IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
10 May 2024
Major breach of customer information developing at Dell
Almost 50 million data records relating to Dell customers appear to have been compromised in a major cyber breach Continue Reading
-
News
09 May 2024
Wales gets UK’s first national SOC
The first national security operations centre of its kind in the UK has opened in the south of Wales to safeguard public sector bodies across the country Continue Reading
-
News
18 Sep 2012
CW Buyer's Guide: Data Security
This in-depth buyer's guide offers advice to CISOs on keeping up with security best practice as new EU data protection rules come into force Continue Reading
-
News
17 Sep 2012
Android devices vulnerable to security breaches
More than 50% of devices running Google's Android OS have unpatched vulnerabilities, opening them up to malicious apps and other attacks Continue Reading
-
News
17 Sep 2012
IT security awareness needs to be company-wide, says (ISC)²
Information security awareness needs to be more robust, started as early as possible, continually reinforced and organisation-wide, says Julie Peeler, director, (ISC)² Foundation Continue Reading
-
News
13 Sep 2012
Government launches £3.8m cyber security institute
The government has ramped up moves to tackle growing cyber security threats by launching a £3.8m research institute. Continue Reading
-
News
11 Sep 2012
Skills shortage means no unemployment in IT security, says (ISC)2
Zero unemployment in IT security shows a huge shortage of skills in the profession, says Hord Tipton, executive director of (ISC)2 Continue Reading
-
Feature
10 Sep 2012
HDFC Bank’s ISO 27004-compliant security metrics a boost toward GRC
An ISO/IEC 27004-compliant metrics program is a rarity in the Indian infosec circuit. Indian BFSI major HDFC Bank’s ISMS has been there, done that Continue Reading
-
Feature
05 Sep 2012
Setting up a botnet is easier than you think
Acquiring, installing, configuring and using a powerful data-stealing banking Trojan toolkit is not as difficult as it sounds Continue Reading
-
News
05 Sep 2012
FBI denies link to leaked Apple device codes
The FBI says there is no evidence that Anonymous gained access to 12 million identity codes for Apple devices by hacking an FBI agent's laptop Continue Reading
-
News
04 Sep 2012
Anonymous claims a million Apple IDs in FBI breach
Hacking group Anonymous claims to have released over a million Apple Unique Device Identifiers (UDIDs) obtained from breaching FBI networks Continue Reading
-
News
03 Sep 2012
Personal mobile policies lacking in IT
Just 23% of IT departments in the UK have a strategy for managing the use of personal devices on their corporate networks, according to new research Continue Reading
-
News
03 Sep 2012
Powerful cyber attack tools widely available, say researchers
More low-level cyber criminals are getting access to sophisticated attack tools, say cyber intelligence specialists Continue Reading
-
News
03 Sep 2012
Advanced cyber-security intelligence
Analysts Bob Tarzey and Clive Longbottom look at the business case for rolling out next security information and event management tools. Continue Reading
-
News
03 Sep 2012
Cyber Vulnerability Index
What does your online corporate profile reveal? With so many cyber attacks in the news recently, executives are becoming increasingly concerned about their organisation’s exposure to hackers. Continue Reading
-
Opinion
31 Aug 2012
How to survive a data breach
Six practical tips on how to prepare for and survive a data breach Continue Reading
-
Photo Story
31 Aug 2012
Adopting BYOD culture sans chaos: An Indian perspective
The bring your own device (BYOD) concept is changing security and cost paradigms. We look at BYOD considerations for Indian businesses in this series. Continue Reading
-
News
31 Aug 2012
Businesses worldwide fail to prepare for cyber threats, says Kaspersky Lab
Companies around the world have failed to address cyber threats, according to a survey from security organisation Kaspersky Lab Continue Reading
-
News
24 Aug 2012
VMware users can protect against virtual machine malware, says Trend Micro
New malware that attacks VMware virtual machines is no cause for undue concern, but users can take basic steps to protect data, says Trend Micro Continue Reading
-
News
22 Aug 2012
SCC becomes first supplier to win G-Cloud security accreditation
IT infrastructure company SCC has become the first supplier on the government’s CloudStore to win pan-government security accreditation. Continue Reading
-
News
21 Aug 2012
At least 9 out of 10 top mobile apps hacked, study shows
An average of 96% of the top 100 paid mobile apps have been hacked, a study has revealed Continue Reading
-
News
20 Aug 2012
More than 1,000 school application details leaked on the internet
Personal information about more than 1,000 children has been published on the UK Independent Schools Guide website after an alleged cyber attack Continue Reading
-
News
06 Aug 2012
LinkedIn data breach costs more than $1m
LinkedIn says the forensic investigation and other recovery costs of the data breach in June could have topped $1m. Continue Reading
-
E-Zine
01 Aug 2012
Compliance and risk
Compliance and risk managers have to overcome many challenges as a result of the data protection framework. This exclusive resource discusses some of the difficulties the European Union has to face because of regulations. Continue Reading
-
News
31 Jul 2012
Cyber threats affect banks worldwide
Nearly a quarter of the world's banks were hit by security breaches in the past year, a study shows Continue Reading
-
News
27 Jul 2012
Twitter users targeted by Blackhole malware
Twitter users are being targeted by tweets containing malicious links that claim recipients are pictured in an online photo Continue Reading
-
News
26 Jul 2012
SQL injection attacks rise sharply in second quarter of 2012
SQL injection (SQLi) attacks were up 69% in the second quarter of 2012 compared with the previous quarter, warns cloud hosting firm FireHost Continue Reading
-
News
26 Jul 2012
Australian telco AAPT confirms Anonymous data breach
Australian telecoms firm AAPT confirms business customer data was breached by hacktivist group Anonymous at an external service provider Continue Reading
-
News
25 Jul 2012
Customers urged to boycott CSC over CIA 'torture flights'
CSC customers are being urged to boycott the supplier over allegations that it took part in illegal CIA rendition flights in the US "war on terror" Continue Reading
-
News
25 Jul 2012
Siemens issues software fix to protect against Stuxnet
German engineering firm Siemens has issued a fix for the software vulnerabilities in its programmable logic controllers that were exploited by the computer virus Continue Reading
-
News
19 Jul 2012
Many global firms unaware of online risk, finds KPMG
Many global organisations could do a lot more to protect their private data and reduce exposure to attacks by hackers, according to KPMG Continue Reading
-
News
19 Jul 2012
Security researchers join forces to bring down Grum botnet
Security researchers have collaborated to take down Grum, the world’s third-largest botnet of hijacked computers Continue Reading
-
News
19 Jul 2012
Government-sponsored hackers target commercial secrets
Government-sponsored organisations are increasingly turning to hacking techniques to steal commercial secrets from businesses, KPMG has warned Continue Reading
-
Tip
17 Jul 2012
A free risk assessment template for ISO 27001 certification
Risk assessment is the first important step towards a robust information security framework. Our simple risk assessment template for ISO 27001 makes it easy. Continue Reading
-
Feature
16 Jul 2012
Best practice in outsourcing security
The issues CIOs must consider in balancing security needs and budgetary constraints Continue Reading
-
Opinion
11 Jul 2012
The history of the next-generation firewall
Security expert Rik Ferguson explains how next-generation firewalls were developed and what protection they provide businesses. Continue Reading
-
News
09 Jul 2012
Google Android OS Trojan virus hits 100K devices in China
Trojan malware has hit 100,000 devices using the Google Android operating system (OS) in China, say security researchers Continue Reading
-
News
04 Jul 2012
BT extends cyber security agreement with MoD
BT is to extend its cyber security agreement with the Ministry of Defence (MoD) in a deal to expand its cyber defence service Continue Reading
-
News
27 Jun 2012
White House cyber security coordinator Howard Schmidt joins Qualys
Former White House cyber security coordinator Howard Schmidt is to join the board of security and compliance company Qualys Continue Reading
-
News
27 Jun 2012
Network security: Is new technology bypassing traditional controls?
Network security practices are among the most mature, but can businesses be sure network traffic is not sneaking past traditional controls? Continue Reading
-
News
27 Jun 2012
RBS set to sue supplier CA Technologies for software failure
Reports claim RBS is gearing up for legal action against US software supplier CA Technologies over the technical fault that crashed accounts Continue Reading
-
News
27 Jun 2012
FTC sues Wyndham Worldwide hotel group over data breaches
The US Federal Trade Commission (FTC) is suing hotel group Wyndham Worldwide over claims it failed to secure customer data Continue Reading
-
News
19 Jun 2012
CISM and CRISC named as highest earning IT qualifications
IT Skills and Certifications Pay Index places two ISACA qualifications at the top of the highest-earning IT certifications list Continue Reading
-
Tip
12 Jun 2012
Risk management for cloud computing deployments
Cloud risk management involves more than meets the eye. Our expert details risk management for public cloud setups in this multi-part series. Continue Reading
-
News
11 Jun 2012
Flame malware gets kill command
The controllers of Flame, the most powerful cyber weapon discovered to date, have recently sent a kill command that removes the malware from some infected computers Continue Reading
-
News
08 Jun 2012
eHarmony, Last.fm join LinkedIn with password leaks
Online dating site eHarmony and Last.fm have joined LinkedIn with password leaks, as hackers focus on social networks Continue Reading
-
News
06 Jun 2012
Top 10 tips for IPv6 security
Many organisations are being misled about the complexities surrounding IPv6 security, according to security firm Stonesoft Continue Reading
-
Photo Story
06 Jun 2012
Royal Signals ‘Unsung Heroes’ Awards
IT experts from the Royal Signals were rewarded for their support and commitment to the service during an event for "unsung heroes" at Mansion House. Continue Reading
-
News
06 Jun 2012
Majority of UK websites fail to comply with cookie law
Most UK websites are not yet compliant with the newly enforced cookie law, a study has revealed Continue Reading
-
News
01 Jun 2012
Former MI5 boss loses laptop
The former boss of the UK's MI5 security service has caused a security scare by losing her laptop at Heathrow. Continue Reading
-
News
29 May 2012
BT helps itself to Home Hubs for public Wi-Fi
A feature of BT's routers called Fon gives away a percentage of bandwidth from home-based Wi-Fi to passers-by, often without user consent. Continue Reading
-
News
28 May 2012
Security researchers discover powerful cyber espionage weapon 'Flame'
Security researchers have discovered a cyber espionage weapon, dubbed 'Flame', with a functionality greater than any other known threat Continue Reading
-
News
28 May 2012
UK regulator PhonepayPlus shuts down Angry Birds smartphone scam
UK users of Android smartphones have been targeted by premium-rate phone scams masquerading as popular apps such as Angry Birds Continue Reading
-
News
21 May 2012
Global software piracy increasing rapidly, study shows
Global software piracy is increasing rapidly in the absence of any effective deterrence, a survey has revealed. Continue Reading
-
News
18 May 2012
Mobile threats demand focus on data protection, says Websense
Business needs to focus on data protection as cyber criminals turn to mobile malware, says Websense. Continue Reading
-
Tip
17 May 2012
Information security budgets: Five steps to obtain management buy-in
Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively. Continue Reading
-
News
17 May 2012
The Pirate Bay is latest site to be hit by DDoS attack
The Pirate Bay has become the latest high-profile website to be hit by a distributed denial-of-service (DDoS) attack Continue Reading
-
News
10 May 2012
Cyber attackers increasingly targeting applications, research shows
Web and mobile applications are the new frontiers in the war against cyber attack, according to an HP cyber security risks report Continue Reading
-
News
04 May 2012
UK to expand cyber info-sharing hub after initial success
A public/private cyber security initiative exposed a campaign of malicious emails targeting UK defence companies, Cabinet Office minister Francis Maude has revealed. Continue Reading
-
News
30 Apr 2012
Half of UK networks vulnerable to APTs
Many UK corporate networks are vulnerable to advanced persistent threats (APTs), a survey has revealed. Continue Reading
-
News
26 Apr 2012
Infosec 2012: Unscrubbed hard drives a threat to business, says ICO
Unscrubbed hard drives on computers that are decommissioned and sold on represent a significant risk to business Continue Reading
-
News
25 Apr 2012
Infosec 2012: Internet security body to tackle SSL problems
The Trustworthy Internet Movement (TIM) is to tackle implementation and governance internet communication protocol (SSL) as its first project. Continue Reading
-
News
25 Apr 2012
Infosec 2012: Patching alone can deliver 80% protection
Keeping software up to date with security patches can deliver 80% protection from cyber threats, says security firm Secunia. Continue Reading
-
News
25 Apr 2012
Infosec 2012: Cloud enables security expertise for SME
Small and medium enterprises (SMEs) typically face the same threats as bigger organisations, but lack the same level of expertise and other security resources. Continue Reading
-
Tip
24 Apr 2012
6 point SIEM solution evaluation checklist
With SIEM solutions gaining steam in India, Satish Jagu of Genpact shares concise tips based on the lessons from his SIEM implementation experiences. Continue Reading
-
News
24 Apr 2012
2012 Information Security Breaches Survey
Security breaches cost the UK billions over the last 12 months as cyber attacks reached record levels. Continue Reading
-
News
23 Apr 2012
UK firms see competitors as greater cyber attack risk than criminals
More than half of UK firms expect a cyber attack in the next six months, but see competitors as a greater risk than criminals Continue Reading
-
News
11 Apr 2012
Busy security patch month for Microsoft administrators
Microsoft has released six patches, four critical, for 11 vulnerabilities in Office, Windows and various server products in its April security update. Continue Reading
-
News
02 Apr 2012
UK business fears impact of new EU data protection framework
More than half of senior UK IT managers in large enterprises believe the proposed new EU data protection framework will cost their business more money, a survey has revealed Continue Reading
-
News
02 Apr 2012
Fighting Economic Crime in the Financial Services sector
PwC examines the impact of Cybercrime on the financial services industry. Continue Reading
-
News
30 Mar 2012
SIEM deployment case study shows patience is required
Williams Lea’s SIEM is already helping reduce manual log reviews. But there’s still a lot of work to be done before the SIEM can be fully deployed. Continue Reading
-
News
27 Mar 2012
Warwickshire-based company to revamp data protection following breach
A Warwickshire-based company has committed to taking action to protect personal data, following a breach of the Data Protection Act Continue Reading
-
News
26 Mar 2012
Department for Work and Pensions outsources IT for universal credit welfare to India
The government is outsourcing IT development for the universal credit welfare programme to India despite promises to keep data projects in the UK Continue Reading
-
News
23 Mar 2012
Information management: lessons from the public sector
Freeform Dynamics identifies the lessons organisations can learn from the public sector's approach to information management Continue Reading
-
News
21 Mar 2012
Half of education institutions victims of mobile IT theft
According to research, 45% of UK education establishments claim to have had mobile IT equipment stolen during the last three years. Continue Reading
-
News
19 Mar 2012
UK hacktivist cases should spur business to action, says lawyer
The last of four alleged UK members of hacktivist group LulzSec has appeared in Westminster magistrates court in London Continue Reading
-
News
15 Mar 2012
BBC cyber attacks highlight difficulty of attribution
The BBC has said it is was targeted by cyber attacks following a campaign by Iran against its Persian service, but stopped short of accusing Tehran of ordering the cyber attacks Continue Reading
-
News
13 Mar 2012
Hackers expose weak security on Digital Playground porn site
A hacking group claims to have stolen the details of more than 70,000 users of the Digital Playground porn site Continue Reading
-
News
07 Mar 2012
NIST releases SP 800-153 WLAN security guidelines
The recently released NIST SP 800-153 addresses security of WLANS. Join us, as we take a closer look at the document’s recommendations. Continue Reading
-
News
05 Mar 2012
Rogue IT manager jailed for two years after £123k procurement scam
A rogue IT procurement manager has been jailed for two years after he colluded with two IT suppliers to defraud grocer Nisa Today out of £123,000 Continue Reading
-
News
02 Mar 2012
2012 security outlook
This report, based on extensive research from chief information security officers, identifies the top 10 security imperatives for 2012. Continue Reading
-
News
01 Mar 2012
RSA 2012: IT security experts urge enterprises to ban smartphone BYOD schemes
Enterprises should ban employees from using their own smartphones for work, a panel of IT security practitioners told the RSA Conference 2012 Continue Reading
-
News
29 Feb 2012
IT departments risk losing responsibility for IT security
IT security professionals can no longer take it for granted that IT security will continue as part of the IT function Continue Reading
-
Photo Story
25 Feb 2012
The CISO Power List, 2012
Our CISO Power List for 2012 brings you the who’s who in the Indian information security scene. Join us, as we pay tribute to India’s top 15 CISOs. Continue Reading
-
Feature
23 Feb 2012
Arup Chatterjee
SearchSecurity.in CISO Power List 2012 Profile: Arup Chatterjee, CISO, WNS Global Services. Continue Reading
-
Feature
23 Feb 2012
Agnelo D'Souza
SearchSecurity.in CISO Power List 2012 Profile: Agnelo D‘Souza, CISO, Kotak Mahindra Bank. Continue Reading
-
Feature
23 Feb 2012
Sunil Dhaka
SearchSecurity.in CISO Power List 2012, Profile: Sunil Dhaka, CISO, ICICI Bank. Continue Reading
-
News
23 Feb 2012
OSSIM update enables cyber threat intelligence sharing
The latest update to the Open Source Security Information Management (OSSIM) base system includes a mechanism for sharing cyber threat intelligence. Continue Reading
-
Feature
22 Feb 2012
Sameer Ratolikar
SearchSecurity.in CISO Power List 2012: Profile for Sameer Ratolikar, CISO, Bank of India. Continue Reading
-
Feature
22 Feb 2012
Pankaj Agrawal
SearchSecurity.in CISO Power List 2012 Profile: Pankaj Agrawal, CISO & Head of Technology Governance, Aircel Continue Reading
-
News
21 Feb 2012
Google bypassed IE too, says Microsoft
Microsoft has accused Google of bypassing the privacy settings of Internet Explorer users after Safari faux pas Continue Reading
-
News
17 Feb 2012
UK regulator PhonepayPlus fines Dutch typosquatting companies
UK phone regulator PhonepayPlus fines two Dutch firms £100,000 for exploiting well-known websites Wikipedia, Twitter and YouTube Continue Reading
-
Feature
14 Feb 2012
Buyer's Guide: How to prepare your organisation for IPv6
The switch to IPv6 – on 6 June – shows just how imminent the transition from IPv4 to IPv6 is. Is your organisation ready? Continue Reading
-
News
13 Feb 2012
IE update top priority for Patch Tuesday
Microsoft releases nine bulletins addressing 21 vulnerabilities in its monthly Patch Tuesday security update on 14 February Continue Reading
-
News
08 Feb 2012
Web application vulnerability statistics show security losing ground
New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks. Continue Reading
-
News
06 Feb 2012
FBI investigates Anonymous intercept of call with Scotland Yard
The US Federal Bureau of Investigation (FBI) is looking into how a conference call with Scotland Yard was intercepted by a member of the activist hacking group Anonymous. Continue Reading
-
News
01 Feb 2012
Fewer than a third of UK organisations plan mobile security projects
Despite the media hype around the adoption of mobile technologies and the need to secure them, relatively few UK organisations are planning mobile security projects, a survey has revealed Continue Reading
-
Feature
01 Feb 2012
When X.509 security certificates fail, servers break
Why are X.509 certificates causing computers to stop dead? Continue Reading
-
News
30 Jan 2012
MEP quits as thousands protest ACTA signing
A European MP has resigned after thousands of people in Poland protested against the international anti-counterfeiting trade agreement (ACTA) Continue Reading
-
News
16 Jan 2012
Rupert Murdoch attacks Barack Obama over online piracy legislation
News Corp chief Rupert Murdoch has accused Barack Obama's administration of siding with "Silicon Valley paymasters" as two anti-piracy bills go through US Congress. Continue Reading
-
News
13 Jan 2012
NHS Trust to appeal £375k data loss penalty
An NHS Trust is to appeal against a proposed monetary penalty of £375,000 after after patient records were stolen from a hospital and sold on eBay. Continue Reading
-
News
13 Jan 2012
Fighting fraud in government
Cybercrime has emerged as a growing threat to public sector organisations, this research from PwC reveals. Continue Reading