IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Jun 2025
Cyber Essentials certifications rising slowly but steadily
The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme. Continue Reading
-
News
20 Jun 2025
M&S, Co-op attacks a ‘Category 2 cyber hurricane’, say UK experts
The UK’s Cyber Monitoring Centre has published its first in-depth assessment of a major incident, reflecting on the impact of and lessons learned from Scattered Spider attacks on M&S and Co-op Continue Reading
-
News
27 Apr 2018
Microsoft releases Windows 10 security pack
Microsoft has released a download pack that incorporates NCSC guidance to save UK companies weeks of work to secure Windows 10 and comply with government guidelines Continue Reading
-
News
27 Apr 2018
Government given six months to rewrite snoopers’ charter
The government has until 1 November 2018 to rewrite a key section of the Investigatory Powers Act 2016, after the high court declared them unlawful in a judicial review brought by human rights group Liberty Continue Reading
-
News
27 Apr 2018
GDPR: Put your data in Azure cloud, says Microsoft chief
Tech giant reports strong growth in its cloud business in third-quarter 2018 fiscal results Continue Reading
-
News
26 Apr 2018
British banks target Israeli security technology
British banks are turning to Israel’s high-tech sector to protect against cyber attacks Continue Reading
-
Opinion
26 Apr 2018
Security Think Tank: Reduce attacker dwell time with defence in depth
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
News
26 Apr 2018
Finnish R&D and utilities in line of cyber espionage fire, say security police
Finnish research and development, as well as critical infrastructure, are being targeted by state-backed cyber espionage attacks, says report Continue Reading
-
News
26 Apr 2018
NCSC shows support for common standards for secure communication
The UK cyber security authority is supporting an industry drive towards common standards for secure communication by joining an industry organisation that aims to achieve this goal Continue Reading
-
News
26 Apr 2018
Digital economy research projects to get funding
Research projects aimed at building trust, privacy and security in the use of personal data and digital technologies are to receive funding Continue Reading
-
News
25 Apr 2018
Google claims it is GDPR ready
Alphabet, the parent company of Google, says that since its advertising business relies on keyword searches, the impact of GDPR is limited Continue Reading
-
News
25 Apr 2018
Government urges UK businesses to beef up cyber crime defences
Government is urging UK organisations to defend against cyber crime, as newly released figures show that large numbers of businesses and charities suffered at least one cyber attack in the past year Continue Reading
-
Opinion
25 Apr 2018
How a new ISO standard helps you take control of your IT assets
The updated ISO standard 19770-1:2017 offers IT managers a way to bring their hardware and software assets under a single management standard Continue Reading
-
News
25 Apr 2018
Stoke-on-Trent websites found to be most leaky ahead of GDPR
The majority of websites in the UK could be prone to cyber attacks, a security scan across 135,035 sites has revealed Continue Reading
-
News
25 Apr 2018
Cyber fraud costs SMEs more than £1,000 per case
Just over half of IT and telecoms SMEs are targeted by fraudsters, with each case of cyber fraud costing more than £1,000, study reveals Continue Reading
-
News
25 Apr 2018
One month to GDPR compliance deadline
With one month to go before the deadline for compliance with EU’s General Data Protection Regulation, organisations should ensure they are able to meet minimum requirements to defend against adverse scrutiny Continue Reading
-
News
24 Apr 2018
Ransomware attack hit Ukraine energy ministry website
Cyber attack on Ukraine’s energy ministry shows that websites remain a weak point for many organisations online, say security experts Continue Reading
-
News
24 Apr 2018
Orangeworm cyber attack group targets health sector
A cyber crime group is targeting the health sector and related industries in the US, Europe and Asia in a suspected corporate espionage campaign, researchers warn Continue Reading
-
News
23 Apr 2018
Nearly half of UK manufacturers hit by cyber attacks
Nearly half of UK manufacturers have been hit by a cyber security incident, according to a report by an industry organisation, which calls for greater government focus on the specific security needs of the sector Continue Reading
-
News
23 Apr 2018
Next generation of SCADA industrial controls will protect against cyber attack
Oil, energy and chemical companies are rethinking how to control big manufacturing plants, replacing expensive control technology with cheaper, more secure systems, taking their cue from biology Continue Reading
-
News
23 Apr 2018
No business safe from cyber attack, says KPMG
Businesses that operate online should be working to ensure operational resilience, while the financial sector should focus more on collaboration, says professional services firm KPMG Continue Reading
-
Feature
20 Apr 2018
Data protection is critical for all businesses
Companies that misuse data or fall victim to breaches not only risk financial loss, but also reputational damage. There are many reasons good data practice is essential Continue Reading
-
News
20 Apr 2018
Account takeover up tenfold in past year
The incidence of online account takeover and the proportion of high-risk account access attempts underlines the need for improved authentication, says fraud detection firm Continue Reading
-
Opinion
19 Apr 2018
Security Think Tank: Use good practice to address cryptojacking risk
How can organisations best defend against cryptojacking? Continue Reading
-
E-Zine
19 Apr 2018
CW ANZ: OpenStack gains a foothold in Australia
In this issue of CW ANZ, we look at how OpenStack has changed the way Australian enterprises operate their IT infrastructure. Also read how Australia’s Citic Pacific Mining is digging into IoT technology to track vehicles, and how Telstra is investing in two submarine cables to bolster Asia-US connectivity. Continue Reading
-
E-Zine
19 Apr 2018
CW ASEAN: SD-WAN helps find best route to cloud
This year, more enterprises will adopt a “cloud-first” SD-WAN architecture to support their increasingly cloud-based application mix. In this issue of CW ASEAN, we take a closer look at how ASEAN enterprises are gearing up for this eventuality. Also, read how a new HPE facility in Singapore will help build collaborative partnerships across the internet of things, and how communications service providers should embrace microservices and DevOps to thrive in the digital economy. Continue Reading
-
News
18 Apr 2018
Australian supermarket chain hit by IT outage
Thirty-minute glitch knocked out checkout systems at half of Woolworths’ stores in Australia Continue Reading
-
News
18 Apr 2018
DDoS attacks cost up to £35,000
Despite the direct financial impact of DDoS attacks, this is not considered to be the most damaging effect on companies targeted this way, a survey shows Continue Reading
-
News
18 Apr 2018
Security budgets up, but talent scarce, says Isaca
Security budgets are increasing, but qualified cyber talent remains difficult to find with positions taking at least three months to fill, an industry association report on the state of cyber security reveals Continue Reading
-
News
17 Apr 2018
Business at risk from unidentified network traffic, report warns
A lack of network traffic visibility poses significant security challenges to businesses, a report on network firewalls warns Continue Reading
-
News
17 Apr 2018
China’s ZTE a national security risk, UK telcos warned
UK national cyber security authority has warned telecommunications companies against using equipment and services from Chinese network equipment supplier ZTE, citing national security risks Continue Reading
-
News
17 Apr 2018
Targeted cyber attacks doubled in past year, study shows
The number of targeted attacks has doubled in the past year compared with the previous 12 months, despite improvements in detecting and blocking them, a cyber resilience study shows Continue Reading
-
News
16 Apr 2018
Flashpoint researchers warn of new VBS Loader
Researchers have issued warnings about a new VBScript downloader that behaves like a remote access Trojan, is designed to run undetected and can update and delete itself Continue Reading
-
News
16 Apr 2018
UK and US accuse Russia of targeting network infrastructure
The UK and US have accused the Russian government of targeting network infrastructure, calling on network operators to take the necessary protective measures Continue Reading
-
News
16 Apr 2018
UK businesses urged to ensure they do cyber security basics
The cyber threat to business has never been greater, so the National Cyber Security Centre is urging UK companies to ensure they have implemented all the basic, best-practice cyber security controls and processes Continue Reading
-
News
15 Apr 2018
Australian healthcare services most hit by data breaches
Nearly a quarter of data breaches reported under Australia’s new mandatory data breach regime took place in the healthcare sector Continue Reading
-
News
13 Apr 2018
EU-US data sharing under threat as Irish court refers Facebook case to Europe
The Irish High Court is seeking answers from the European Court of Justice in a case that could have huge implications for EU-US data sharing and raises questions about US government surveillance of EU citizens. The move could bring a five-year legal battle between Austrian lawyer Max Schrems and Facebook to a close Continue Reading
-
News
13 Apr 2018
Cyber attackers can breach targets in hours, report reveals
The majority of hackers claim they can breach an organisation within hours, while most security professionals admit they do not know what to look for Continue Reading
-
News
13 Apr 2018
UK playing central role in Facebook data misuse probe
Data protection is a hot issue and all about increasing confidence in the way data is handled, says UK privacy watchdog Continue Reading
-
News
12 Apr 2018
Cyber security a shared responsibility, says Amber Rudd
The UK home secretary has emphasised that cyber security is a shared responsibility and committed to promote EU cyber cooperation post-Brexit at the National Cyber Security Centre’s conference in Manchester Continue Reading
-
News
11 Apr 2018
New cyber incident classification to boost UK response
A new cyber attack categorisation system has been unveiled to improve UK response to incidents Continue Reading
-
News
11 Apr 2018
Government to set up £13.5m cyber security centre
Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security Continue Reading
-
News
11 Apr 2018
NSA calls for cyber security community collaboration
A US National Security Agency (NSA) representative has called for cyber security community collaboration at the National Cyber Security Centre’s conference in Manchester Continue Reading
-
News
10 Apr 2018
Mobile phishing a growing threat, warns report
Phishing on mobile devices is a growing threat to business as attacks move beyond email to text messages and apps Continue Reading
-
Blog Post
10 Apr 2018
ThreatQuotient ups the ante for dealing with security incidents
As cybercrime becomes ever more widespread and the actors involved diversify, targeted organisations must become more sophisticated and timely in their ability to detect and respond. Continue Reading
-
Podcast
10 Apr 2018
Podcast: Storage compliance for GDPR data subject requests
The General Data Protection Regulation is upon us. Mathieu Gorge, CEO of Vigitrust, talks you through the key areas needed for compliance in storage of data subjects’ data and how to find it quickly on request Continue Reading
-
News
10 Apr 2018
Ransomware top cyber threat, DBIR shows
Ransomware remains the top cyber security threat to organisations, humans continue to be significant weakness and HR departments are a top target, according to the latest Verizon Data breach investigations report Continue Reading
-
News
09 Apr 2018
Cyber threat to UK business greater than ever, report reveals
The cyber threat to UK business is “bigger than ever” and the best way to defend against it is collaboration between government, law enforcement and business, a report shows Continue Reading
-
News
09 Apr 2018
Security professionals admit patching is getting harder
Vulnerable systems need patching to avoid being attacked by security exploits, yet many businesses find it hard to apply patches quick enough Continue Reading
-
Opinion
09 Apr 2018
Security Think Tank: Cryptojacking can be costly
How can organisations best defend against cryptojacking? Continue Reading
-
News
09 Apr 2018
More than one in 10 employees fall for social engineering attacks
Employees download malicious files, click phishing links, correspond with hackers, and even share contact information for their colleagues, a report reveals Continue Reading
-
Opinion
06 Apr 2018
Security Think Tank: Six tips for securing your organisation against cryptojacking
How can organisations best defend against cryptojacking? Continue Reading
-
News
06 Apr 2018
Business increases use of encryption in the cloud
The use of encryption has seen double-digit growth in the past year due to a number of security-related drivers, a study has revealed Continue Reading
-
Opinion
06 Apr 2018
Why businesses must think like criminals to protect their data
Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place Continue Reading
-
News
06 Apr 2018
HSBC IT whistleblower faces extradition to Switzerland
Hervé Falciani, who stole data from thousands of private banking customers, is apprehended in Spain following the issuing of an international arrest warrant Continue Reading
-
News
05 Apr 2018
Retail sector top cyber attack target
The retail sector was the top cyber attack target in 2017, as cyber attacks evolved to become more organised and structured, a report reveals Continue Reading
-
News
05 Apr 2018
Business should note Facebook data sharing, say security advisers
Businesses that use Facebook and have employees that use it should take note that data is shared with potential cyber attackers, security advisers warn, as Facebook reveals the Cambridge Analytica data exploitation scandal may affect 87 million users Continue Reading
-
Opinion
05 Apr 2018
Security Think Tank: Deal with cryptojacking to avoid security vulnerability
How can organisations best defend against cryptojacking? Continue Reading
-
News
05 Apr 2018
More than 1.5 billion business and consumer files exposed online
With just over a month to go before the GDPR compliance deadline, more than 1.5 billion data files are exposed online without adequate protections, a report reveals Continue Reading
-
News
05 Apr 2018
Interview: GDPR will give Dutch privacy watchdog its teeth
The Netherlands’ privacy watchdog has not handed out fines so far because there has been no reason to, says the organisation’s chairman, Aleid Wolfsen Continue Reading
-
Opinion
04 Apr 2018
Security Think Tank: User vigilance key to cryptojacking defence
How can organisations best defend against cryptojacking? Continue Reading
-
News
04 Apr 2018
Ransomware puts pressure on incident response
Cyber attackers switched focus to ransomware attacks in 2017 putting pressure on incident response, while human error was responsible for two-thirds of compromised records, a study shows Continue Reading
-
News
04 Apr 2018
Average attacker dwell time nearly six months for EMEA, study shows
Firms in Europe, the Middle East and Africa take nearly six months to detect cyber attacks on average, a report reveals Continue Reading
-
News
03 Apr 2018
UK firms failing to make financial plans for cyber attacks
Most UK firms are failing to plan for the financial impact of cyber attacks, a survey by Lloyds Bank has revealed Continue Reading
-
Opinion
03 Apr 2018
Security Think Tank: Use awareness, education and controls to halt cryptojacking
How can organisations best defend against cryptojacking? Continue Reading
-
News
03 Apr 2018
Automation and gamification key to cyber security
The use of automation and gamification are key to winning the fight against cyber criminals in the face of the skills’ shortage, a study investigating challenges facing IT security teams reveals Continue Reading
-
News
02 Apr 2018
Lawyers more influential than IT staff in cloud deployments
Traditionally considered risk-adverse, lawyers are twice as more influential than in-house technology staff about cloud, research finds Continue Reading
-
News
29 Mar 2018
Europol operation nabs another 20 cyber criminals
Police have arrested 20 cyber criminals in connection with a €1m fraud operation across Italy and Romania Continue Reading
-
News
29 Mar 2018
Business unaware of scale of cyber threat
Many businesses, especially board members, do not understand the scale of the cyber threat, but international efforts to combat cyber crime are being hampered by political barriers Continue Reading
-
News
29 Mar 2018
Cryptocurrency mining rampant in higher education
Higher education institutions are the biggest target for illicit cryptocurrency mining, data shows Continue Reading
-
News
29 Mar 2018
Most airports not protected from cyber threats
The chairman of the Israel Airports Authority paints a dismal picture of the state of cyber security in aviation, and offers advice on what can be done to avert the next disaster Continue Reading
-
News
28 Mar 2018
Majority of European firms unprepared for phishing attacks
Most cyber attacks can be traced back to a phishing email, but more than half of European firms are unprepared to deal with email-based attacks, research has revealed Continue Reading
-
News
28 Mar 2018
Facebook announces more privacy control updates
Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns Continue Reading
-
News
28 Mar 2018
AWS ups ante on cloud services for Australian government
Cloud supplier AWS says government agencies can now assess the prospect of running protected workloads, following an independent cloud security assessment Continue Reading
-
News
28 Mar 2018
Majority of firms fear mobile workers have been hacked
More than half of organisations fear that their mobile workers have been hacked and most are concerned that a growing mobile workforce means increased cyber security risk, a survey reveals Continue Reading
-
News
27 Mar 2018
UK organisations urged to develop cyber security skills
Managed cloud computing firm Rackspace is calling on UK organisations to do more to develop cyber security skills in the light of research into expertise in cloud security Continue Reading
-
News
27 Mar 2018
Most top UK firms fail to disclose cyber risk testing details
Most of the largest UK companies do not reveal their testing of cyber protection plans and do not share security updates with the board regularly, a Deloitte report reveals Continue Reading
-
News
26 Mar 2018
ShopDirect set to use AI to detect fraud on phone calls
The online retailer has signed a contract to use voice authentication technology from Pindrop to tackle fraud and improve customer experience Continue Reading
-
News
26 Mar 2018
Blockchain not ready for cross-border bank payments
The use of blockchain in certain parts of the financial services industry is limited at present due to the additional IT work required around its use Continue Reading
-
News
26 Mar 2018
Dutch SMEs’ cyber security is insufficient
Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security Continue Reading
-
News
22 Mar 2018
Colt pioneers blockchain in telco voice wholesaling
Colt Technology Services and Hong Kong Telecom’s international unit PCCW Global teamed up to trial the use of blockchain in wholesale voice settlements Continue Reading
-
News
22 Mar 2018
Application layer DDoS attacks increasing, Imperva data shows
Distributed denial of service attacks targeting applications almost doubled in the last three months of 2017, according to Imperva Incapsula data Continue Reading
-
News
22 Mar 2018
Businesses lack cyber security confidence after majority were breached in past year
Most businesses were hit by a data breach in the past year, yet less than half are confident they would detect a breach, a survey shows Continue Reading
-
News
21 Mar 2018
MoD to focus on SMEs to raise supply chain cyber security
The Ministry of Defence continues to develop a joint initiative with industry aimed at raising the security posture throughout the UK’s defence supply chain, with increasing focus on SMEs Continue Reading
-
News
20 Mar 2018
Firms need to move from DevOps to DevSecOps, says expert
In the face of competition, organisations are turning to DevOps to improve efficiency and accelerate innovation, but this is creating new security risks, an industry expert warns Continue Reading
-
News
19 Mar 2018
C-suite a cyber attack risk, say security chiefs
Those tasked with running organisations are the most likely group to expose them to a major cyber attack, a poll of UK information security executives shows Continue Reading
-
News
19 Mar 2018
Wigan data breaches underline need to share threat intelligence
Ongoing data breaches experienced by local authorities underline the need for greater sharing of threat intelligence, say security experts Continue Reading
-
News
19 Mar 2018
Russia compromised core router in US energy attacks
Russian cyber attackers used a compromised core router in a series of attacks on the US energy sector, security researchers have revealed as the UK energy sector is placed on alert Continue Reading
-
News
16 Mar 2018
IT contractors not a risk despite Snowden leaks, GCHQ tells court
The government argues in the Investigatory Powers Tribunal that contractors with systems administration rights to computers holding GCHQ’s most sensitive intelligence pose no more of a security risk than the agency’s employees Continue Reading
-
Opinion
16 Mar 2018
SD-WAN needs software-defined security
Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected Continue Reading
-
News
16 Mar 2018
US blames Russia for cyber attacks on energy firms
The US has blamed Russia for a series of attacks on energy sector firms, underlining the need to ensure critical infrastructure IT systems are up to date and secure Continue Reading
-
Opinion
16 Mar 2018
Australian firms need to move faster in the digital age
Just over a tenth of IT professionals in Australia say their companies can roll out a new product in less than three months, despite operating in fast-moving markets with digitally savvy customers Continue Reading
-
15 Mar 2018
Taking complexity out of cyber security
The key to improving the cyber security posture of organisations is to keep complexity at bay, according to a senior Microsoft executive. Continue Reading
-
E-Zine
15 Mar 2018
CW ASEAN: Time to boost cyber defences
With a relatively young and tech-savvy population, ASEAN has been at the forefront of technology adoption. Yet, this has exposed its people and businesses to more cyber threats, including the massive data leak in Malaysia in 2017. In this month’s issue of CW ASEAN, we take a closer look at ASEAN’s patchy cyber security landscape, including varying levels of cyber resilience across the region, cyber security strategies adopted by different countries, as well as efforts to improve cyber capabilities and foster greater collaboration in the common fight against cyber threats. Download the issue now. Continue Reading
-
E-Zine
15 Mar 2018
CW ANZ: Report data break-ins – it’s the law
Cyber security is an increasingly global endeavour, with threat actors who know no boundaries unleashing attacks from nearly anywhere in the world. In this month’s issue of CW ANZ, we look at how Australia’s mandatory data breach notification law underscores recent efforts to lift its cyber security game, both locally and internationally. Download the issue now. Continue Reading
-
Opinion
15 Mar 2018
Security Think Tank: Fileless malware not totally undetectable
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
15 Mar 2018
DocuTrac medical software is a breach risk, warns Rapid7
Security researchers have issued a security warning about medical billing and documentation software they say puts patients at risk of data breach Continue Reading
-
Opinion
14 Mar 2018
Security Think Tank: Awareness is a good starting point to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
News
14 Mar 2018
Researchers accused of irresponsible disclosure of AMD chip flaws
Israel-based researchers have been accused of irresponsible disclosure for going public with more than a dozen security flaws discovered in AMD processors Continue Reading
-
News
13 Mar 2018
Government ‘unlawfully delegated’ bulk data powers to GCHQ, court hears
Privacy International urges Britain’s most secret court, the Investigatory Powers Tribunal, to rule that the government illegally collected surveillance data from internet and phone companies until at least September 2017 Continue Reading
-
Opinion
13 Mar 2018
Security Think Tank: Patch, scan and lock down to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Feature
13 Mar 2018
Businesses need to take cryptojacking seriously
Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading