IT security
-
News
30 Apr 2025
Current SaaS delivery model a risk management nightmare, says CISO
JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Apr 2025
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Oct 2022
Security regulation cuts online payment fraud at 73% of retailers
New online payments security standard, Strong Customer Authentication (SCA), sees immediate fall in fraudulent payments to retailers Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
03 Oct 2022
CIO interview: James Fleming, Francis Crick Institute
Francis Crick Institute CIO discusses how Europe’s largest biomedical research institute has co-developed a framework for data sharing Continue Reading
By- Cliff Saran, Managing Editor
-
News
30 Sep 2022
Surveillance tech firms complicit in MENA human rights abuses
Research finds companies are profiting from surveillance technologies that facilitate human rights abuses against migrants, asylum seekers and refugees in the Middle East and North Africa, with little to no oversight Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Feature
30 Sep 2022
Dutch PhD project aims to automate discovery and deciphering of steganography
Meike Kombrink, a PhD student in the Netherlands, is focused on detecting hidden messages on the internet Continue Reading
By- Kim Loohuis
-
Tip
29 Sep 2022
The 5 principles of zero-trust security
Zero trust is a journey, not a destination. Ensure your corporate network is safe from internal and external threats by implementing these five principles of zero-trust security. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
29 Sep 2022
Five startups to join NCSC for Startups initiative
The NCSC has invited five startups to join its NCSC for Startups programme to help the government with pressing cyber challenges facing the UK Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
29 Sep 2022
Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC
Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
29 Sep 2022
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia Continue Reading
-
News
28 Sep 2022
UK suffers third highest number of ransomware attacks globally
Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
28 Sep 2022
Whistleblower Peter Duffy calls for oversight of NHS records to prevent evidence tampering
A whistleblower has called for greater oversight in the handling of ‘safety-critical digital information’ across the NHS, in light of a number of cases that raise questions about data governance and record-keeping within the health service Continue Reading
By- Tommy Greene
-
News
28 Sep 2022
Data protection in Finland, four years after GDPR came into force
Data privacy has always been a big concern in Finland, so the country naturally has a lot to say about the General Data Protection Regulation four years on Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
Opinion
28 Sep 2022
Security Think Tank: Three steps to a solid DevSecOps strategy
Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first Continue Reading
By- Cate Pye and Farrukh Ahmad
-
News
28 Sep 2022
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
27 Sep 2022
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Blog Post
26 Sep 2022
Why identity security is the cornerstone of ASEAN's digital economy
This is a guest post by Chern-Yue Boey, senior vice-president for Asia-Pacific at SailPoint Southeast Asia has been heralded as the up-and-coming region, and with good reason. Over the past decade, ... Continue Reading
By- Aaron Tan, TechTarget
-
News
26 Sep 2022
Bank warns of spike in online cost-of-living scams
Fraudsters are exploiting the cost-of-living crisis by tricking people into sending money to help friends and relatives pay bills, TSB has warned Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
Answer
26 Sep 2022
Where does security fit into a business continuity plan?
Cybersecurity breaches are a prominent threat to business continuity today. Make sure your security and BCDR teams are in sync to recover data in a crisis. Continue Reading
By- Mitch Lewis, Evaluator Group
-
News
26 Sep 2022
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials Continue Reading
By- Duncan Campbell , 2QQ Ltd, Sussex University
-
News
26 Sep 2022
More than 30 startups to join Plexal’s Cyber Runway accelerator
Now in its second year, the Cyber Runway accelerator has been designed to support firms at various stages of growth, as well as help the cyber security sector to improve on its diversity, inclusion and regional representation Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
23 Sep 2022
Conversation between two police officers formed basis of EncroChat warrant, court hears
The National Crime Agency did not seek a written explanation of a French hacking technique before applying for a surveillance warrant to use French “intercept” in the UK, a court heard Continue Reading
By- Bill Goodwin, Computer Weekly
-
Opinion
23 Sep 2022
It’s time for engineering teams to own DevSecOps
It may seem counterintuitive, but maybe organisations should consider delegating responsibility for DevSecOps to engineering teams, not security teams, argues Elastic’s Mandy Andress Continue Reading
By- Mandy Andress, Elastic
-
Definition
23 Sep 2022
Google dork query
A Google dork query, sometimes just referred to as a dork, is a search string or custom query that uses advanced search operators to find information not readily available on a website. Continue Reading
-
News
23 Sep 2022
NCA ‘deliberately concealed’ information when it applied for EncroChat warrants, tribunal hears
Investigatory Powers Tribunal hears that the National Crime Agency made ‘serious and fundamental errors’ Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
23 Sep 2022
Threat actors abused lack of MFA, OAuth in spam campaign
Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Sep 2022
How Great Eastern is transforming its IT organisation
Singapore-based insurer Great Eastern made painstaking efforts to rid itself of legacy systems and transformed its IT organisation to become nimbler by building up its cloud and DevOps capabilities Continue Reading
By- Aaron Tan, TechTarget
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
By- Gerard O'Dwyer
-
News
22 Sep 2022
Inside SolarWinds’ observability playbook
SolarWinds’ CEO Sudhakar Ramakrishna talks up the company’s observability playbook and offers a glimpse into its technology roadmap Continue Reading
By- Aaron Tan, TechTarget
-
News
22 Sep 2022
ALPHV/BlackCat ransomware family becoming more dangerous
Researchers from Symantec share fresh insight into the ongoing development of the ransomware-as-a-service family known variously as ALPHV, BlackCat and Noberus Continue Reading
By- Alex Scroxton, Security Editor
-
News
22 Sep 2022
Dr Martens goes feetfirst into cloud-to-cloud backup
Iconic bootmaker laces up for a strategy to move all applications to the cloud, beginning with cloud-to-cloud backup for Microsoft 365 apps plus on-site VMware operations Continue Reading
By- Antony Adshead, Storage Editor
-
News
22 Sep 2022
Privacy Pledge signatories dream of alternative internet
A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Sep 2022
NCSC publishes cyber guidance for retailers
The NCSC has published tailored advice to support online retailers, hospitality providers and utility services in protecting themselves and their customers from cyber crime Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Sep 2022
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Sep 2022
ANZ organisations using antiquated backup and recovery systems
Nearly half of ANZ organisations are still using backup and recovery systems from over a decade ago, hampering their ability to protect their data assets and recover from ransomware attacks Continue Reading
-
News
20 Sep 2022
Thousands of customers affected in Revolut data breach
Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
20 Sep 2022
IHG attackers phished employee to deploy destructive wiper
A couple from Vietnam who claim to be behind a destructive wiper cyber attack on hotel operator IHG told the BBC how they orchestrated their operation Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Sep 2022
Reports Uber and Rockstar incidents work of same attacker
Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
20 Sep 2022
A gold medal performance for networking
In this week’s Computer Weekly, we find out how the IT team behind the 2022 Commonwealth Games in Birmingham delivered a winning performance. We also look at how the centuries-old London insurance market is going digital, thanks to Lloyd’s of London. And we find out how low-cost high street stores succumbed to the inevitable and are going online. Read the issue now. Continue Reading
-
Definition
19 Sep 2022
cryptojacking
Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency. Continue Reading
By- Nick Barney, Technology Writer
-
News
16 Sep 2022
Six new vulnerabilities added to CISA catalogue
CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010 Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Sep 2022
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist Continue Reading
By- Alex Scroxton, Security Editor
-
15 Sep 2022
Cloudflare: Our network is our product
Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats. Continue Reading
-
News
15 Sep 2022
EU Cyber Resilience Act sets global standard for connected products
European Commission lays out proposed security regulations on device and software security to better protect consumers and drive global standards Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Sep 2022
Nominations closing soon for annual cyber awards
Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Sep 2022
New player pioneers ‘active cyber insurance’ for UK market
Arrival of US-based insurer Coalition in London will supposedly offer SMEs more options when it comes to cyber security insurance Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Sep 2022
Organisations failing to account for digital trust
The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Sep 2022
US charges three Iranians over CNI cyber attacks
Three Iranian nationals have been indicted over a spate of ransomware attacks against organisations in the US, UK, Israel and Iran Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
Ex-CISA head Krebs: Disrupt ransomware support networks to win the war
Speaking at an event hosted by data protection specialist Rubrik, former CISA director Chris Krebs calls for the security community to work collectively to kick out the supports from under ransomware gangs Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
NCSC warns public of potential Queen-related phishing attacks
The National Cyber Security Centre is urging users to be on guard against phishing attacks during the period of national mourning for the Queen Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
DDoS attacks on UK financial sector surged during Ukraine war
A quarter of cyber security incidents reported to the Financial Conduct Authority in the first six months of 2022 involved DDoS, with a likely link to events in Ukraine Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
13 Sep 2022
data masking
Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. Continue Reading
By -
Definition
13 Sep 2022
computer worm
A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems. Continue Reading
By- Crystal Bedell
- Peter Loshin, Former Senior Technology Editor
- Katie Terrell Hanna
-
News
13 Sep 2022
Cloud compromise a doddle for threat actors as victims attest
Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Users warned over Azure Active Directory authentication flaw
Secureworks researchers found what they say is a serious vulnerability in an Azure Active Directory authentication method, but Microsoft says it should not pose a serious risk to users Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Blancco works with charity to provide IT for African schools
Blancco is providing data sanitisation and erasure software to The Turing Trust so that old IT equipment can be securely reused by school children in Sub-Saharan Africa, instead of adding to world’s growing e-waste problem Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
13 Sep 2022
Multi-persona impersonation adds new dimension to phishing
Iranian APT used multiple personas on a single email thread to convince targets of the legitimacy of its phishing lures Continue Reading
By- Alex Scroxton, Security Editor
-
13 Sep 2022
How Okta is working to regain customer trust after a cyber attack
Earlier this year, cyber firm Okta was one of several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King describes how he has been working to rebuild confidence after the incident. Continue Reading
-
E-Zine
13 Sep 2022
Source responsibly: Tech sector efforts to root out forced labour are failing
In this week’s Computer Weekly, we analyse the technology industry’s failure to extirpate forced labour and slavery from its supply chains. We find out how cyber security firm Okta is rebuilding customer trust after a major security incident. And we discover how Caterpillar is modernising its data management to offer better customer service. Read the issue now. Continue Reading
-
Definition
13 Sep 2022
air gap (air gapping)
An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Definition
12 Sep 2022
ISO date format
The International Organization for Standardization (ISO) date and time format is a standard way to express a numeric calendar date -- and optionally time -- in a format that eliminates ambiguity between entities. Continue Reading
-
Opinion
12 Sep 2022
How data security posture management complements CSPM
Data security posture management can provide comprehensive defense-in-depth security for cloud data. Find out more about how DSPM policies move with the data. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
12 Sep 2022
Mandiant floats off into Google Cloud
As planned, the acquisition of Mandiant will see the threat intel and incident response giant become a part of Google’s Cloud business Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
09 Sep 2022
CW Europe: Why Russia could become the world’s biggest market for illegal IT
Faced with international sanctions and the departure of many global IT suppliers from Russia, companies there are seeking alternative, and sometimes illegal, routes to access IT products. Also read how new requirements are driving scientists and engineers in Europe back to the lab to start developing 6G technology. Continue Reading
-
Opinion
09 Sep 2022
Security Think Tank: Adding trust to AppSec and DevSecOps
When building in trust and assurance into app development through standards, it is critically important not to stifle innovation Continue Reading
By- Rowland Johnson
-
News
08 Sep 2022
NCSC CyberUK event heads to Belfast in 2023
National Cyber Security Centre’s annual CyberUK roadshow is crossing the Irish Sea to Belfast in April 2023 Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
08 Sep 2022
data integrity
Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so. Continue Reading
By- Stephen J. Bigelow, Senior Technology Editor
-
News
08 Sep 2022
Chinese APT using PlugX malware on espionage targets
China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading
By- Alex Scroxton, Security Editor
-
Podcast
08 Sep 2022
Does quantum matter? A Computer Weekly Downtime Upload podcast
In this special edition of the Computer Weekly Downtime Upload podcast, Ilyas Khan, CEO of Quantinuum, discusses the quantum computing revolution Continue Reading
By- Cliff Saran, Managing Editor
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
By- Kim Loohuis
-
Opinion
08 Sep 2022
Security Think Tank: Creating a DevSecOps-friendly cyber strategy
When slowing down is not an option, you need to find a security strategy that is DevSecOps friendly, says Airbus Protect’s Olivier Allaire Continue Reading
By- Olivier Allaire, Airbus Protect
-
News
08 Sep 2022
India’s wake-up call on health data privacy
Health app developers and industry watchers in India are keeping an eye on data privacy following the reversal of the Roe vs Wade ruling in the US Continue Reading
By- Pratima Harigunani
-
News
07 Sep 2022
Albania cuts diplomatic ties with Iran after cyber attack
In a global geopolitical first, the Albanian government has severed diplomatic ties with Iran and expelled its ambassador after it was targeted by an APT backed by Tehran Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
07 Sep 2022
privacy compliance
Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation. Continue Reading
By- Stephen J. Bigelow, Senior Technology Editor
- Ben Cole, Executive Editor
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Hotel group IHG confirms cyber attack after two-day outage
IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Cyber threats to Europe’s grid: Utilities rethink strategy
The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals Continue Reading
By- Gordon Feller
-
Opinion
07 Sep 2022
Security Think Tank: The many dimensions of DevSecOps
It is imperative to make our colleagues and customers know that when we talk DevSecOps, we are facing a multiphase challenge that starts at the very beginning of DevOps, and one that never ends Continue Reading
By- Alejandro Bernal
-
News
07 Sep 2022
Digital identity is key to coping with surge in air travel
The International Air Transport Association’s One ID digital identity initiative will pave the way for seamless air travel from curb to gate and help airports cope with growing passenger traffic Continue Reading
By- Aaron Tan, TechTarget
-
News
06 Sep 2022
Companies House to introduce digital ID system
Companies House will introduce a digital identity verification process for people wanting to register and run a company in the UK Continue Reading
By -
News
06 Sep 2022
Campaigners call on Truss to change UK’s archaic hacking laws
The CyberUp coalition, a campaign to reform the Computer Misuse Act, has called on Liz Truss to push ahead with needed changes to protect cyber pros from potential prosecution Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Sep 2022
Bus company Go-Ahead fighting off cyber attack
Go-Ahead Group, which operates bus companies around the UK, says it is in the process of dealing with a cyber attack that may cause disruption to services Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Sep 2022
Saudi Arabian organisations choose to outsource to improve cyber security posture
Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
E-Zine
06 Sep 2022
Out with the old at Asda
In this week’s Computer Weekly, we talk to Asda’s CIO, Carl Dawson, about the supermarket’s cloud-oriented renovation of its technology stack. We narrate the security woes at Twitter. And we examine best practices for data backup. Read the issue now. Continue Reading
-
05 Sep 2022
Alleged Twitter security failings spell trouble
Twitter’s former security head, Peiter Zatko, has alleged a number of serious cyber failures at the social media company, raising the spectre of investigations and sanctions. Continue Reading
-
Opinion
05 Sep 2022
Data-driven government needs practical steps
We should build data platforms for government with the same techniques used in creating anything digital, argues Jim Stamp, head of data at Made Tech Continue Reading
By- Jim Stamp
-
News
05 Sep 2022
Russian-speaking cyber criminals feel economic pinch
Russian-speaking cyber criminals are being forced to refine and adapt their techniques as Vladimir Putin’s invasion of Ukraine makes current methods redundant Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
05 Sep 2022
How Okta is regaining customer trust after a cyber attack
In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
05 Sep 2022
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
By -
News
02 Sep 2022
Dutch government finally allowed to use public cloud
Public cloud is finally within reach for Dutch public services. Previously, the Dutch government was only allowed to use private clouds due to risks concerning privacy and security Continue Reading
By- Kim Loohuis
-
Opinion
02 Sep 2022
Security Think Tank: Shift left, shift right. What about shift everywhere?
The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
By- Paul Holland, Information Security Forum
-
News
01 Sep 2022
Space nerds beware: James Webb images used to spread malware
Astronomy and space aficionados are being targeted by cyber criminals exploiting some of the now-famous images captured by Nasa’s James Webb Space Telescope to distribute malware Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Sep 2022
Local authorities experience 10,000 attempted cyber attacks every day
Local authorities across the UK face a daily deluge of cyber incidents, with phishing and DDoS attacks the most prevalent, according to an insurance broker Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Sep 2022
Swedish Electronics Protection Act coincides with major cyber spend
Swedish cyber security law comes at a time of heavy government investment Continue Reading
By- Gerard O'Dwyer
-
News
01 Sep 2022
New (ISC)² cyber careers schemes go live
(ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
01 Sep 2022
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access management alongside cyber security and application security Continue Reading
By- Andrew Morris, Turnkey Consulting
-
Tip
31 Aug 2022
Use ISO/TS 22317:2021 to shape your business impact analysis
ISO/TS 22317:2021 is a useful tool for BCDR practitioners and other personnel tasked with executing a BIA, which can often be a highly complex activity. Continue Reading
By