IT security
-
News
30 Apr 2025
Current SaaS delivery model a risk management nightmare, says CISO
JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience Continue Reading
-
News
30 Apr 2025
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack Continue Reading
-
E-Zine
08 Dec 2022
CW Europe: Finland prepares for drone technology take-off
Finland is preparing for a future where it could rely on flying drone technology. Read about its plans in this issue. Also find out how a PhD student in the Netherlands is helping to detect hidden messages on the internet by using steganography. Continue Reading
- 08 Dec 2022
-
News
08 Dec 2022
Australia to develop new cyber security strategy
New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading
-
News
07 Dec 2022
Rackspace email outage confirmed as ransomware attack
An ongoing outage affecting Rackspace email customers is the result of a ransomware attack Continue Reading
-
News
07 Dec 2022
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
-
Opinion
07 Dec 2022
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
News
06 Dec 2022
Legacy IT magnifies cyber risk for Defra, says NAO
Some 30% of Defra’s applications are currently unsupported, magnifying cyber risk as the government department struggles to make progress on a digital transformation programme Continue Reading
-
News
06 Dec 2022
Industrial IoT focus of next NCSC startup challenge
The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading
-
News
06 Dec 2022
EU fails to protect human rights in surveillance tech transfers
Transfers of surveillance technology from the European Union to African governments are carried out without due regard for the human rights impacts, the European Ombudsman has found after a year-long investigation into the European Commission’s management of an aid fund Continue Reading
-
News
06 Dec 2022
Don’t become an unwitting tool in Russia’s cyber war
Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack? Continue Reading
-
Podcast
06 Dec 2022
AWS mutes trash talk at Re:Invent – Computer Weekly Downtime Upload podcast
The team chats through the AWS Re:Invent conference, as well as an initiative for getting young women into cyber security, and how SAP Build travelled from Vegas to SAP users in Birmingham Continue Reading
-
06 Dec 2022
Is Elon Musk’s Twitter still safe, and should you stop using the platform?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use. Continue Reading
-
E-Zine
06 Dec 2022
Is Twitter still safe, and should you stop using the platform?
In this week’s Computer Weekly, with a litany of security and compliance issues caused by Elon Musk’s takeover of Twitter, we ask if it’s still safe for enterprises. Our latest buyer’s guide examines the technologies and best practices behind data visualisation. And we look at the emerging devices for accessing the metaverse. Read the issue now. Continue Reading
-
News
05 Dec 2022
Fake investment ads persist on Meta’s social networks
Online adverts for investment scams relating to property and crypto assets are still getting past measures designed to stop them Continue Reading
-
News
05 Dec 2022
Cohesity doubles down on cyber-defence failings via backup
Datahawk service and Data Security Alliance bring clean data restores, ransomware artefact detection, data vaulting and data audit for a clearer understanding of attack impact Continue Reading
-
News
05 Dec 2022
French cyber consultancy Hackuity sets up UK operation
Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading
-
Opinion
05 Dec 2022
Security Think Tank: The more you buy, the less you protect
The most important lesson learned this year is that the more controls you have in place, the less secure you become, argues 2-sec’s Tim Holman Continue Reading
-
Definition
02 Dec 2022
User Principal Name (UPN)
In Microsoft Active Directory, a User Principal Name (UPN) is a username and domain in an email address format. Continue Reading
-
News
02 Dec 2022
Twitter ‘replacement’ Hive Social shuts off service in privacy alert
Hive Social, a recently established social media network, has temporarily closed its servers to address deep structural privacy issues identified by ethical hackers Continue Reading
-
News
01 Dec 2022
MI6 chief’s hacked emails attacked MI5 and betrayed British spy operations in China
Former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. His emails were hacked and then leaked – probably by Russian intelligence Continue Reading
-
News
01 Dec 2022
LastPass probes new cyber incident related to August attack
The August 2022 cyber attack on LastPass seems to have begat another incident, according to company CEO Karim Toubba Continue Reading
-
Opinion
01 Dec 2022
Ransomware: Is there hope beyond the overhyped?
Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading
-
News
30 Nov 2022
Microsoft 365 banned in German schools over privacy concerns
German schools cannot legally use Microsoft Office 365 over lack of clarity about how data is collected, shared and used, as well as the potential for unlawful transfer of European citizens’ personal data to the US Continue Reading
-
News
30 Nov 2022
South Staffs Water customer data leaked after ransomware attack
Personal data of water utility’s direct debit customers exposed on the dark web following a Clop ransomware attack Continue Reading
-
News
30 Nov 2022
Latest LockBit ransomware versions have wormable capabilities
Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter Continue Reading
-
News
30 Nov 2022
NIS regulations to be extended to cover MSPs
The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope Continue Reading
-
Opinion
30 Nov 2022
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
News
29 Nov 2022
AWS doubles down on data management
Cloud giant Amazon Web Services declares a bold vision to eliminate the need to extract, transform and load data alongside other efforts to address business problems in domains like cyber security and logistics Continue Reading
-
Opinion
29 Nov 2022
Chartered status and aligned standards are crucial for the UK's cyber sector
As the UK moves closer to ushering in the world’s first chartered cyber professionals, the UK Cyber Security Council’s Simon Hepburn outlines the sector’s defining moment Continue Reading
-
News
29 Nov 2022
Cyber criminals exploiting naked TikTok ‘challenge’
Malware operators lured targets by promising them they would be able to view nude videos of TikTok users Continue Reading
-
News
29 Nov 2022
‘Legal but harmful’ clause dropped from Online Safety Bill
Online Safety Bill’s ‘legal but harmful’ provision will be dropped by the UK government in favour of public risk assessments, tools to help users control the content they consume, and new criminal offences around self-harm Continue Reading
-
Feature
29 Nov 2022
How gamifying cyber training can improve your defences
Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading
-
29 Nov 2022
Trustpilot gets agile to build trust online
Consumer reviews website Trustpilot has built and scaled its IT security team and is now turning to agile methods and DevSecOps to further enhance its cyber capabilities, as CISO Stu Hirst explains. Continue Reading
-
E-Zine
29 Nov 2022
How to stop data retention from killing the planet
In this week’s Computer Weekly, there’s a hidden environmental cost to the vast volumes of data being generated – we examine what can be done to address it. We talk to the CISO of consumer reviews site Trustpilot, about building trust in IT security. And we look at what IT leaders can do if they inherit a toxic team environment. Read the issue now. Continue Reading
-
Opinion
28 Nov 2022
Protecting children as they spend years in virtual worlds
To protect children online, we must now focus on pre-emptive and robust regulation around immersive technologies Continue Reading
-
News
28 Nov 2022
Panzura partners with AWS on ransomware counter-measures
Panzura might have slipped beneath the waves, but it’s come back reinvigorated, and now boasts integration with AWS with ransomware protection and Outposts hardware Continue Reading
-
Feature
28 Nov 2022
Ransomware: Practical tips to improve resiliency
With ransomware attacks on organisations increasing, the question is not if an attack will happen, but when. We look at ways to minimise the impact of such an attack Continue Reading
-
News
27 Nov 2022
Plexal inducts six into cyber leadership scheme
Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders Continue Reading
-
News
25 Nov 2022
Data management, backup becoming the CISO's responsibility
More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year Continue Reading
-
News
24 Nov 2022
Not-for-profit aims to encourage 1,300 girls into cyber careers
CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading
-
E-Zine
24 Nov 2022
CW Nordics: Icelandic datacentres point way to greener IT
Iceland may soon become even more attractive to firms wanting to minimise their carbon footprint while using high-performance computing services. Read more about it in this issue. Also find out how a robo investment company, Nord Investments, is harnessing open banking to make thing easier for its clients. Continue Reading
- 24 Nov 2022
-
Opinion
24 Nov 2022
Your staff are the frontline in your ransomware fight
As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading
-
News
23 Nov 2022
How APAC organisations are hiring cyber security pros
Hiring managers in cyber security are turning to existing employees in non-IT roles and providing professional development for junior-level staff to plug the talent gap Continue Reading
-
News
23 Nov 2022
UK police arrest 120 in largest-ever cyber fraud crackdown
The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police Continue Reading
-
News
23 Nov 2022
South Korea data adequacy pact brings £15m Brexit bonus
UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m Continue Reading
-
News
23 Nov 2022
Red team tool developer slams ‘irresponsible’ disclosure
UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors Continue Reading
-
News
23 Nov 2022
Dutch national cyber security strategy aims to protect digital society
Cabinet sets up national cyber security strategy to make the Netherlands digitally secure Continue Reading
-
News
22 Nov 2022
Ducktail spins new tales to hijack Facebook Business accounts
The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts Continue Reading
-
News
22 Nov 2022
Killnet DDoS hacktivists target Royal Family and others
Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks Continue Reading
-
News
22 Nov 2022
C-suite mystified by cyber security jargon
Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders Continue Reading
-
22 Nov 2022
Cyber criminals have World Cup Qatar in their sights as tournament kicks off
Malicious cyber activity around the FIFA World Cup was ticking upwards even before the opening game, with threats likely to present themselves in great numbers and many forms throughout the event. Continue Reading
-
E-Zine
22 Nov 2022
Cyber criminals target World Cup Qatar 2022
In this week’s Computer Weekly, as the FIFA World Cup opens in Qatar, we examine the cyber security threats from criminals targeting the event. We report from the Gartner Symposium on the latest predictions for enterprise software development. And we talk to the CIO of Kyiv City Council about managing IT in the shadow of war. Read the issue now. Continue Reading
-
Opinion
21 Nov 2022
Ransomware preparedness: The long road ahead
Is your organization ready for ransomware? A recent survey shows that businesses in a variety of industries are all struggling with ransomware prevention and recovery. Continue Reading
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
-
News
21 Nov 2022
NHS federated data platform must avoid repeating Care.data mistakes, says national data guardian
UK’s national data guardian agrees with the ambitions of the platform, but warns that the programme must avoid ‘common pitfalls around trust and transparency’ Continue Reading
-
News
21 Nov 2022
NHS trust that deleted up to 90,000 emails cleared of deliberately concealing evidence
A tribunal found in a high-profile case brought by whistleblower Chris Day that an NHS trust had not deliberately concealed evidence when a director deleted up to 90,000 emails before he was due to testify Continue Reading
-
Feature
21 Nov 2022
Ransomware, storage and backup: Impacts, limits and capabilities
We look at the impact of ransomware on storage and backup, how storage and data protection can best be used to combat ransomware, and how they fit in the fight against it Continue Reading
-
News
18 Nov 2022
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use Continue Reading
-
Definition
18 Nov 2022
pen testing (penetration testing)
A penetration test, also called a pen test or ethical hacking, is a cybersecurity technique that organizations use to identify, test and highlight vulnerabilities in their security posture. Continue Reading
-
News
18 Nov 2022
New gold standard to protect good faith hackers
HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking Continue Reading
-
News
18 Nov 2022
CyberPeace Institute helps NGOs improve their security resilience
Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people Continue Reading
-
News
18 Nov 2022
Enterprises embrace SD-WAN but miss benefits of integrated approach to security
Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading
-
News
17 Nov 2022
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching Continue Reading
-
News
17 Nov 2022
Scottish government to pilot digital identity platform in early 2023
Pilot of Scotland’s digital identity platform will be run in partnership with Disclosure Scotland, using secure sign-on and identity verification Continue Reading
-
News
17 Nov 2022
HMRC will begin migration from Government Gateway to One Login in summer 2023
One Login for Government programme has the objective of simplifying access to central government, says HMRC chief technology and design officer Continue Reading
-
News
16 Nov 2022
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading
-
Opinion
16 Nov 2022
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
News
15 Nov 2022
APP fraud volumes expected to double by 2026, says report
Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue Continue Reading
-
15 Nov 2022
How to prepare for ransomware
We look at ways to protect against ransomware attacks and how to manage such attacks when they happen. Continue Reading
-
E-Zine
15 Nov 2022
How to protect against ransomware attacks
In this week’s Computer Weekly, we look at how to prepare for and protect against ransomware, and what to do if you’re hit by an attack. We gauge industry reaction to Ofcom’s plan to investigate the big three cloud providers. And we find out how travel giant TUI is implementing self-service analytics. Read the issue now. Continue Reading
-
News
15 Nov 2022
Inside Singapore’s public sector IT strategy
Adopting a platform approach with products that can scale across the board and building a strong engineering bench are some of the key aspects in Singapore’s public sector IT strategy Continue Reading
-
News
14 Nov 2022
How Google and Mandiant are forging synergies in cyber security
Google’s AI smarts and Mandiant’s intelligence on new and emerging threats could lay the foundation of proactive security Continue Reading
-
Opinion
14 Nov 2022
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
Feature
14 Nov 2022
How to prepare for ransomware
What are the best practices you should use to protect against ransomware attacks and manage such attacks when they do happen? Continue Reading
-
News
13 Nov 2022
Online scam victims lose an average of £1,000 each
New data from the National Fraud Intelligence Bureau shows victims of online fraud lose an average of £1,000 per person Continue Reading
-
Opinion
11 Nov 2022
Cyber insurance: The good, the bad and the ugly
Most cyber insurance contracts are innately flawed because they exclude losses arising from state-backed cyber attacks, and this will make proper attribution even more important in the future, says Cisco Talos’ Martin Lee Continue Reading
-
News
11 Nov 2022
Volume of self-reported breaches to ICO jumps 30%
The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022 Continue Reading
-
News
11 Nov 2022
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products Continue Reading
-
Opinion
11 Nov 2022
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
News
10 Nov 2022
Cyber criminals have World Cup Qatar 2022 in their sights
Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so Continue Reading
-
Opinion
10 Nov 2022
All means all when it comes to encryption
Nigel Thorpe, technical director at SecureAge, makes the case for encrypting everything all of the time when it comes to protecting data Continue Reading
-
E-Zine
10 Nov 2022
CW Benelux: Heineken finds the right brew for digital
Heineken’s data management director has revealed some of the ways the company is using information technology to transform digitally. Also read how a PhD student in the Netherlands is detecting hidden messages on the internet by exploring the practice of steganography. Continue Reading
- 10 Nov 2022
-
News
09 Nov 2022
Optus earmarks A$140m to cover cost of data breach
Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers Continue Reading
-
Definition
09 Nov 2022
What is Wi-Fi Piggybacking?
Piggybacking, in the context of Wi-Fi, is the use of a wireless connection to gain access to the internet without proper authority. Continue Reading
-
News
09 Nov 2022
UK’s National Cyber Advisory Board convenes for first time
Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online Continue Reading
-
News
09 Nov 2022
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity Continue Reading
-
News
09 Nov 2022
Why Sophos is bullish on managed security services
Sophos has grown its managed detection and response business to more than $100m over the last three years as more organisations grapple with the increasingly complex cyber security landscape Continue Reading
-
Opinion
09 Nov 2022
Security Think Tank: Anti-ransomware strategies should be as easy as ABC
When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading
-
News
08 Nov 2022
NortonLifeLock, Avast debut new ‘Gen’ identity
The combined NortonLifeLock and Avast consumer cyber business, Gen, says it will serve over 500 million customers worldwide Continue Reading
-
E-Zine
08 Nov 2022
How the US-China chip war will affect IT leaders
In this week’s Computer Weekly, as the US ramps up semiconductor sanctions on China, we examine the ramifications across the tech sector. Cyber criminals are turning to new forms of encryption – we talk to the Dutch researchers trying to catch them. And we look at what cloud providers need to do to improve customer experience. Read the issue now. Continue Reading
-
07 Nov 2022
Probing the secrets of the internet
Research in the Netherlands is focused on detecting hidden messages on the internet. Continue Reading
-
News
07 Nov 2022
Public sector IT projects need ethical data practices from start
Data ethics needs to be integrated into public sector IT projects from the very start, and considered throughout every stage of the process, to be effective Continue Reading
-
News
07 Nov 2022
Department for Education escapes £10m fine over data misuse
Department entrusted data on 28 million children to a company called Trustopia, which turned out to be anything but trustworthy, but has escaped a £10m fine under new rules Continue Reading
-
News
07 Nov 2022
Keeping personally identifiable data personal
As it celebrates its 100th birthday, the BBC has begun a pilot looking into its role in enabling the general public to store their personal data Continue Reading
-
Opinion
07 Nov 2022
To fight ransomware, we must treat digital infrastructure as critical
Ransomware defence is failing because we don’t view our digital infrastructure in the same way as our physical infrastructure, argues Elastic’s Mandy Andress Continue Reading
-
News
04 Nov 2022
Elon Musk begins mass Twitter layoffs via email
New Twitter owner Elon Musk has begun the process of cutting the company’s workforce in half, but is already facing a legal backlash for allegedly violating US labour laws Continue Reading
-
News
04 Nov 2022
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare Continue Reading
-
Opinion
04 Nov 2022
Security Think Tank: Ransomware and CISOs’ balancing act
Ransomware has the potential to cause irreversible business damage, so CISOs should consider not only protection but also response and recovery Continue Reading
