IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
29 Dec 2025
Top 10 cyber security stories of 2025
AI dominated all tech conversations this year, but the concerns of cyber security professionals extend far beyond. From remote work to supply chains, quantum to identity, there were plenty of other topics for the industry to chew over in 2025. Continue Reading
-
News
23 Dec 2025
Top 10 ANZ stories of 2025
The 2025 tech landscape in Australia and New Zealand was dotted with major data breaches even as organisations continue to press on with their digital transformation efforts in areas such as AI and automation Continue Reading
-
News
29 Aug 2019
Finland’s security agencies collaborate after cyber attacks
National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure Continue Reading
-
News
29 Aug 2019
UK firms getting on top of IT downtime costs
Despite data breach headlines, UK firms are generally improving in their data protection, business continuity, cyber preparedness and understanding of downtime costs, study shows Continue Reading
-
News
29 Aug 2019
Dutch regulator reveals potential Microsoft privacy breach
Netherlands privacy watchdog has revealed potential breaches while testing Microsoft software changes Continue Reading
-
News
28 Aug 2019
Targeted cyber attacks, including ransomware, on the rise
Governments and healthcare institutions are prime targets of ransomware operators, a report shows Continue Reading
-
Feature
28 Aug 2019
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading
-
News
28 Aug 2019
Most UK firms ignore security in tech investments
Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals Continue Reading
-
News
28 Aug 2019
Ransomware has evolved into a serious enterprise threat
Ransomware has seen a resurgence since the start of 2019, with cyber criminals changing code and tactics to target enterprises and local authorities for higher ransom payments, McAfee researchers warn Continue Reading
-
News
27 Aug 2019
Employees, MSPs and developers top third-party risks
Employees, managed service providers and developers are the top sources of third-party risks in terms of data security, a survey reveals, highlighting the value of workplace monitoring Continue Reading
-
News
26 Aug 2019
VMware’s latest acquisitions point to emerging platform war
VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal Continue Reading
-
Feature
23 Aug 2019
How to bolster IAM strategies using automation
Identity and access management processes and technologies play an important role in security strategies, but organisations and IT professionals need to ensure these strategies are robust enough to deal with new threats Continue Reading
-
News
23 Aug 2019
Majority of organisations struggling with cloud security
The majority of organisations find securing the cloud difficult and more than a quarter feel the shared security responsibility model is unclear, according to a survey of information security professionals Continue Reading
-
News
23 Aug 2019
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials Continue Reading
-
News
22 Aug 2019
Security pros reiterate warning against encryption backdoors
The majority of security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state cyber attacks Continue Reading
-
News
22 Aug 2019
A helping hand from the Nordics in the eye of the GDPR storm
Nordic IT companies are well suited to supporting enterprises in their data protection projects, even though openness is more natural to them Continue Reading
-
News
22 Aug 2019
Tech firms join forces to boost cloud security
Top tech firms are to collaborate on open source technologies, tools, frameworks and standards that accelerate the adoption of confidential computing to boost security in cloud and edge computing Continue Reading
-
E-Zine
22 Aug 2019
CW Nordics: Copenhagen woos tech startups
Copenhagen offers all the advantages startups need to get off the ground and many are setting up with the intention of staying there for the long haul. Also read how shipping giant Maersk is employing a cloud-first strategy to disrupt competition and build innovation, and why three Finnish banks are sharing a core IT platform. Continue Reading
-
News
22 Aug 2019
Cyber attackers exploiting poor cloud security
More than a third of organisations report a cyber attack on the cloud environment due to a lack of basic cloud security hygiene Continue Reading
-
News
21 Aug 2019
Box aims to shield businesses from data loss threat
Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders Continue Reading
-
News
21 Aug 2019
Healthcare faces triple cyber threat, says FireEye
Criminal and nation-state cyber attackers are increasingly targeting the healthcare industry to steal data, carry out espionage and cause disruption, a report reveals Continue Reading
-
News
21 Aug 2019
Security concerns blocking UK digital transformation
The majority of UK firms are holding off adopting new, more efficient and cost effective technology because they are failing to see cyber security as a driver of strategic value, report reveals Continue Reading
-
News
21 Aug 2019
Silence APT group eyes APAC banks
Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks Continue Reading
-
News
20 Aug 2019
Human error a big risk to ICS cyber security, study shows
Despite the rise in automation, industrial processes are at risk due to human error, a report on industrial cyber security reveals Continue Reading
-
20 Aug 2019
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
News
20 Aug 2019
Malware still top security threat, say infosec pros
Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows Continue Reading
-
News
20 Aug 2019
Even fintech startups battling to meet cyber security challenges
A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge Continue Reading
-
News
19 Aug 2019
UK financial account takeovers up, report warns
Commercial cyber criminal services are helping to drive up the number of account takeovers, a fraud report for the first half of the year shows Continue Reading
-
News
19 Aug 2019
Q2 shows ransomware proliferation, Kaspersky warns
Ransomware modifications have more than doubled in the past year, the number of ransomware families has grown, and the number of attempted infections is up nearly 50% Continue Reading
-
News
19 Aug 2019
How EDR is moving beyond the endpoint
An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise Continue Reading
-
News
16 Aug 2019
Passwordless enterprise already possible, says RSA
The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says RSA’s identity chief Continue Reading
-
News
16 Aug 2019
New approach to risk management needed, says Gartner
Most third-party risks are discovered after the initial due diligence period, Gartner study shows, highlighting the need for a new approach to risk management and the importance of effective access controls Continue Reading
-
News
15 Aug 2019
2019 set to be another record year for data breaches
The number of data breach incidents continues to rise and looks set to reach another record this year, with the business sector first in the firing line, according to a mid-year breach report Continue Reading
-
News
15 Aug 2019
Most UK financial firms hit by cyber attack in the past year
The majority of UK financial companies are failing to prevent cyber security incidents, mainly because of employees failing to follow security policies and a lack of security budget, a survey reveals Continue Reading
-
News
15 Aug 2019
Melbourne researchers uncover privacy lapses in transport dataset
A team of University of Melbourne researchers has been able to re-identify individuals from a public transport dataset, raising serious privacy, safety and security issues Continue Reading
-
Opinion
14 Aug 2019
Security Think Tank: Data architecture and security must evolve in parallel
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
14 Aug 2019
Publicly accessible biometric database highlights key failings
The discovery of a publicly accessible database of biometric information highlights failings by the supplier, the need for supply chain security, and the challenges of using biometric data Continue Reading
-
News
14 Aug 2019
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading
-
News
14 Aug 2019
GDPR faces growing pains across Europe
The General Data Protection Regulation is over a year old now, but it faces challenges across Europe where compliance has taken place at different speeds Continue Reading
-
News
14 Aug 2019
Cyber criminal collaboration intensifies
The level of cooperation between high-profile cyber threat groups has shifted up a gear, enabling a higher level of automation and making attribution more difficult, research shows Continue Reading
-
News
14 Aug 2019
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading
-
News
14 Aug 2019
Norman evasive cryptominer conquers networks
Cryptomining malware designed to evade detection is capable of invading every device in targeted companies, researchers warn Continue Reading
-
News
14 Aug 2019
UK finance regulator gives extra time for companies to meet payment security rules
Financial Conduct Authority gives companies under its watch an extra 18 months to meet an EU payments security standard Continue Reading
-
Opinion
13 Aug 2019
Security Think Tank: Data architects should be key allies of infosec pros
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
13 Aug 2019
UK businesses still overlooking human element in security
Most UK businesses are still failing to address the human element in cyber security as part of an integrated approach, exposing themselves unnecessarily to cyber criminal attacks, a study shows Continue Reading
-
News
13 Aug 2019
BACnet IoT building automation devices vulnerable to attack
A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack Continue Reading
-
E-Zine
13 Aug 2019
How tech experts could earn millions as whistleblowers
In this week’s Computer Weekly, a tech expert is set to earn millions after successfully blowing the whistle on vulnerabilities in Cisco’s video surveillance software. Our latest buyer’s guide examines the issues around big data architecture. And we look at how the end of Windows 7 could spark a new era for desktop productivity. Read the issue now. Continue Reading
-
News
12 Aug 2019
Phishing top security threat to business
A new Telefónica security service for business shows that phishing is the most-blocked threat and smaller businesses are a popular attack target in the first two months of deployment Continue Reading
-
News
12 Aug 2019
Digital transformation driving security rethink
Organisations are focusing on internet of things and cloud in developing cyber defence systems, study shows Continue Reading
-
Opinion
12 Aug 2019
Security Think Tank: Balancing data accessibility with security controls
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
09 Aug 2019
McAfee warns of serious security flaw in building controller
Security researchers have demonstrated how simple flaws in building controllers could allow malicious actors to manipulate control systems with devastating effect, highlighting the importance of operational technology security Continue Reading
-
News
09 Aug 2019
F-Secure warns of F5 Big IP-related security issue
F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks Continue Reading
-
Opinion
09 Aug 2019
Security Think Tank: Communication, processes and tech: A new beginning for security
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
09 Aug 2019
NCC Group warns of security risks of leading printers
Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems Continue Reading
-
News
09 Aug 2019
Whistleblowers: James Glenn’s battle with Cisco opens new front on cyber security
James Glenn, a 42-year-old security specialist, fought a 10-year legal battle with Cisco after blowing the whistle on serious security flaws. He lost his job, but has no regrets Continue Reading
-
News
08 Aug 2019
Ransomware a continued threat to business, report warns
Businesses are increasingly becoming the most popular targets for ransomware, which remains a top cyber threat around the world, especially in the US, a report reveals Continue Reading
-
News
08 Aug 2019
Cyber criminals hijacking legitimate website comms
Criminals are exploiting firms’ use of online feedback methods to distribute spam and phishing emails, security researchers warn Continue Reading
-
News
08 Aug 2019
Can you trust pen-testers?
Pen-testers have knowingly posted security workarounds on the public internet that are now commonly used by hackers Continue Reading
-
Opinion
08 Aug 2019
Security Think Tank: Security is a business, not an IT function
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
E-Zine
08 Aug 2019
CW Benelux: Dutch academic hunts the personality behind the hacker
Rutger Leukfeldt, senior researcher on cyber crime at the Netherlands Institute for the Study of Crime and Law Enforcement, is working to help organisations understand the personalities behind criminal hackers. Also in this issue, read about research that shows over half of Dutch organisations admit their knowledge of blockchain is substandard. We also feature an article about ABN Amro’s work with researchers to explore how quantum computing can be used to secure online banking. Continue Reading
-
News
07 Aug 2019
Southeast Asian ‘white hat’ urges more countries to sign the Paris Call
A renowned ethical hacker in Malaysia has called for more nations to support the Paris Call for Trust and Security in Cyberspace to counter the threat of cyber warfare Continue Reading
-
Opinion
07 Aug 2019
Security Think Tank: Dialogue between data architects and security leads is essential
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
07 Aug 2019
Shared files in the cloud are a top ransomware target
Vectra 2019 Spotlight report shows recent ransomware attacks cast a wider net to ensnare cloud, datacentre and enterprise infrastructures Continue Reading
-
News
07 Aug 2019
FireEye identifies dual nature Chinese cyber threat group
Security researchers have identified a China-based cyber threat group engaged in state-spored espionage in parallel with cyber criminal activities targeting multiple industries worldwide Continue Reading
-
News
07 Aug 2019
Industry collaborates to patch SwapGS CPU vulnerability
Newly disclosed SwapGS vulnerability in modern processors has been patched in Windows, Linux and ChromeOS, underlining the importance of keeping systems up to date Continue Reading
-
News
06 Aug 2019
African bank foils suspected North Korean cyber attack
An African bank is among the financial institutions to be targeted by North Korea’s multi-billion dollar cyber theft campaign to support its weapons programmes Continue Reading
-
News
06 Aug 2019
Most UK firms lack confidence in disaster recovery
Only a third of UK firms are confident in their ability to recover from cyber attacks and other disasters, with business continuity still relatively low on the agenda, a study reveals Continue Reading
-
E-Zine
06 Aug 2019
Using tech to boost staff morale
In this week’s Computer Weekly, we look at the emerging technologies being used to improve employee experience and raise staff loyalty and motivation. The CIO of the Football Association explains how IT is changing the way the national game is administered. And we examine the growing role of AI in preventing cyber attacks. Read the issue now. Continue Reading
-
Opinion
06 Aug 2019
Security Think Tank: Close interdisciplinary ties are key to security integration
How can infosec professionals and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
05 Aug 2019
DDoS on the rise, warns Kaspersky
Security researchers at Kaspersky are among those warning business that, more than ever, mitigation of distributed denial of service attacks needs to be a key element of cyber defence strategies Continue Reading
-
Feature
05 Aug 2019
Enhancing business purpose with privacy compliance
Computer Weekly looks at the importance of building on basic GDPR compliance and making privacy a key foundation of business culture Continue Reading
-
Opinion
05 Aug 2019
Security Think Tank: CIA at heart of infosec-data architect partnership
How can infosec professionals and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
News
05 Aug 2019
Most UK university applicants at risk of email fraud
The majority of hundreds of thousands of applicants to UK universities are at risk of email fraud before and after A-level results day, due to a failure to implement full Dmarc protection, a study reveals Continue Reading
-
Feature
02 Aug 2019
Developing innovative security analytics approaches in the digital age
With security threats growing in scale and complexity, security analytics provide a way for IT teams to stay one step ahead of cyber attackers. The challenge is to ensure this technology continues to be effective in the face of new security challenges Continue Reading
-
News
02 Aug 2019
Lack of resources top challenge to IT security
A lack of resources is the top challenge to information security professionals, followed by a lack of experience and skills, a survey reveals Continue Reading
-
News
02 Aug 2019
Government continues probe of UK cyber security labour market
The government has announced a second phase of research to help understand the UK's cyber security labour market Continue Reading
-
News
01 Aug 2019
Industrial control system cyber security risk high, report warns
The industrial control system cyber risk to global oil and gas companies is high and rising, as new attack groups continue to enter the arena Continue Reading
-
News
01 Aug 2019
Leaked Sephora databases peddled on dark web
Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand Continue Reading
-
News
31 Jul 2019
Cisco pays $8.6m after whistleblower discloses security flaws in video surveillance system
James Glenn, a video surveillance expert working for a Cisco reseller in Denmark, alerted Cisco to security faults and stands to gain a share of a multimillion-dollar settlement with the US government Continue Reading
-
News
31 Jul 2019
How Singapore’s NTUC Enterprise is embracing digital transformation
NTUC Enterprise is starting to look more like a technology company, employing DevOps to speed up software development and developing new digital business models even as cultural barriers to transformation remain Continue Reading
-
News
31 Jul 2019
Financial services top cyber attack target
Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats Continue Reading
-
News
30 Jul 2019
Australian firms grappling with “train-smash” of security legislation
While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators Continue Reading
-
News
30 Jul 2019
Mobiles top target of nation state surveillance
Nation states are targeting individual mobile users for intelligence gathering and disruption of rivals as security on mobile devices lags behind traditional computing, a report reveals Continue Reading
-
Feature
29 Jul 2019
Think beyond tick-box compliance
A year on since GDPR, many organisations are yet to stop fretting over fines and focus instead on business value Continue Reading
-
News
29 Jul 2019
Cyber kill chain is outdated, says Carbon Black
The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles Continue Reading
-
News
26 Jul 2019
Email security as important as ever, report shows
Cyber security professionals need to keep up to date with email-borne threats because they continue to evolve and have a major impact on business, research reveals Continue Reading
-
News
26 Jul 2019
86 million reasons to support No More Ransom
Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world Continue Reading
-
News
25 Jul 2019
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC
Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated Continue Reading
-
News
25 Jul 2019
Mobile banking malware surges in 2019
Mobile banking malware surged in the first half of the year, email scams geared up and attacks on cloud increased, while illicit cryptocurrency miners declined, report reveals Continue Reading
-
News
25 Jul 2019
Most SMEs severely underestimate cyber security vulnerabilities
Small businesses are the primary target for cyber attacks, yet most are unprepared and do not think they will be targeted, a survey reveals Continue Reading
-
Opinion
25 Jul 2019
Why investment is needed in the cyber insurance market
The number of cyber insurance policies on offer is beginning to grow, but insurers still have a long way to go to develop policies that address market concerns Continue Reading
-
News
24 Jul 2019
Internet crime costs global economy £2.3m a minute
Cyber crime cost the global economy £2.3m every minute in 2018, reveals a report aimed at defining the scale of cyber attacks taking place over the internet Continue Reading
-
News
24 Jul 2019
Global malware down but ransomware up, with UK hard hit
Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals Continue Reading
-
News
24 Jul 2019
AI to advance Swedish military systems
Swedish report into use of artificial intelligence in military systems reveals opportunities and concerns Continue Reading
-
News
23 Jul 2019
Phishing attack highlights cyber security need at universities
UK university cyber security is once again under the spotlight after Lancaster University reveals that it has been targeted by a phishing attack used to send fake invoices Continue Reading
-
News
23 Jul 2019
Norsk Hydro cyber attack could cost up to $75m
March 2019 ransomware attack could cost Norwegian aluminium giant up to $75m in the first half of the year, according to latest estimates Continue Reading
-
News
23 Jul 2019
Data breach costs on the rise, IBM study shows
Data breach costs have risen in the past decade, and the financial impact can be felt for years. Breaches posing a growing risk for small businesses, a study shows, underlining the importance of incident response Continue Reading
-
News
23 Jul 2019
Microsoft talks up benefits and pitfalls of machine learning in security
Software giant Microsoft uses machine learning models to detect emerging threats while keeping an eye on potential bias in security data points that could derail its analysis Continue Reading
-
News
22 Jul 2019
Big tech firms back UK cyber security initiative
Big technology firms have pledged their support for UK investment in an initiative to “design out” of new tech the most damaging cyber security threats Continue Reading
-
News
19 Jul 2019
Latest ICO fine highlights privacy due diligence
A week after issuing the first serious GDPR fines, the ICO has further underlined the importance of data stewardship and due diligence regarding privacy practices Continue Reading
-
News
19 Jul 2019
Second CyberThreat Summit announced by NCSC and SANS Institute
CyberThreat 2019 aims to bring together a more diverse set of technical professionals in cyber security from the private and public sectors in the UK and abroad to encourage collaboration Continue Reading
-
News
19 Jul 2019
MPs warn of data adequacy hole in no-deal Brexit
Transferring data to and from the EU will only be possible if an agreement is in place before the UK leaves. No deal means no data agreement Continue Reading