IT security

GTT teams with Palo Alto to power SASE platform

Secure access service edge platform will offer advanced security techniques, fortifying network access from any location Continue Reading

Overcome the security talent shortage by addressing your tech stack

This is a guest post by Graham Pearson, vice-president and general manager for ANZ at Lacework Australians will spend approximately $5.6bn on cyber security alone this year, according to AustCyber, ... Continue Reading

Security Think Tank: Think people, processes and systems

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

Kaspersky introduces cyber policy for bionic devices

Cyber firm Kaspersky has become one of the first organisations in the world to develop and implement a security policy covering the use of bionic devices and other forms of human augmentation Continue Reading

A ‘whole of society’ approach to cyber may be on the horizon

Nominet Cyber managing director David Carroll reflects on the NCSC’s latest annual review amid 2021’s fast-evolving threat landscape Continue Reading

The way we talk and think about tech is crucial to helping solve the skills shortage crisis

Companies are looking to short-term fixes to find IT specialists, but there is still a need for long-term solutions Continue Reading

Security Think Tank: In the cloud, anti-human approaches set us up to fail

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

Compliance, device management a challenge for NHS cyber teams

Information gleaned by asset visibility specialist Armis reveals that despite improvements, some daunting security challenges still dog the NHS Continue Reading

MI6 will ‘open up’ to tech firms to innovate faster than adversaries, says chief Richard Moore

MI6 will use investment fund to back tech companies to develop long-term technologies that will help it to keep pace with China and Russia Continue Reading

HP patches bugs in over 150 printer models

More than 150 HP multifunction printers are at risk of compromise through a series of newly disclosed vulnerabilities, one of them wormable Continue Reading

Recovering from ransomware: One organisation’s inside story

In February 2021, French office equipment supplier Manutan fell victim to a DoppelPaymer ransomware hit. IT ops director Jérôme Marchandiau tells the inside story of the incident Continue Reading

Why does ransomware still work?

As someone who first encountered ransomware during the last millennium – thankfully at second-hand – and has been writing about it for almost as long, I sometimes find myself amazed by the high ... Continue Reading

Digital beats – how Warner Music turned to the cloud

In this week’s Computer Weekly, we talk to the CIO of Warner Music about how cloud computing helps it meet the needs of music lovers. AstraZeneca discusses how its enterprise social media system helped through the pandemic. And we assess the tech sector’s response to the government’s plans to tackle digital skills shortages. Read the issue now. Continue Reading

ICO warns facial recognition company Clearview AI it could face £17m fine over privacy breaches

The UK’s information commissioner has issued a preliminary decision to fine Clearview over £17m for breaching UK data protection law and invited the company to make representations Continue Reading

Ransomware teaches us the importance of data protection

Several years ago, around the time that ransomware attacks started making the front pages of mainstream newspapers, not just in the IT press, I took part in a number of webcasts on the topic. The ... Continue Reading

British Army picks Immersive Labs for cyber training

The British Army will make Immersive Labs’ security training platform available to all serving personnel Continue Reading

Three latest trends and developments around the Mitre ATT&CK framework

Framework is set to receive important updates to help organisations and businesses evolve their cyber security. Learn more about what it offers Continue Reading

Security Think Tank: Dissecting the true value of SASE is a challenge

As a relatively nascent technology that is getting a lot of publicity, dissecting the true value of SASE is still a difficult proposition, for now Continue Reading

Computing at the edge: Let’s get on board

With the increasing complexity of networks today, whether it’s hybrid cloud infrastructure or time-sliced 5G, somehow we’ve got to manage it Continue Reading

UK’s surveillance culture may be normalising use of tech for abuse

Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships Continue Reading

Security Think Tank: SASE will become operational reality

While still considered very much a buzzword, the pace of change in corporate networks and operational technology means secure access service edge (SASE) is becoming reality for many Continue Reading

Government must prove its plans to police encryption work, says ex-cyber security chief

Ciaran Martin, the former UK cyber security chief, says the government must explain how it can access encrypted communications without damaging cyber security and weakening privacy Continue Reading

UK consumers warned of increase in credit card application fraud

There has been a sharp rise in fraudsters using stolen personal details to open credit card accounts Continue Reading

Consumer cyber bill to protect mobiles, smart devices

Product Security and Telecommunications Infrastructure Bill will reinforce protections for consumer devices and mandate improvements to default security settings Continue Reading

Apple sues under-fire malware firm NSO

Lawsuit alleges spyware firm NSO Group targeted Apple’s users, adding to the pressure on the under-fire company Continue Reading

Police tech introduced with little scrutiny or training

A Lords inquiry into the adoption of advanced algorithmic technologies by police in England and Wales has been told that new tools are being introduced without proper training and with little scrutiny of their impacts Continue Reading

Schrems accuses Irish DPC of trying to block publication of Facebook documents

Austrian lawyer Max Schrems has filed a complaint after the Irish data protection commissioner put his privacy organisation under pressure to sign a non-disclosure agreement Continue Reading

NCSC commits to new diversity measures

The National Cyber Security Centre’s second annual report on diversity in cyber security finds room for improvement Continue Reading

Back on the office network: What are the risks for mobile users?

Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading

Can the tech community show us how to save the world?

In this week’s Computer Weekly, we report from the COP26 conference on how the tech world’s collaborative open source model could help tackle climate change. Gartner has urged IT leaders to rethink their role as business come to rely on digital technologies. And we ask if your office security is at risk as staff return. Read the issue now. Continue Reading

Upcoming holidays prompt ransomware warning from authorities

Ransomware gangs know how calendars work, and may target their attacks around major holidays to take advantage of more people being off work, according to a new alert Continue Reading

Black Friday cyber warning for 4,000 card-skimming victims

NCSC warns thousands of small retailers that their websites are being exploited to steal customer data Continue Reading

CIO interview: Karl Hoods, CDIO, Department for Business, Energy and Industrial Strategy

Moving to the cloud, developing staff skills and responding quickly to the pandemic – from a public sector IT leader’s perspective Continue Reading

Back to the past with government identity

The UK government plans to spend up to £400m developing yet another digital identity system – why is taxpayer money going into a time warp when there is surely a better and cheaper way? Continue Reading

Why is Emotet back, and should we be worried about it?

The sudden reappearance of Emotet this week has security teams on high alert, but do we need to be worried about its return, and what should we be doing about it? Continue Reading

Cloud storage compliance pitfalls: Post-pandemic and post-Brexit

We look at the key areas of cloud storage compliance that can trip you up, with shared responsibility with cloud providers and data residency among the most important Continue Reading

GCHQ, NSA chiefs recommit to counter cyber threats

UK and US intelligence services reaffirm a joint commitment to disrupt and deter new and emerging cyber threats Continue Reading

Forced on-line by the NHS: to be confused, exploited, ignored, mistreated and/or patronised

All this informed my MSc IT Security final dissertation entitled ‘Inclusion, Confusion and Exclusion – is technology making the Vulnerable more Vulnerable?’ I looked at Social, Financial and ... Continue Reading

Government to legislate to make APP fraud reimbursement mandatory

UK payments regulator wants to reduce the huge sums of money lost to authorised push payment fraud and is calling on the banking and tech industries to play their part Continue Reading

Memento ransomware gang quick to retool for ‘optimum’ outcome

The operators of a new ransomware called Memento are quick to retool for ‘success’ if they run up against a competent defender, says Sophos Continue Reading

Alert over spate of Iran-linked BitLocker attacks

A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets Continue Reading

Sky ECC provided free cryptophones to a Canadian police force

Internal emails disclosed in a US court show how Sky Global supplied sample encrypted phones to a Canadian police force before its phone users became subject to an international police investigation Continue Reading

AstraZeneca looks at the bigger picture in enterprise social media

How do you work with people in different time zones and from different cultures and what happens when people leave the company? Continue Reading

Cryptophone supplier Sky Global takes legal action over US government website seizures

Canadian tech company Sky Global has filed a legal motion claiming that the US government unlawfully seized the company’s internet sites following police investigations into the use of its cryptophones by organised crime Continue Reading

Security startups line up on Cyber Runway

Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator Continue Reading

Zero-days: The next element of the service-based cyber economy?

Digital Shadows researchers have reported on the emergence of zero-days as a service, which could be the next big thing in the cyber criminal underworld Continue Reading

Out of the shadows: The rise of ethical hackers in 2021

Ethical hackers working on the Bugcrowd platform have saved organisations almost $30bn in risk during the Covid-19 pandemic, as the community sheds old stereotypes Continue Reading

Cloud repatriation: Five reasons to repatriate data from cloud

We look at key drivers of cloud repatriation, including cost, compliance, issues around latency and data gravity, reversing poorly planned moves to the cloud, and supplier failure Continue Reading

GovTech to enhance Government on Commercial Cloud

GCC 2.0 will include improvements in user onboarding and provide single credential access to public cloud services and engineering tools, among other areas Continue Reading

One-fifth of NCSC-supported cyber incidents linked to Covid-19

National Cyber Security Centre has helped to thwart multiple cyber incidents that could have seriously disrupted the UK’s response to the pandemic Continue Reading

What are 3 best practices for storage encryption at rest?

Consider the fine print of encrypting data at rest. For example, access control permissions can make or break a storage encryption plan. Continue Reading

Security Think Tank: SASE – more than the sum of its parts?

Airbus Cybersecurity’s Paddy Francis asks what makes an integration of the various components of SASE more the sum of their parts, and what are the benefits and pitfalls? Continue Reading

How cosmetics retailer Lush made over its approach to authentication

Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle Continue Reading

How cosmetics retailer Lush authenticates with ease

In this week’s Computer Weekly, we find out how Lush has modernised user authentication, governed by a desire to care for customer data. We also talk to the chief data officer at Nasa about data as a strategic asset, and the ground of better decision-making. And we foreground a call for the government and the Post Office to compensate victims of the Horizon computer system without delay. Read the issue now. Continue Reading

UK government proposes new rules for digital supply chain security

Proposals could see IT service providers legally required to adhere to the NCSC’s Cyber Assessment Framework, among other things Continue Reading

Government bodies refuse FOI requests on basis of misleading database search times, says academic

The Information Commissioner’s Office tells tribunal it would need to bring in external experts to search data using an Excel spreadsheet Continue Reading

Security Think Tank: What to find out before investing in SASE

Petra Wenham of the BCS shares her thoughts on what organisations need to consider as they investigate whether or not to invest in secure access service edge technology Continue Reading

New law needed to rein in AI-powered workplace surveillance

MPs and peers call for new legislation to regulate the growing use of artificial intelligence in the workplace, which is being used to surveil workers’ performance and behaviour Continue Reading

Oversight of biometrics and surveillance should not go to ICO

Biometrics and surveillance camera commissioner Fraser Sampson has panned the UK government’s proposed plan to absorb the functions of those roles under the remit of the information commissioner Continue Reading

BT applies Covid-19 R number modelling to threat response

A prototype cyber security tool developed at BT uses epidemiological principles to detect and respond to cyber threats Continue Reading

IT Priorities 2022: APAC enterprises invest in digital future

Nearly two-thirds of enterprises in Asia-Pacific plan to increase their IT budgets next year in areas such as cloud computing and cyber security to secure their digital future Continue Reading

AT&T launches a managed SASE offering with Cisco

AT&T aims its latest managed SASE service at enterprises using Cisco hardware. The offering's features range from firewall and secure web gateway functionality to DNS layer security. Continue Reading

HPE’s Aruba networking unit hit by cyber attack

Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key Continue Reading

Finance ombudsman overturns more than three-quarters of bank decisions on APP fraud

The financial services ombudsman is siding with customers in over 75% of complaints against banks that refuse to repay losses to authorised push payment fraud Continue Reading

Scale of crime-as-a-service economy a growing concern, say researchers

The cyber criminal underground continues its evolution towards a service-based economy Continue Reading

The ICO is right to push back against government meddling

Some criticisms of the ICO are justified, but the answer to that is not to give Whitehall more oversight over the data protection regulator, argues legal expert Edward Machin Continue Reading

CW Benelux: Dutch IT company rips up the HR rule book for better work-life balance

One Dutch tech firm has used learnings from the pandemic to rip up its HR rule book and implement an official work-from-home policy. In fact, Infolearn has gone further than hybrid working, with a personal mobility budget for staff and a four-day working week, all with retention of full-time salary. Also in this issue, read how Dutch education administrators appear to be underestimating the threat of cyber crime. Continue Reading

Bank of England loses 161 computing devices in three years

Bank cannot account for phones, laptops and tablets that have gone missing over the past three years Continue Reading

Lloyd v Google Supreme Court verdict brings end to privacy class actions against big tech in UK

A ruling by the Supreme Court has left it financially unviable for individuals to bring class actions in the UK against big tech companies for privacy breaches Continue Reading

Zero trust: Now is the time

The cyber security industry has been talking about a zero-trust approach to security for just over a decade, but now it’s time to move towards full implementation because it is more appropriate than ever, and it is rapidly gaining support from suppliers Continue Reading

Dutch education administrators underestimate threat of cyber crime

 Continue Reading

The Netherlands still lacks digital resilience, says report

 Continue Reading

November Patch Tuesday drop fixes bugs in Excel, Exchange Server

Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited Continue Reading

EU artificial intelligence regulation risks undermining social safety net

Europe’s proposed artificial intelligence regulation will not adequately protect people from European governments' increasing use of the technology in social security decisions and resource allocation, says Human Rights Watch Continue Reading

Digital surveillance of remote workers may increase enterprise risk

From productivity tools to security threats, we explore how digital surveillance is forcing remote workers towards shadow IT Continue Reading

How to manage endpoint security in a hybrid work environment

The future of the workplace is clearly hybrid, but this has untold implications around endpoint security. How can businesses overcome these? Continue Reading

Yoti develops age estimation algorithm for under-13s

Age estimation technology developed by Yoti is being pitched as a way of helping social media platforms and other online businesses protect younger internet users from harm Continue Reading

The Secret IR Insider’s Diary – this is not a fashion show

In the latest pages taken from their diary, the Secret IR Insider reveals why organisations should be worried about every threat, not just the latest and greatest Continue Reading

US seeks to extradite REvil affiliate who attacked Kaseya

US Department of Justice unseals charges against a Ukrainian national accused of being behind the summer 2021 REvil ransomware attack on Kaseya Continue Reading

How a cloud-first strategy helped save animals in the pandemic

In this week’s Computer Weekly, we talk to the RSPCA about how its cloud-first strategy helped to save animals throughout the pandemic. Data warehouses have been part of the IT landscape for 30 years – but are they now old technology, and what’s next? And we assess how Brexit has affected risk and resilience in the datacentre. Read the issue now. Continue Reading

REvil associates arrested in international ransomware crackdown

Two individuals suspected of conducting 5,000 REvil ransomware attacks were arrested by Romanian police last week as an international crackdown on the crime gang gathers pace Continue Reading

Gig economy workforce nearly trebles over five years

Over four million people in England and Wales now work for gig economy platforms at least once a week, marking a nearly threefold increase since 2016 Continue Reading

Watching me, watching you – challenging the rise of digital surveillance at work

Unprecedented levels of digital monitoring at work is embedding a culture of surveillance, despite workers’ opposition to the practices, says Prospect Union Continue Reading

How cosmetics retailer Lush made over its approach to authentication

Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle Continue Reading

Shock horror... Humans used for security validation instead of AI/M-L!

As a judge on the Tech Trailblazers awards, I can assure you of two security-related actuality wotsits: The onslaught of security start-ups is anything but slowing down; this year has seen a record ... Continue Reading

Splunk’s cloud shift is paying off in APAC

Splunk’s Asia-Pacific business is growing faster than the rest of the company, but it’s not resting on its laurels Continue Reading

Technology spending reaches record levels, fuelling jobs boom

Spending on IT has reached its highest levels for a decade but a shortage of skilled IT professionals could dampen growth Continue Reading

Immutable snapshots aim to neutralise ransomware

Snapshots – usually immutable anyway – get functionality to stop ransomware intruders moving or deleting snapshots, so customers know they have clean copies of data to restore from Continue Reading

US offers $10m reward for intel on DarkSide ransomware gang

US government puts up a $10m reward for information on the DarkSide ransomware gang, the group that attacked Colonial Pipeline six months ago Continue Reading

Managing supply chain risk requires new priorities, tools

Understanding that cost may not be the top driver in supply chain risk management is critical in the new normal. Learn why and what technologies can help. Continue Reading

The Netherlands works on resilience with large-scale national cyber exercise

For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care Continue Reading

A For Automation

You might think that 3+ decades into the life of dedicated IT security products that said security landscape would be clearly defined and managed. In reality, it is anything but. The problem is not ... Continue Reading

Spyware firm NSO and others added to US banned Entity List

US government bans target Israeli spyware makers and cyber firms in Russia and Singapore Continue Reading

Facebook self-imposes facial recognition moratorium

Facebook and Meta have committed to halting their use of facial recognition technology and deleting the biometric data of more than a billion people by the end of 2021, but will retain the underlying algorithms and software for potential use in future products Continue Reading

UK’s Labour Party hit by third-party data breach

Data on Labour Party members was recently compromised in an apparent cyber attack on a third-party data processor Continue Reading

Security Think Tank: SASE – marketing buzz or the future of security?

SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading

BlackMatter ransomware crew shuts down, leaves victims in a bind

The BlackMatter ransomware gang appears to be winding down its activities, possibly due to pressure from law enforcement Continue Reading

Adelaide healthcare network digitises manual processes

The Central Adelaide Local Health Network has digitised manual processes in more than 20 speciality areas to improve patient experience and alleviate the workloads of frontline staff Continue Reading

Electronic waste excluded from COP26 agenda

Data sanitation industry group calls on UK government to add electronic waste to the climate summit’s agenda Continue Reading

Convicted Silk Road admin stripped of £500k in crypto earnings

Jailed Silk Road administrator Thomas White, aka Cthulhu, has been ordered to hand over more than £490,000 of illicit earnings Continue Reading