IT security
-
News
08 Aug 2025
OpenAI closes gap to artificial general intelligence with GPT-5
As OpenAI’s latest large language model delivers smarter AI, experts are wary of the risks GPT-5 poses to human creativity Continue Reading
-
News
06 Aug 2025
Black Hat USA: Startup breaks secrets management tools
Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms Continue Reading
-
News
06 Aug 2025
Black Hat USA: Startup breaks secrets management tools
Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms Continue Reading
-
News
06 Aug 2025
Cyber criminals would prefer businesses don’t use Okta
Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use Continue Reading
-
News
06 Aug 2025
Companies House ID verification to start in November 2025
Companies House plans to start vetting director identities from mid-November, but its reliance on the troubled One Login digital identity service may be cause for concern Continue Reading
-
News
06 Aug 2025
NCSC updates CNI Cyber Assessment Framework
Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles Continue Reading
-
Definition
06 Aug 2025
What is enterprise risk management (ERM)?
Enterprise risk management (ERM) is the process of planning, organizing, directing and controlling the activities of an organization to minimize the harmful effects of risk on its capital and earnings. Continue Reading
-
News
06 Aug 2025
Australian scaleup to bring AI-led data protection to the MoD
The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records Continue Reading
-
News
05 Aug 2025
Attacker could defeat Dell firmware flaws with a vegetable
Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion Continue Reading
-
Tip
05 Aug 2025
8 ways to enhance data center physical security
Data center physical security is just as important as cybersecurity. Organizations can follow these eight security approaches to enhance facility access monitoring. Continue Reading
-
E-Zine
05 Aug 2025
Digitising fan experience
In this issue, discover the latest twist regarding a secret Home Office order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud. Also discover how the Premier League is using digital means to reach fans, and learn about identity security in SaaS deployments. Read the issue now. Continue Reading
-
Definition
04 Aug 2025
What is the DRY principle?
The DRY (don't repeat yourself) principle, introduced by Andrew Hunt and David Thomas in 'The Pragmatic Programmer,' promotes the idea that every piece of knowledge should have a single, unambiguous, authoritative representation within a system. Continue Reading
-
News
04 Aug 2025
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback
Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers Continue Reading
-
News
04 Aug 2025
Proliferation of on-premise GenAI platforms is widening security risks
Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams Continue Reading
-
News
04 Aug 2025
Agentic AI a target-rich zone for cyber attackers in 2025
At Black Hat USA 2025, CrowdStrike warns that cyber criminals and nation-states are weaponising GenAI to scale attacks and target AI agents, turning autonomous systems against their makers Continue Reading
- 04 Aug 2025
- 04 Aug 2025
-
News
01 Aug 2025
Met Police to double facial recognition use amid budget cuts
The UK’s largest police force is massively expanding its use of live facial recognition technology as it prepares to lose 1,700 officers and staff Continue Reading
-
News
01 Aug 2025
Securing agentic identities focus of Palo Alto’s CyberArk buy
Palo Alto Networks is entering the identity security space with a multibillion-dollar acquisition, and plans to address growing concerns around protecting identities associated with AI agents Continue Reading
-
Opinion
01 Aug 2025
The blind spot: digital supply chain is now a board-level imperative
Many companies lack visibility into complex digital supply chains, meaning hidden risks and regulatory exposure. Cyber security requires continuous mapping and board engagement Continue Reading
-
Opinion
31 Jul 2025
I lost my sister to online harms, the OSA is failing vulnerable people
Adele is a member of Families and Survivors to Prevent Online Suicide Harms campaign, a network that brings together survivors and families bereaved by online harm-related suicides. They are calling for changes to the enforcement of the Online Safety Act Continue Reading
-
News
31 Jul 2025
Palo Alto Networks to acquire CyberArk for $25bn
The deal marks Palo Alto Networks’ entry into the identity and access management space amid the growing need to secure human, machine and emerging AI agent identities Continue Reading
-
News
30 Jul 2025
Scattered Spider tactics continue to evolve, warn cyber cops
CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things Continue Reading
-
News
30 Jul 2025
Apple pushes almost 30 security fixes in mobile update
Apple pushes what will likely be the last major security update to its current iPhone and iPad operating systems, fixing 29 vulnerabilities in its mobile ecosystem Continue Reading
-
News
30 Jul 2025
MS Authenticator users face passkey crunch time
The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now Continue Reading
-
News
30 Jul 2025
AI-enabled security pushes down breach costs for UK organisations
Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study Continue Reading
-
Opinion
30 Jul 2025
Cyber governance practices are maturing - and reshaping leadership expectations
How technology leaders can help organisations shape their cyber governance practices and strengthen their collaboration across the executive team Continue Reading
-
Opinion
30 Jul 2025
GDPR’s 7th anniversary: in the AI age, privacy legislation is still relevant
Seven years after GDPR reshaped data protection, AI is forcing a fresh look at governance. GDPR’s principles remain critical, guiding ethical AI use, risk management, and trusted innovation Continue Reading
-
News
30 Jul 2025
Industry experts warn crypto infrastructure is ‘creaking’
A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing Continue Reading
-
News
30 Jul 2025
International AI Alignment effort tackles unpredictability
Given AI systems are probabilistic, a group of international experts are collaborating to ensure such systems operate in the best interest of society Continue Reading
-
News
29 Jul 2025
Senator warns of new UK surveillance risks to US citizens following Apple ‘backdoor’ row
US lawmaker calls for the US to publish an assessment of the risks posed by UK surveillance laws to US citizens in the wake of disclosures that the UK has ordered Apple to introduce ‘backdoors’ in Apple encryption Continue Reading
-
News
29 Jul 2025
Austrian government faces likely legal challenge over state spyware
Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law Continue Reading
-
News
29 Jul 2025
European Commission ignores calls to reassess Israel data adequacy
The European Commission is ignoring calls to reassess Israel’s data adequacy status in spite of concerns raised about its data protection framework and use of personal data in ‘repressive practices’ Continue Reading
-
News
29 Jul 2025
Global cyber spend will top $200bn this year, says Gartner
Worldwide spending on cyber security will hit another record high in 2025, and will go higher still next year Continue Reading
-
Opinion
29 Jul 2025
Burnout burden: why CISOs are at breaking point, what needs to change
CISOs face growing burnout as their roles expand beyond security, with high stress, low organisational authority, and short tenure. AI can help but change requires autonomy Continue Reading
-
Definition
29 Jul 2025
What is good automated manufacturing practice (GAMP)?
Good automated manufacturing practice (GAMP) is a set of guidelines for pharmaceutical manufacturers. Continue Reading
-
Definition
29 Jul 2025
What is an input validation attack?
An input validation attack is any malicious cyberattack that involves an attacker manually entering strange, suspicious or unsafe information into a normal user input field of a target computer system. Continue Reading
-
Feature
29 Jul 2025
Building digital resilience in retail
Retail is suffering economically and from hacking attacks. What steps can retailers can take to prevent cyber attacks, supply chain disruptions and migration downtime? Continue Reading
-
News
28 Jul 2025
Data resilience critical as ransomware attacks target backups
With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to treat data resilience as a competitive advantage, not just an insurance policy Continue Reading
-
Opinion
25 Jul 2025
The UK’s ransomware payment ban is a strategic win
The UK's proposed public sector ransomware payment ban could be a bold step, but it can't operate in isolation. Continue Reading
-
News
25 Jul 2025
Interview: Cambridge Consultants CEO Monty Barlow scans for tech surprises
Cambridge Consultants is a technology and consulting business unit of Capgemini. Its chief executive, Monty Barlow, talks about its heritage and vision for the future of digital technology Continue Reading
-
News
24 Jul 2025
US seeks ‘unquestioned’ AI dominance
US AI action plan sets out aims to expand American dominance in the world of artificial intelligence Continue Reading
-
News
24 Jul 2025
SharePoint users hit by Warlock ransomware, says Microsoft
Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware Continue Reading
-
News
24 Jul 2025
Scattered Spider victim Clorox sues helpdesk provider
Cleaning products manufacturer Clorox fell victim to a Scattered Spider social engineering attack two years ago – it blames its IT helpdesk provider, Cognizant Continue Reading
-
News
24 Jul 2025
Dutch researchers use heartbeat detection to unmask deepfakes
Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate Continue Reading
-
News
24 Jul 2025
Monzo’s £21m fine highlights banks’ cyber security failures
Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world Continue Reading
-
News
23 Jul 2025
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’
Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud Continue Reading
-
Opinion
23 Jul 2025
Is it time to rethink the OWASP Top 10?
The OWASP Top 10 serves as a key reference point for developers and security professionals, but with a new iteration on the horizon, we need to confront a hard truth: has it lost its effectiveness, or have we failed to implement it meaningfully? Continue Reading
-
Feature
23 Jul 2025
Disaster recovery: As-a-service vs on-premise?
It’s easy to backup to the cloud, and we run lots of applications there now, too. So, running DR as-a-service in the cloud makes perfect sense for many. We look at the pros and cons Continue Reading
-
News
23 Jul 2025
Interview: Is there an easier way to refactor applications?
We speak to the inventor of OpenRewrite about how enterprise IT can manage code across thousands of source code repros Continue Reading
-
Feature
23 Jul 2025
Business resilience needs comprehensive approach
The cyber attack on Marks & Spencer showed the vulnerability of even very established companies. But business applications resilience goes beyond cyber security basics Continue Reading
-
News
22 Jul 2025
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server Continue Reading
-
Opinion
22 Jul 2025
Overconfidence in cyber security: a silent catalyst for CNI breaches
Many CNI organisations are perilously overconfident in their ability to manage and combat cyber risks, according to Bridewell research. This is leaving vital systems exposed. Continue Reading
-
News
22 Jul 2025
Chinese cyber spies among those linked to SharePoint attacks
Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors Continue Reading
-
News
22 Jul 2025
UK government to bring in ransomware payment ban
Critical infrastructure operators, hospitals, local councils and schools will be among those banned from giving in to cyber criminal demands as the UK moves forward with proposals to address the scourge of ransomware Continue Reading
-
News
22 Jul 2025
UK government signs partnership with OpenAI
Deal sees firm behind ChatGPT collaborate with government on AI security research to explore investment opportunities Continue Reading
-
News
22 Jul 2025
Interview: How OpenAI is making ChatGPT public and private sector-ready
We speak to OpenAI’s solution engineering lead, Matt Weaver, about enterprise adoption and making ChatGPT secure Continue Reading
-
Podcast
22 Jul 2025
App refactoring recipe: A Computer Weekly Downtime Upload podcast
We speak to Moderne CEO and OpenRewrite inventor, Jonathan Schneider, about application modernisation Continue Reading
-
E-Zine
22 Jul 2025
UKtech50 2025: The most influential people in UK IT
In this week’s edition of Computer Weekly, we share the results of this year’s UKTech50 list of the IT leaders who are shaping the UK’s digital economy. We also feature a profile of this year’s winner, DeepMind CEO Demis Hassabis, who is the first person ever to top the list twice. Elsewhere in the issue, we also take a look at what steps IT leaders can take to lockdown their Amazon Web Services stacks, and discover the role that data management platforms play in the delivery of a great customer experience. Read the issue now. Continue Reading
-
News
21 Jul 2025
UK may be seeking to pull back from Apple encryption row with US
UK government officials say that attempts by the Home Office to require Apple to introduce ‘backdoors’ to its secure encrypted storage service will cross US red lines Continue Reading
-
News
21 Jul 2025
Darktrace buys network visibility specialist Mira
AI cyber giant Darktrace buys network security firm Mira for an undisclosed sum, seeking to enhance the tech stack it offers to highly regulated sectors Continue Reading
-
News
21 Jul 2025
Patch ToolShell SharePoint zero-day immediately, says Microsoft
The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised Continue Reading
-
News
21 Jul 2025
The Security Interviews: Jason Nurse, University of Kent
Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more Continue Reading
-
Feature
21 Jul 2025
Meet the deepfake fraudster who applied to work at a deepfake specialist
A recruiter at voice fraud specialist Pindrop had a shock when they came face-to-face with the same deepfake job candidate not once, but twice. Hear their story and learn how to start to protect your hiring process Continue Reading
-
Opinion
21 Jul 2025
One year on from the CrowdStrike outage: What have we learned?
A year has passed since the CrowdStrike outage caused widespread disruption to enterprise IT systems and infrastructure, but what - if anything - has been learned from the situation? Continue Reading
-
News
21 Jul 2025
Singapore under ongoing cyber attack from APT group
Nation-state actor UNC3886 is actively targeting Singapore’s critical national infrastructure in a sophisticated espionage and disruption campaign, with the country mounting a whole-of-government response Continue Reading
-
News
21 Jul 2025
Netherlands calls for European shift to post-tracking internet as privacy laws fail
Dutch research institute argues decade of regulation hasn’t curbed surveillance capitalism, proposes fundamental business model change Continue Reading
-
News
18 Jul 2025
NCSC exposes Fancy Bear's Authentic Antics malware attacks
Amid a new round of UK government sanctions targeting Moscow's intelligence apparatus, the NCSC has formally attributed attacks orchestrated with a cleverly-designed malware to the GRU's Fancy Bear cyber unit Continue Reading
-
News
18 Jul 2025
DWP accused of shielding AI deployments from public scrutiny
Amnesty International and Big Brother Watch say Department for Work and Pensions’ ‘unchecked’ and opaque use of AI in the UK benefits system treats claimants as suspicious and is shielded from public scrutiny Continue Reading
-
Definition
18 Jul 2025
What is biometric authentication?
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify their identity. Continue Reading
-
News
17 Jul 2025
European cyber cops target NoName057(16) DDoS network
A Europol operation has succeeded in disrupting a pro-Russian hacktivist network accused of conducting DDoS cyber attacks on targets in Ukraine and Europe Continue Reading
-
News
17 Jul 2025
Estimated 96% of EMEA financial services sector not ready for DORA
Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act Continue Reading
-
17 Jul 2025
Dutch university’s rapid response saved it from ransomware devastation
Eindhoven University of Technology knew its credentials were compromised, planned multi-factor authentication, and regularly practised cyber crisis drills – yet it still fell victim to attackers Continue Reading
-
E-Zine
17 Jul 2025
CW EMEA: Vive la AI
In this quarter’s CW EMEA, we look at how one of the Netherlands’ leading technology education centres, Eindhoven University of Technology, fell victim to sophisticated cyber attacks. What unfolded in the university’s reaction is evidence that the hard work and preparation for such an event pays off. Continue Reading
-
News
17 Jul 2025
Terrorist potential of generative AI ‘purely theoretical’
UK terror legislation advisor takes stock of the potential for generative artificial intelligence systems to be adopted by terrorists, particularly for propaganda and attack planning purposes, but acknowledges the impact may be limited Continue Reading
-
News
16 Jul 2025
Hackbots biggest cloud security risk, slashing attack times to minutes
With cyber criminals using automated tools to steal data in minutes, organisations must focus on runtime protection and automated responses to combat the rising threat from AI and misconfigured cloud assets Continue Reading
-
News
16 Jul 2025
Co-op chief ‘incredibly sorry’ for theft of 6.5m members’ data
Co-op chief executive Shirine Khoury-Haq has revealed that all the personal data of all 6.5 million of its members was compromised in the April 2025 cyber attack on its systems Continue Reading
-
News
16 Jul 2025
Scattered Spider playbook evolving fast, says Microsoft
Microsoft warns users over notable evolutions in Scattered Spider’s attack playbook, and beefs up some of the defensive capabilities it offers to customers in response Continue Reading
-
News
16 Jul 2025
Forrester urges IT leaders to dump technical debt
IT needs to invest in innovative technologies and outsource legacy IT management to tackle volatile global markets, says Forrester Continue Reading
-
News
16 Jul 2025
Securonix tackles security data deluge with AI-driven platform
As security data volumes grow and security budgets tighten, Securonix is betting on its AI-driven platform to help businesses manage threats cost-effectively, says its CEO Continue Reading
-
News
15 Jul 2025
UKtech50 2025: The most influential people in UK technology
Computer Weekly has announced the 15th annual UKtech50 – our definitive list of the movers and shakers in the UK tech sector Continue Reading
-
News
15 Jul 2025
Current approaches to patching unsustainable, report says
Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report Continue Reading
-
News
15 Jul 2025
MoD cyber breach put thousands of Afghan lives at risk
More than 18,000 Afghan citizens eligible to relocate to the UK under a government programme to protect them from the Taliban were put at risk in a heretofore unreportable data breach Continue Reading
-
News
15 Jul 2025
NCSC sets up Vulnerability Research Initiative
The NCSC is expanding its vulnerability research project to draw in external expertise Continue Reading
-
Definition
15 Jul 2025
What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks and data from digital threats. Continue Reading
-
Definition
15 Jul 2025
What is supply chain risk management (SCRM)?
Supply chain risk management (SCRM) is the coordinated efforts of an organization to help identify, monitor, detect and mitigate threats to supply chain continuity and profitability. Continue Reading
-
News
15 Jul 2025
Ada Lovelace: using market forces to professionalise AI assurance
The Ada Lovelace Institute examines how ‘market forces’ can be used to drive the professionalisation of artificial intelligence assurance in the context of a wider political shift towards deregulation Continue Reading
-
Opinion
15 Jul 2025
Data (Use and Access) Act: Reflections on an eight-month statute
It took a long time, but the government's new data legislation finally made it into the statute book - it holds a lot of promise, but also leaves a lot of unanswered questions Continue Reading
-
News
15 Jul 2025
Datadog doubles down on APAC, targets faster growth
The observability tools supplier is executing a multi-year growth plan for Asia-Pacific and Japan, focusing on data residency, localisation and AI-driven observability to grow its market share Continue Reading
-
News
14 Jul 2025
Brits clinging to Windows 10 face heightened risk, says NCSC
Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC Continue Reading
-
News
14 Jul 2025
Luxury retailer LVMH says UK customer data was stolen in cyber attack
French luxury goods retailer LVMH has disclosed multiple cyber attacks in 2025 so far, and their impact is now spreading to the UK as a new incident affecting Louis Vuitton comes to light Continue Reading
-
Feature
14 Jul 2025
Assessing the risk of AI in enterprise IT
We speak to security experts about how IT departments and security leaders can ensure they run artificial intelligence systems safely and securely Continue Reading
-
News
14 Jul 2025
AI adoption grows amid falling trust in AI outputs
As organisations move from AI hype to reality, a decline in trust for AI outputs is not a sign of failure, but a signal of market maturity, according to Bhavya Kapoor, Avanade's Asia-Pacific president Continue Reading
-
News
11 Jul 2025
MoD supply chain cyber scheme gets up and running
The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance Continue Reading
-
News
11 Jul 2025
Pobl Group builds on managed SD-WAN for housing development
Three-year contract for managed software-defined wide area network service follows merger creating Wales’s largest housing association Continue Reading
-
News
11 Jul 2025
UK to create ‘governance framework’ for police facial recognition
Home secretary Yvette Cooper has confirmed UK will regulate police facial recognition, citing police reticence to deploy systems without proper governance, but declined to say if any new framework will be statutory Continue Reading
-
News
11 Jul 2025
European Commission accused of rigging data watchdog appointment
The European Commission has been accused of rigging the selection process for the next European Data Protection supervisor Continue Reading
-
News
11 Jul 2025
AWS bolsters security tools to help customers manage AI risks
Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications Continue Reading
-
News
10 Jul 2025
Government funding to help SMEs protect their IP
Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property Continue Reading
-
News
10 Jul 2025
UK and France forge closer cyber, tech research ties
The navigation and timing systems used by power suppliers and emergency services to run their operations will fall in scope of an Anglo-French research pact that will also foster development in AI and supercomputing Continue Reading
-
News
10 Jul 2025
Four arrested in M&S cyber attack investigation
Police have made four arrests in connection with a trio of cyber attacks on UK retailers Marks & Spencer, Co-op and Harrods Continue Reading
-
Blog Post
09 Jul 2025
Enterprise IT risks of AI and agentic AI
Everyone involved in IT needs to be focused on the implications of artificial intelligence (AI) on enterprise cybersecurity. Yet precious little energy is being expended on making sure AI is ... Continue Reading
