Reading
-
News
10 Feb 2020
What should be in Australia’s next cyber security strategy
The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues? Continue Reading
-
News
10 Feb 2020
AI in public service must be accountable
Committee on Standards in Public Life recommends that government departments make ethics a top priority when tendering artificial intelligence systems Continue Reading
-
Feature
10 Feb 2020
Choosing the right disaster recovery for your business
We look at the various options available when implementing disaster recovery, and how much they’re worth Continue Reading
-
Opinion
10 Feb 2020
Security Think Tank: Zero trust is complex, but has rich rewards
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
07 Feb 2020
Joaquin Phoenix’s Joker is ‘most dangerous’ movie
Ahead of the 2020 Oscars, Kaspersky researchers say they found more than 300 files masquerading as the Joker movie Continue Reading
-
Opinion
07 Feb 2020
Security Think Tank: No trust in zero trust need not be a problem
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
06 Feb 2020
Stressed, overworked CISOs losing £23k a year in unpaid overtime
Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health Continue Reading
-
News
05 Feb 2020
Darktrace signs to McLaren for 2020 F1 season
McLaren Racing has enlisted Darktrace to become its official artificial intelligence cyber security partner Continue Reading
-
News
05 Feb 2020
Web app ubiquity gives cyber criminals new opportunities
The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals Continue Reading
-
News
05 Feb 2020
Check Point pledges end to security updates
Check Point’s Gil Shwed expands on a vision for the next 10 years of cyber security, which he calls Infinity Next Continue Reading
-
Opinion
05 Feb 2020
Security Think Tank: Zero trust is not the answer to all your problems
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
Opinion
04 Feb 2020
The fight against cyber crime: Why cooperation matters
With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today Continue Reading
-
Opinion
04 Feb 2020
Security Think Tank: Facing the challenge of zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading
-
News
03 Feb 2020
Brexit messes up IT project plans
With no firm plans for a managed departure from the Europe Union, the UK’s IT spending is set to be curbed, and CIOs will need to start cutting costs as IT budgets decline Continue Reading