IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
Opinion
01 May 2025
Explaining what’s happening in a cyber attack is hard but crucial
The recent attacks on Marks & Spencer, Harrods and the Co-op show why it is essential for organisations to have a strategy to communicate effectively with customers affected. Continue Reading
-
Opinion
01 May 2025
Signalgate: Learnings for CISOs securing enterprise data
A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error. Continue Reading
-
Opinion
16 Oct 2019
Security Think Tank: Embed security professionals in your risk strategy
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Opinion
15 Oct 2019
Security Think Tank: Risk management must go beyond spreadsheets
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Opinion
14 Oct 2019
Security Think Tank: Consider risk holistically, not just from an IT angle
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
E-Zine
10 Oct 2019
CW Middle East: Saudi banks trial biometrics in ATMs
Biometric and blockchain technologies are being used in tandem to provide ID verification at Saudi Arabian cash machines. Also read about the first government organisation in Bahrain to migrate to Amazon Web Services, and an interview with Yasmeen Al Sharaf, head of fintech and innovation unit, Central Bank of Bahrain. Continue Reading
-
Feature
10 Oct 2019
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Opinion
09 Oct 2019
Small business guide: How to keep your organisation secure from fraudsters and hackers
Doing a few things well can keep your organisation protected from common cyber attacks and fraudsters Continue Reading
-
Opinion
09 Oct 2019
Security Think Tank: The operational approach to integrated risk management
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
08 Oct 2019
How APAC enterprises can keep pace with container security
For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities Continue Reading
-
08 Oct 2019
How to bolster IAM strategies using automation
Identity and access management processes and technologies play an important role in security strategies, but organisations and IT professionals need to ensure these strategies are robust enough to deal with new threats. Continue Reading
-
E-Zine
08 Oct 2019
Showcasing the potential of 5G
In this week’s Computer Weekly, we visit an ambitious trial in Bristol that is showcasing the possibilities offered by 5G roll-out. We look at how emerging automation technologies are enhancing the use of identity and access management tools. And we assess the Government Digital Service plan for transforming public services. Read the issue now. Continue Reading
-
Opinion
07 Oct 2019
Security Think Tank: Risk is unavoidable in digital transformation
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
03 Oct 2019
IT contractor charged over cyber attack on property valuation firm
Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web Continue Reading
-
News
03 Oct 2019
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank Continue Reading
-
News
03 Oct 2019
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year Continue Reading
-
News
03 Oct 2019
Cyber war as big a threat as nuclear war, says ex-RSA head Coviello
Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them Continue Reading
-
News
01 Oct 2019
A security breach is inevitable, IT leaders warned
No matter how much IT security tech and training is in place, sophisticated, targeted attacks are going to breach company defences, Carbon Black warns Continue Reading
-
E-Zine
01 Oct 2019
The most influential women in UK technology 2019
In this week’s Computer Weekly, we announce our annual list of the 50 most influential women in UK technology. Meet the winner, Debbie Forster, CEO of Tech Talent Charter, and find out who are this year’s five rising stars. Also, our latest buyer’s guide looks at the latest developments in robotic process automation. Read the issue now. Continue Reading
-
News
01 Oct 2019
Singapore outlines initiatives to tackle OT and IoT security
The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things Continue Reading
-
News
27 Sep 2019
Nodersok malware campaign is infecting thousands, Microsoft warns
Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks Continue Reading
-
News
27 Sep 2019
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to Continue Reading
-
News
26 Sep 2019
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach Continue Reading
-
News
24 Sep 2019
Singapore payment card data compromised by JavaScript sniffers
Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer Continue Reading
-
News
24 Sep 2019
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee Continue Reading
-
News
18 Sep 2019
Facebook automatically generates pages for Islamic State and Al-Qaeda
Facebook algorithms have auto-generated hundreds of Facebook pages for the Islamic State, Al-Qaeda and Ansar al-Sharia, according to a whistleblower Continue Reading
-
News
18 Sep 2019
Universities tempting targets for cyber criminals, warns NCSC
As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack Continue Reading
-
News
16 Sep 2019
Ensign InfoSecurity opens global headquarters in Singapore
The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence Continue Reading
-
Feature
16 Sep 2019
Inside blockchain and its various applications
We explore the technology around blockchain shaping how businesses use data Continue Reading
-
News
13 Sep 2019
When AIs go to war: Autonomous cyber weapons ‘inevitable’
CISOs must start thinking about how to engage with intelligent, adaptive, non-human attackers, says Trend Micro’s Rik Ferguson Continue Reading
-
News
12 Sep 2019
UN agency Unicef praised for response to accidental data leak
The UN’s children’s agency has disclosed an inadvertent leak of personal data belonging to users of its online learning platform Agora Continue Reading
-
E-Zine
12 Sep 2019
CW Europe: Dutch authorities call temporary halt to datacentre construction
Two Dutch municipalities are putting all datacentre construction on hold while they put together a strategy to help them control developments. A local alderman said datacentres take up a lot of space and place a large burden on the electricity grid. Also read how France is racing ahead of Germany in making the most of service companies in India, and about Google’s plans for a new datacentre and technology training hub in Finland. Continue Reading
-
Opinion
11 Sep 2019
Regulators globally are shaping up to rein in Facebook
We need to move fast and fix Facebook, before it breaks us Continue Reading
-
News
11 Sep 2019
Nordic countries deepen collaboration with Estonia-based cyber security operation
Nordic countries are now working closer with Nato’s Estonia-based centre of excellence in cyber security Continue Reading
-
News
11 Sep 2019
GDPR non-compliance worse than feared
Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts Continue Reading
-
News
10 Sep 2019
UK calls for cyber capacity-building at UN security group
The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security Continue Reading
-
News
10 Sep 2019
BT gears up to take on rogue drones
BT’s Enterprise unit is offering customers an anti-drone security solution to protect their physical sites from intrusion Continue Reading
-
Opinion
10 Sep 2019
Security Think Tank: The case for blockchain-based identity
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
E-Zine
10 Sep 2019
A tech boost for social care
In this week’s Computer Weekly, we explore how local authorities across the UK have been looking at assistive technologies, ranging from collaborative robots to voice assistants, to support delivery of adult social care services. We also look into the ramifications of HMRC targeting 1,500 GlaxoSmithKline IT contractors. Read the issue now. Continue Reading
-
Opinion
09 Sep 2019
Security Think Tank: Too soon to dismiss blockchain in cyber security
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
News
06 Sep 2019
Australia government to chart 2020 cyber security strategy
Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint Continue Reading
-
Opinion
06 Sep 2019
Security Think Tank: Use blockchain for integrity and immutability checks
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
News
05 Sep 2019
Singapore’s SecureAge eyes US market
The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan Continue Reading
-
News
05 Sep 2019
Tide Foundation aims to boost password security
While passwordless security remains just out of reach, a non-profit organisation has developed a mechanism that it says makes passwords exponentially more difficult to crack Continue Reading
-
Opinion
05 Sep 2019
Security Think Tank: Blockchain is not for everyone, so look carefully before you leap
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Opinion
04 Sep 2019
Security Think Tank: Blockchain utility depends on business type and cost
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
News
04 Sep 2019
TrickBot Trojan switches to stealthy Ostap downloader
Operators of the TrickBot banking Trojan have switched to a new downloader to evade detection and analysis for a high-volume malicious spam campaign targeting business, researchers warn Continue Reading
-
News
03 Sep 2019
Cyber criminals tap into web social engineering toolkit
Security researchers have discovered a web social engineering toolkit that enables cyber criminals to create fake update notification campaigns Continue Reading
-
News
03 Sep 2019
CISOs think cloud safer, but security fears remain
The majority of information security leaders think cloud is now safer than on-premise, but security fears remain, with recently breached and highly regulated organisations most concerned, poll reveals Continue Reading
-
News
03 Sep 2019
At least 47,000 servers vulnerable to remote attack
All organisations using Supermicro servers are being urged to update firmware to block remote attacks exploiting vulnerabilities in baseboard management controllers Continue Reading
-
Opinion
03 Sep 2019
Security Think Tank: Risk mitigation is key to blockchain becoming mainstream
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
News
02 Sep 2019
UK organisations join quantum comms pilot
Four UK companies are taking part in a pilot project to build the most secure communication infrastructure in Europe Continue Reading
-
Opinion
02 Sep 2019
Security Think Tank: Blockchain – balance risk and opportunity for smart security
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
News
02 Sep 2019
CISOs turn to AI, detection, response and education
Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows Continue Reading
-
Feature
30 Aug 2019
How to mitigate IoT security risks to tap business benefits
Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk Continue Reading
-
News
30 Aug 2019
Social media and enterprise apps pose big security risks
The lack of security policies in many business applications is putting enterprise data at risk and social media apps are the biggest source of malware, a poll of IT professionals reveals Continue Reading
-
News
29 Aug 2019
UK gets first millionaire ethical hacker
Six months after the first millionaire ethical hacker was announced, five more have been recognised, including a Briton, who have collectively discovered nearly 5,000 vulnerabilities Continue Reading
-
News
29 Aug 2019
Finland’s security agencies collaborate after cyber attacks
National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure Continue Reading
-
News
29 Aug 2019
UK firms getting on top of IT downtime costs
Despite data breach headlines, UK firms are generally improving in their data protection, business continuity, cyber preparedness and understanding of downtime costs, study shows Continue Reading
-
News
29 Aug 2019
Dutch regulator reveals potential Microsoft privacy breach
Netherlands privacy watchdog has revealed potential breaches while testing Microsoft software changes Continue Reading
-
News
28 Aug 2019
Targeted cyber attacks, including ransomware, on the rise
Governments and healthcare institutions are prime targets of ransomware operators, a report shows Continue Reading
-
Feature
28 Aug 2019
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading
-
News
28 Aug 2019
Most UK firms ignore security in tech investments
Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals Continue Reading
-
News
28 Aug 2019
Ransomware has evolved into a serious enterprise threat
Ransomware has seen a resurgence since the start of 2019, with cyber criminals changing code and tactics to target enterprises and local authorities for higher ransom payments, McAfee researchers warn Continue Reading
-
News
27 Aug 2019
Employees, MSPs and developers top third-party risks
Employees, managed service providers and developers are the top sources of third-party risks in terms of data security, a survey reveals, highlighting the value of workplace monitoring Continue Reading
-
News
26 Aug 2019
VMware’s latest acquisitions point to emerging platform war
VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal Continue Reading
-
Feature
23 Aug 2019
How to bolster IAM strategies using automation
Identity and access management processes and technologies play an important role in security strategies, but organisations and IT professionals need to ensure these strategies are robust enough to deal with new threats Continue Reading
-
News
23 Aug 2019
Majority of organisations struggling with cloud security
The majority of organisations find securing the cloud difficult and more than a quarter feel the shared security responsibility model is unclear, according to a survey of information security professionals Continue Reading
-
News
23 Aug 2019
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials Continue Reading
-
News
22 Aug 2019
Security pros reiterate warning against encryption backdoors
The majority of security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state cyber attacks Continue Reading
-
News
22 Aug 2019
A helping hand from the Nordics in the eye of the GDPR storm
Nordic IT companies are well suited to supporting enterprises in their data protection projects, even though openness is more natural to them Continue Reading
-
News
22 Aug 2019
Tech firms join forces to boost cloud security
Top tech firms are to collaborate on open source technologies, tools, frameworks and standards that accelerate the adoption of confidential computing to boost security in cloud and edge computing Continue Reading
-
E-Zine
22 Aug 2019
CW Nordics: Copenhagen woos tech startups
Copenhagen offers all the advantages startups need to get off the ground and many are setting up with the intention of staying there for the long haul. Also read how shipping giant Maersk is employing a cloud-first strategy to disrupt competition and build innovation, and why three Finnish banks are sharing a core IT platform. Continue Reading
-
News
22 Aug 2019
Cyber attackers exploiting poor cloud security
More than a third of organisations report a cyber attack on the cloud environment due to a lack of basic cloud security hygiene Continue Reading
-
News
21 Aug 2019
Box aims to shield businesses from data loss threat
Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders Continue Reading
-
News
21 Aug 2019
Healthcare faces triple cyber threat, says FireEye
Criminal and nation-state cyber attackers are increasingly targeting the healthcare industry to steal data, carry out espionage and cause disruption, a report reveals Continue Reading
-
News
21 Aug 2019
Security concerns blocking UK digital transformation
The majority of UK firms are holding off adopting new, more efficient and cost effective technology because they are failing to see cyber security as a driver of strategic value, report reveals Continue Reading
-
News
21 Aug 2019
Silence APT group eyes APAC banks
Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks Continue Reading
-
News
20 Aug 2019
Human error a big risk to ICS cyber security, study shows
Despite the rise in automation, industrial processes are at risk due to human error, a report on industrial cyber security reveals Continue Reading
-
20 Aug 2019
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
News
20 Aug 2019
Malware still top security threat, say infosec pros
Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows Continue Reading
-
News
20 Aug 2019
Even fintech startups battling to meet cyber security challenges
A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge Continue Reading
-
News
19 Aug 2019
UK financial account takeovers up, report warns
Commercial cyber criminal services are helping to drive up the number of account takeovers, a fraud report for the first half of the year shows Continue Reading
-
News
19 Aug 2019
Q2 shows ransomware proliferation, Kaspersky warns
Ransomware modifications have more than doubled in the past year, the number of ransomware families has grown, and the number of attempted infections is up nearly 50% Continue Reading
-
News
19 Aug 2019
How EDR is moving beyond the endpoint
An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise Continue Reading
-
News
16 Aug 2019
Passwordless enterprise already possible, says RSA
The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says RSA’s identity chief Continue Reading
-
News
16 Aug 2019
New approach to risk management needed, says Gartner
Most third-party risks are discovered after the initial due diligence period, Gartner study shows, highlighting the need for a new approach to risk management and the importance of effective access controls Continue Reading
-
News
15 Aug 2019
2019 set to be another record year for data breaches
The number of data breach incidents continues to rise and looks set to reach another record this year, with the business sector first in the firing line, according to a mid-year breach report Continue Reading
-
News
15 Aug 2019
Most UK financial firms hit by cyber attack in the past year
The majority of UK financial companies are failing to prevent cyber security incidents, mainly because of employees failing to follow security policies and a lack of security budget, a survey reveals Continue Reading
-
News
15 Aug 2019
Melbourne researchers uncover privacy lapses in transport dataset
A team of University of Melbourne researchers has been able to re-identify individuals from a public transport dataset, raising serious privacy, safety and security issues Continue Reading
-
Opinion
14 Aug 2019
Security Think Tank: Data architecture and security must evolve in parallel
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
14 Aug 2019
Publicly accessible biometric database highlights key failings
The discovery of a publicly accessible database of biometric information highlights failings by the supplier, the need for supply chain security, and the challenges of using biometric data Continue Reading
-
News
14 Aug 2019
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading
-
News
14 Aug 2019
GDPR faces growing pains across Europe
The General Data Protection Regulation is over a year old now, but it faces challenges across Europe where compliance has taken place at different speeds Continue Reading
-
News
14 Aug 2019
Cyber criminal collaboration intensifies
The level of cooperation between high-profile cyber threat groups has shifted up a gear, enabling a higher level of automation and making attribution more difficult, research shows Continue Reading
-
News
14 Aug 2019
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading
-
News
14 Aug 2019
Norman evasive cryptominer conquers networks
Cryptomining malware designed to evade detection is capable of invading every device in targeted companies, researchers warn Continue Reading
-
News
14 Aug 2019
UK finance regulator gives extra time for companies to meet payment security rules
Financial Conduct Authority gives companies under its watch an extra 18 months to meet an EU payments security standard Continue Reading
-
Opinion
13 Aug 2019
Security Think Tank: Data architects should be key allies of infosec pros
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
13 Aug 2019
UK businesses still overlooking human element in security
Most UK businesses are still failing to address the human element in cyber security as part of an integrated approach, exposing themselves unnecessarily to cyber criminal attacks, a study shows Continue Reading
-
News
13 Aug 2019
BACnet IoT building automation devices vulnerable to attack
A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack Continue Reading
-
E-Zine
13 Aug 2019
How tech experts could earn millions as whistleblowers
In this week’s Computer Weekly, a tech expert is set to earn millions after successfully blowing the whistle on vulnerabilities in Cisco’s video surveillance software. Our latest buyer’s guide examines the issues around big data architecture. And we look at how the end of Windows 7 could spark a new era for desktop productivity. Read the issue now. Continue Reading