IT risk management

Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.

News 30 Jul 2025
Scattered Spider tactics continue to evolve, warn cyber cops

CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things. Continue Reading
By
- Alex Scroxton, Security Editor
News 30 Jul 2025
MS Authenticator users face passkey crunch time

The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now Continue Reading
By
- Alex Scroxton, Security Editor

News 08 Dec 2004
The security lingo of 2004

This was the year of botnets, zombie PC armies and phishying online schemes. Continue Reading
By
- Bill Brenner
News 05 Dec 2004
Think Sarbanes Oxley extension changes things? Think again

Continue Reading
By
- David Foote, Foote Partners LLC
News 28 Oct 2004
MoD may write off £200m Chinook helicopters

The Ministry of Defence could write off more than £200m spent on eight Chinook Mk3 helicopters. Continue Reading
By
- Tony Collins
Feature 21 Oct 2004

IP everything, essentially

What are the fundamental deliverables of IP networks? How can you use IP networks to gain financial benefits in addition to... Continue Reading
Feature 21 Oct 2004

The basis of profitability

Not so long ago, you didn't have much choice - your IT and communications requirements were acquired, implemented and maintained... Continue Reading
News 04 Oct 2004
Symantec offers bare metal restore software

Continue Reading
By
- Shane O'Neill
News 03 Oct 2004

Training for CISSP Certification: SearchSecurity.com's Security School

Study guides for each of the ten domains of the CBK for those preparing to take the CISSP exam or expanding their knowledge of security concepts and practices. Continue Reading
News 26 Sep 2004
Authorize.Net says it has 'learned' from attack

The credit card processing service was unprepared for the kind of attack it suffered last week, but it will use the experience to improve security. Continue Reading
By
- Bill Brenner
News 21 Sep 2004
Survey shows SOX bringing IT, business together

Continue Reading
By
- Ed Parry, News Editor
Feature 14 Sep 2004

Management matters

Cath Everett finds out how you stay on top of networking. What are the management issues related to your telecoms and networks... Continue Reading
News 24 Aug 2004

Latest worm uses IM to lure victims

A version of the worm which spread from infected Microsoft Internet Information Services (IIS) web servers in June has been... Continue Reading
Feature 13 Aug 2004

Undercover operations

Computer crime is on the rise, but collecting admissible evidence is a tricky business. Helen Beckett gets expert advice on what... Continue Reading
News 27 Jul 2004
New attacks and vulnerability trends highlighted at Black Hat

Presentations beginning today will analyze vulnerabilities, zero-day code, phishing and secure wireless deployment, among many other topics. Continue Reading
By
- Shawna McAlearney, News Writer
News 26 Jul 2004
Fewer IT supplier conflicts are going to court

Law firms have reported a sharp fall in the number of IT disputes reaching the courts over the past 12 months as more users turn... Continue Reading
By
- Bill Goodwin, Investigations Editor
News 25 Jul 2004

Learning about Security Threats: Profiling

A look at what it means to be a hacker. Continue Reading
News 18 Jul 2004
Debian fixes multiple flaws

Denial-of-service, buffer overflow and format string vulnerabilities in Debian GNU/Linux that an attacker could use to remotely execute malicious code has been fixed. Continue Reading
By
- Bill Brenner
News 18 Jul 2004
Enterprise-class RAID functions, part 2: N-way mirroring, splitting and more

With the convergence of RAID and lower-priced storage technologies, advanced RAID functions can be enjoyed by any small-to-medium sized organization with critical data. Continue Reading
By
- Randy Arnott
News 14 Jul 2004

Continuous backup gains traction

For continuous backup technology, 2004 is the year that vendors have moved from promises to actual products. Although the market is still small -- inhabited by startups such as Revivio, Mendocino Software, Alacritus and XOsoft -- the buzz is relatively loud. Continue Reading
News 21 Jun 2004
Users at risk after web host attack

Users have been warned to brace themselves for attacks on sites which provide patch downloads and web hosting services. Continue Reading
By
- Arif Mohamed
News 23 May 2004

Hacking for Dummies: Chapter 10 -- Wireless LANs

Read Chapter 10, Wireless LANs, from the book "Hacking for Dummies" written by Kevin Beaver. Continue Reading
News 19 May 2004
IT experts not losing sleep over code theft

Days after Cisco acknowledged someone may have stolen source code from its network, IT experts said they doubt it will amount to anything catastrophic. After all, source code has made it onto the Internet before, and there's no proof it has ever led to an attack. For them, the bigger question is how to prevent such a thing from happening to their organization. Continue Reading
By
- Bill Brenner
News 13 May 2004

Hacking For Dummies: Chapter 7 -- Passwords

In his latest book, "Hacking For Dummies," Kevin Beaver takes the reader into the mindset of a hacker in order to help admins fend off vulnerabilities and attacks. Continue Reading
News 02 May 2004
Return to sender?

Several researchers have identified a new e-mail attack that can be used to swamp enterprise e-mail servers, as well as some secondary systems. Continue Reading
By
- Hank Hogan, Contributing Writer
News 15 Apr 2004
Bacs launches online billing service

UK clearing house Bacs has embarked on a joint venture with a US software company to provide an online bill presentation and... Continue Reading
By
- Nick Huber
News 11 Apr 2004
IBM and Cisco battle remote attack vulnerabilities

Continue Reading
By
- Edmund X. DeJesus, Contributing Writer
News 17 Mar 2004
Best practices for enabling and maintaining compliance

As part of our Storage Decisions conference preview series, Shaun Mahoney, senior storage engineer for Citigroup, Randy Wilson, assistant vice president of IT at Essex Investment Management Company and Enterprise Storage Group's Peter Gerr discussed the best practices for enabling compliance. Continue Reading
By
- Mark Lewis, Editor
Feature 15 Mar 2004
Achieving the goal of CIO

What exactly does a chief information officer do?Paul Burfitt, global CIO at AstraZeneca, analysed the various aspects of his job... Continue Reading
By
- Julia Vowler
News 01 Mar 2004
There's no government like no government

Continue Reading
By
- Niall McKay, Contributing Writer
News 24 Feb 2004

Exploiting Software: How to Break Code, Chapter 7 -- Buffer Overflow

This excerpt is from Chapter 7, Buffer Overflow of Exploiting Software: How to Break Code written by Greg Hoglund and Gary McGraw. Continue Reading
News 10 Nov 2003
NHS IT plan risky but will not fail, says OGC

The £2.3bn national programme to modernise health service IT systems is "risky and ambitious" but it has sufficient safeguards in... Continue Reading
By
- Nick Huber
Feature 26 Mar 2003
What's in an IT name?

What exactly does a chief information officer do?Paul Burfitt, global CIO at AstraZeneca, analysed the various aspects of his job... Continue Reading
By
- Nick Huber
News 06 Feb 2003
Users warned as number of software holes soars

IT departments were put on alert this week after it emerged that the number of security vulnerabilities discovered in commercial... Continue Reading
By
- Bill Goodwin, Investigations Editor
News 29 Jan 2003
Courts Libra system 'is one of the worst IT projects ever seen'

The cost of the Libra project to provide a national system for 385 magistrates courts soared from £146m to £390m, and the main... Continue Reading
By
- Tony Collins
Opinion 23 May 2002

Who watches the watchers?

The Civil Aviation Authority must come clean about how it has policed Nats' computer systems Continue Reading
News 07 Feb 2002
Victory! Lords confirm CW stand - software flaw could have caused Chinook crash

An historic House of Lords report has this week vindicated a five-year campaign by Computer Weekly for justice after the crash of... Continue Reading
By
- Tony Collins
Feature 06 Dec 2000

The VPN dilemma

With traditional networks choking on data, Liz Biddlecombe investigates the pros and cons of managing a VPN yourself or... Continue Reading
News 30 Nov 2000
Chinook: a breach of natural justice

MPs slam MoD over 1994 crash whitewash. Software, not pilot error, could have killed 29 Continue Reading
By
- Tony Collins
Feature 29 Nov 2000
Computer Weekly's evidence to the Public Accounts Committee

We write to the Public Accounts Committee in relation to its consideration of the Chinook's FADEC computerised engine control... Continue Reading
By
- Computer Weekly Staff
Opinion 16 Nov 2000
Solution: Internet misuse at work

Like the technology, Internet abuse appears to have proliferated in recent years. There are, however, two ways to tackle this... Continue Reading
By
- Paul Grant
Feature 15 Nov 2000
Tackling Internet misuse at work

Like the technology, Internet abuse appears to have proliferated in recent years. There are, however, two ways to tackle this... Continue Reading
By
- Paul Grant
Feature 15 Nov 2000
MoD kept RAF chief in the dark

New evidence shows that the air chief marshal who blamed the pilots for the Chinook crash on the Mull of Kintyre in 1994 was not given potentially vital information related to the helicopter's safety-critical software Continue Reading
By
- Tony Collins
Feature 01 Nov 2000
Pathway and the Post Office: the lessons learned

The infamous 1996-1999 Pathway project aimed to computerise the nation’s post offices and tackle benefit fraud. But 18 months... Continue Reading
By
- Computer Weekly Staff
Feature 18 Oct 2000

How to scour the world when outsourcing

Thanks to Y2K compliance programmes, it is now perfectly acceptable for a firm to consider moving all or part of its systems development and support... Continue Reading
Feature 24 May 2000
Lifting the lid on secret stiffing techniques

One of the UK's most experienced IT negotiators lifts the lid on some of the sharp practices used by software suppliers to get... Continue Reading
By
- Karl Schneider
News 29 Mar 2000

MoD did not tell the whole truth on Chinook software

Letters from software experts to Computer Weekly show the Ministry of Defence omitted to mention it sanctioned the very testing... Continue Reading
Feature 08 Mar 2000
Leaked RAF memo scathing of safety software evaluation

Computer Weekly's Tony Collins uncovers evidence that the MoD has consistently undermined the authority of its software assessors... Continue Reading
By
- Computer Weekly's Tony Collins
Feature 01 Mar 2000

January-February

Tesco target of 300 online shops within one year Continue Reading
News 09 Feb 2000
NAO report puts software at the heart of Chinook debate

Tony Collins
Government auditors will report tomorrow (Friday) that defence staff put into operational service a fleet of Chinook...
Continue Reading
By
- Tony Collins
Feature 12 Jan 2000
Was Y2K a costly non-event?

Many expected catastrophe. In reality, the industry coped well and is now in good shape for the future, writes Bill Goodwin Continue Reading
By
- Bill Goodwin, Investigations Editor
Feature 21 Oct 1999
White Paper: Software solutions for effective network power management

Uncertain power conditions can wreak havoc on small businesses, however, there are ways to limit the risk of computer data loss Continue Reading
By
- na