IT security
-
News
25 Apr 2024
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag Continue Reading
-
News
22 Apr 2024
Digital Edge punching above its weight in Asia datacentre market
Fast-growing datacentre provider Digital Edge is eyeing business from hyperscalers and counting on its strengths in datacentre operations and local partnerships to stand out from rivals Continue Reading
-
News
14 Feb 2024
Southern Water customer data was taken in ransomware attack
Southern Water has started to contact customers whose data was stolen in a January 2024 ransomware attack on its systems Continue Reading
-
News
14 Feb 2024
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
A database used by the Metropolitan Police to identify and track people linked with gang violence is being decommissioned and replaced. The decision follows a long-running controversy over its discriminatory impacts on young black people, but campaigners warn that racial discrimination will persist with new tool Continue Reading
-
News
14 Feb 2024
Microsoft patches two zero-days for Valentine’s Day
Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues Continue Reading
-
Podcast
14 Feb 2024
Podcast: What is the impact of AI on storage and compliance?
Start now looking at artificial intelligence compliance. That’s the advice of Mathieu Gorge of Vigitrust, who says AI governance is still immature but firms should recognise the limits and still act Continue Reading
-
News
14 Feb 2024
Security experts: Investigatory powers plans will delay security updates
Cyber security experts warn that government proposals to amend the Investigatory Powers Act will limit tech companies’ ability to respond to security threats and could hamper the use of end-to-end encryption Continue Reading
-
News
13 Feb 2024
New variants of Qakbot malware under development
Despite its infrastructure having been taken down by the FBI last year, someone appears to be actively working on a new and improved version of the infamous Qakbot malware Continue Reading
-
News
13 Feb 2024
Hunter-killer malware volumes seen surging
Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences Continue Reading
-
Podcast
13 Feb 2024
Podcast: What are snapshots? Can they replace backup?
We talk to Shawn Meyers, field CTO at Tintri, who defines snapshots, why they are no substitute for backups, and the effect on recovery of snapshot granularity Continue Reading
-
News
13 Feb 2024
What will result from Cohesity’s Veritas acquisition?
The $7bn backup giant will leverage huge assets in enterprise customer base, compliance and governance intelligence, AI, R&D, and Kubernetes backup and storage Continue Reading
-
E-Zine
13 Feb 2024
Intelligent defence – the role of data in the military
In this week’s Computer Weekly, we examine the role of data in tying together military operations across ground, air, sea and cyber. Has SAP finally convinced customers to migrate to cloud ERP? We assess the trends. And we talk to the CIO helping to set up the UK’s fastest supercomputer. Read the issue now. Continue Reading
-
Definition
12 Feb 2024
crisis management plan (CMP)
A crisis management plan (CMP) outlines how an organization should respond to a critical situation that if left unaddressed, could negatively affect its profitability, reputation or ability to operate. Continue Reading
-
Opinion
12 Feb 2024
Executives must face down state-sponsored hacking groups targeting firmware
State-backed groups have ratcheted up the pressure for cyber security professionals and executives. But that’s not an excuse to cede them the territory. Continue Reading
-
Feature
12 Feb 2024
Trends driving cyber security in 2024
While cyber security breaches are not going away, emerging threats are driving new and innovative approaches to IT security Continue Reading
-
News
09 Feb 2024
Amazon defends facial-recognition tech sale to FBI despite moratorium
The FBI has confirmed it is using Amazon’s Rekognition image and video analysis software, but Amazon says it is ‘false’ to suggest this violates the company’s self-imposed moratorium on selling facial-recognition technology to US police Continue Reading
-
News
09 Feb 2024
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne Continue Reading
-
Definition
09 Feb 2024
cyberterrorism
Cyberterrorism is usually defined as any premeditated, politically motivated attack against information systems, programs, and data that threatens violence or results in violence. Continue Reading
-
Definition
09 Feb 2024
mobile security (wireless security)
Mobile security, also known as wireless security, refers to the measures taken to protect smartphones, tablets, laptops, smartwatches and other portable computing devices and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Continue Reading
-
News
08 Feb 2024
Why open data is needed in the battle to address homelessness
Centrepoint needed to send FOIs to more than 300 local authorities in England to access required information Continue Reading
-
Definition
08 Feb 2024
ICD-10-PCS (International Classification of Diseases, 10th Revision, Procedure Coding System)
The International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS) is an American adaptation of the World Health Organization's ICD-10 system, tailored for procedural coding in inpatient and hospital settings. Continue Reading
-
News
08 Feb 2024
CIO interview: Sandy Venugopal, SentinelOne
We speak to the former CIO of Uber and LinkedIn, current CIO of SentinelOne, about how artificial intelligence should be deployed in business Continue Reading
-
News
08 Feb 2024
Executive alleged to be behind EncroChat encrypted phone network arrested
A businessman allegedly behind EncroChat, an encrypted phone network that was used by organised crime groups, has been extradited from the Dominican Republic to France Continue Reading
-
Definition
08 Feb 2024
clinical decision support system (CDSS)
A clinical decision support system (CDSS) is an application that analyzes data to help healthcare providers make decisions and improve patient care. Continue Reading
-
News
07 Feb 2024
NCSC warns CNI operators over ‘living-off-the-land’ attacks
Malicious, state-backed actors may well be lurking in the UK’s most critical networks right now, and their operators may not even know until it is too late, warn the NCSC and its partners Continue Reading
-
News
07 Feb 2024
Dozens of surveillance companies are supplying spyware to governments, says Google
Google’s Threat Analysis Group has identified 40 companies involved in selling and supplying security exploits and spyware services to governments Continue Reading
-
Opinion
07 Feb 2024
Security Think Tank: The phishing forecast for 2024
Egress' Jack Chapman and James Dyer explore how phishing attacks are set to grow in their scope and sophistication this year, with generative AI playing a big role Continue Reading
-
Definition
07 Feb 2024
keylogger (keystroke logger or system monitor)
A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone. Continue Reading
-
News
07 Feb 2024
How Iranian cyber ops pivoted to target Israel after 7 October attacks
Microsoft has shared new intelligence on how Iranian government-aligned threat actors have turned their fire on Israel over the past four months Continue Reading
-
News
07 Feb 2024
South Staffs Water faces group action over Clop ransomware attack
South Staffordshire Plc, the parent company of South Staffordshire and Cambridge Water, is facing legal action from customers whose data was compromised in a 2022 Clop ransomware attack Continue Reading
-
Definition
07 Feb 2024
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning. Continue Reading
-
News
07 Feb 2024
AI ID specialist Onfido in talks to be bought by Entrust
UK-based cyber unicorn Onfido agrees to enter talks to be acquired by Entrust Continue Reading
-
News
06 Feb 2024
UK’s McPartland Cyber Review to probe trust in technology
The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies Continue Reading
-
Tip
06 Feb 2024
8 dangers of shadow IT and how to manage them
Unauthorized devices, software and system changes -- and other forms of shadow IT -- can expose organizations to a range of security risks. Here are ways to manage them. Continue Reading
-
News
06 Feb 2024
Inquiry to explore cyber risk to Sunak-Starmer showdown
The UK’s Joint Committee on National Security Strategy is opening an inquiry into securing the democratic process ahead of the next general election Continue Reading
-
Definition
06 Feb 2024
dictionary attack
A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password. Continue Reading
-
News
06 Feb 2024
UK and France push for international agreement on spyware
The UK and France are hosting diplomats, big tech companies and civil society groups, in a two-day conference in London targeting the proliferation of spyware tools and ‘hackers for hire’ Continue Reading
-
Opinion
06 Feb 2024
Three predictions for responding to the cyber threat landscape in 2024
Nominet's Kim Wiles looks to the coming months and calls for cooperation and collaboration on tackling cyber security threats Continue Reading
-
E-Zine
06 Feb 2024
Generative AI – an early adopter’s experience
In this week’s Computer Weekly, as IT leaders start to implement GenAI in their organisations, we look at the experiences of one early adopter. Our latest buyer’s guide examines the key security trends for 2024. And Microsoft’s head of identity talks about a future without passwords. Read the issue now. Continue Reading
-
Definition
05 Feb 2024
ICD-10 (International Classification of Diseases, 10th Revision)
The International Classification of Diseases, 10th Revision (ICD-10), is a global standard for classifying and coding mortality and morbidity data. Continue Reading
-
05 Feb 2024
IT security strategy: Assessing the risks of generative AI
Most industry watchers see 2024 as the year when generative artificial intelligence and large language models will begin moving into enterprise IT. We consider the security implications. Continue Reading
-
Definition
05 Feb 2024
personal health record (PHR)
A personal health record (PHR) is an electronic summary of health information that a patient maintains control of themselves, as opposed to their healthcare provider. Continue Reading
-
News
05 Feb 2024
Blackbaud blasted for failing to prevent customer breaches
A supply chain attack at software supplier Blackbaud in 2020 saw data on multiple UK organisations compromised. The US authorities are now taking steps to ensure it can’t happen again Continue Reading
-
News
05 Feb 2024
US sanctions Iranians behind CNI cyber attacks
US government issues new sanctions against six Iranians suspected of being behind a series of cyber attacks targeting critical national infrastructure, notably water supply systems Continue Reading
-
Blog Post
05 Feb 2024
New Optimisation Kid On The Block Puts Hybrid Users On The Cloudbrink Of Performance...
As many of you will know, one of my major focus areas since Stone Age Man (almost) has been network optimisation in its broadest sense. It seems ironic that, in 2024, optimisation is required more ... Continue Reading
-
Feature
05 Feb 2024
IT security strategy: Assessing the risks of generative AI
Most industry watchers see 2024 as the year when generative AI and large language models will begin moving into enterprise IT Continue Reading
-
Feature
02 Feb 2024
UK police facial recognition explained: What you need to know
In this essential guide, Computer Weekly looks at the use of facial recognition technology by UK police forces, including the points of contention around its deployment so far and where it’s heading next Continue Reading
-
News
01 Feb 2024
AI: House of Lords focuses on copyright and transparency
Large language models promise to boost UK productivity, but the tech needs greater scrutiny and questions remain over intellectual property Continue Reading
-
News
01 Feb 2024
US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers
The US government has succeeded in halting a botnet comprised of hundreds of end-of-life routers that posed a threat to critical national infrastructure (CNI) organisations in multiple countries Continue Reading
-
News
01 Feb 2024
Welsh workers’ AI experiences shaped by uneven power dynamics
Workers in Wales are being negatively affected by the unregulated introduction of artificial intelligence into workplaces due to asymmetric power dynamics Continue Reading
-
News
01 Feb 2024
Defra legacy IT: 180 applications refreshed, over 1,500 remain
The Department for Environment, Food and Rural Affairs has a 10-year plan to update technology. So far, 180 have been replaced or updated Continue Reading
-
Definition
31 Jan 2024
cloud access security broker (CASB)
A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure. Continue Reading
-
Definition
31 Jan 2024
consumer data
Consumer data is the information that organizations collect from individuals who use internet-connected platforms, including websites, social media networks, mobile apps, text messaging apps or email systems. Continue Reading
-
Opinion
31 Jan 2024
AI everywhere all at once
Artificial intelligence became mainstream in 2023. Advances in technology and accessibility led to increased awareness and use of AI Continue Reading
-
Definition
31 Jan 2024
security operations center (SOC)
A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks. Continue Reading
-
Blog Post
31 Jan 2024
SASE Evaluation - The Thoughts Of A Founding Father
Now here’s something a little different. On this ‘ere blog, you are used to hearing my views on the world of networking, comms, security and occasionally wine. You may also have read my recent ... Continue Reading
-
Blog Post
31 Jan 2024
Low Code Hits New High - Results Of A New Survey
Had a really interesting conversation the other day with Adrian Bignall, he who is in charge of International Sales at Evoke Technologies. Evoke is a rather large tech consultancy that only ... Continue Reading
-
Opinion
30 Jan 2024
Microsoft hack: Five questions enterprises should ask their IT leaders
Following the news about a Russia-backed hacking group infiltrating Microsoft's systems, enterprises may want to seek assurances from their IT and security leaders about the implications of the attack for them Continue Reading
-
News
30 Jan 2024
We need backup! Pennsylvania police data loss shows why
Police evidence systems data was lost during ‘routine maintenance’, with human error blamed – the case clearly illustrates why data protection can’t be left to chance Continue Reading
-
30 Jan 2024
Chat control: Tech companies warn ministers over EU encryption plans
Tech companies have written to EU ministers to urge them to back the European Parliament, rather than the European Commission, over proposed regulations to police child abuse. Continue Reading
-
E-Zine
30 Jan 2024
Tech companies warn EU over encryption plans
In this week’s Computer Weekly, tech companies are calling on the European Commission to rethink plans to weaken internet encryption – we explore the issues. We talk to credit rating agency Moody’s about why it thinks now is the time to start investing in quantum computing. And we examine how a different approach to recruitment could ease the datacentre sector skills gap. Read the issue now. Continue Reading
-
Definition
29 Jan 2024
indicators of compromise (IOC)
Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor. Continue Reading
-
Feature
29 Jan 2024
Top 10 types of information security threats for IT teams
Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and how to prevent them. Continue Reading
-
News
29 Jan 2024
Lords question legality of police facial recognition
Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability Continue Reading
-
Feature
29 Jan 2024
What developers need to know about LLMs in the enterprise
We look at the main areas enterprise developers need to consider when building, testing and deploying enterprise applications powered by large language models Continue Reading
-
News
26 Jan 2024
GenAI tools ‘could not exist’ if firms are made to pay copyright
AI firm Anthropic hits out at copyright lawsuit filed by music publishers, claiming the content ingested into its models falls under ‘fair use’ and that any licensing regime would be too complex and costly Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: Expect more from GenAI in 2024
But 2024 also feels slightly different; the past 12 months have seen generative AI burst on to the scene, and this year its impact will continue to be felt, says Turnkey Consulting's Harshini Carey. Continue Reading
-
Opinion
26 Jan 2024
Quantum, AI and geopolitical conflict: '24 will be a big year for cyber
With big trends like quantum, generative AI and geopolitical conflict, 2024 looks set to be a big year in security, but defenders have an unparalleled opportunity to harness these trends for good, says Quorum's Federico Charosky Continue Reading
-
News
26 Jan 2024
Akira ransomware gang claims Lush cyber attack
The Akira ransomware gang claims to have stolen over 100GB of data from cosmetics manufacturer and retailer Lush Continue Reading
-
News
26 Jan 2024
UK government consults on age verification tech in alcohol sales
The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: What to expect in cyber this year
Risk arising from insecure generative AI, an explosion in mainstream acceptance of zero-trust, and increasingly tight cyber insurance policies will all be high on the agenda in 2024, writes Forrester senior analyst Alla Valente Continue Reading
-
Opinion
26 Jan 2024
Bulk sender authentication: More vital than ever
With new guidelines from Google and Yahoo governing bulk emails coming into force in February 2024, here's what you need to know to keep your sales and marketing lists compliant Continue Reading
-
Feature
26 Jan 2024
The ultimate guide to cybersecurity planning for businesses
This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
-
Opinion
25 Jan 2024
The race to regulate AI: 2024 unpacked
EU’s AI Act is set to become ‘gold standard’ of AI regulation. Will other countries adopt the same high standards or like the UK opt for a light touch in favour of growth and investment? Continue Reading
-
News
25 Jan 2024
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023 Continue Reading
-
Opinion
25 Jan 2024
Mitigating the risks of modern application development
Organisations need to have visibility over their software supply chain, secure and monitor interfaces to legacy systems and adopt zero trust to mitigate the risks of modern application development Continue Reading
-
Opinion
25 Jan 2024
Security Think Tank: 2024 is the year we bridge the cyber divide
ISACA's Steven Sim Kok Leong shares his thoughts on the coming year in cyber security, considering the impact of regulatory change, the evolving role of the CISO, and advances in innovative cyber tech Continue Reading
-
Definition
24 Jan 2024
encryption key management
Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys. Continue Reading
-
News
24 Jan 2024
WebKit vulnerability sparks Apple’s first major security update of 2024
A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year Continue Reading
-
News
24 Jan 2024
Southern Water confirms cyber attack after Black Basta claims
Southern Water, which supplies millions of customers in southeast England, has confirmed it has fallen victim to a cyber attack, although its services appear to be running normally Continue Reading
-
News
24 Jan 2024
Inside Cisco’s security platform strategy
Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform Continue Reading
-
News
24 Jan 2024
Critical vulnerability exposes Fortra GoAnywhere users
Fortra GoAnywhere MFT users must take steps to address a newly disclosed zero-day vulnerability without delay Continue Reading
-
News
24 Jan 2024
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks Continue Reading
-
News
24 Jan 2024
Salesforce’s bug bounty programme paid out $3m in 2023
Ethical hackers disclosed more than 4,000 vulnerabilities to Salesforce last year through its bug bounty programme, and received over $3m in rewards Continue Reading
-
News
24 Jan 2024
Cato claims world’s first SASE-based XDR
Generative AI, detection and response, endpoint protection and new incident response tools headline expansion of core secure access service edge platform beyond networking, threat prevention and data protection Continue Reading
-
Definition
23 Jan 2024
managed detection and response (MDR)
Managed detection and response (MDR) services are a collection of network-, host- and endpoint-based cybersecurity technologies that a third-party provider manages for a client organization. Continue Reading
-
Tip
23 Jan 2024
How to avoid malware on Linux systems
Malware attacks are devastating to companies, and there is no exception for Linux systems. Consider updating systems and assigning correct permissions. Continue Reading
-
Podcast
23 Jan 2024
Podcast: Storage and compliance outlook for 2024
Interesting times ahead in 2024 as we talk to Mathieu Gorge, CEO of Vigitrust, about updates to EU regs, PCI, NIST, post-Brexit divergence and 60 national elections across the globe Continue Reading
-
Feature
23 Jan 2024
Expert guide to e-discovery
An expert guide to why your organisation needs an electronic discovery policy and how to go about creating one Continue Reading
-
Feature
23 Jan 2024
Top incident response service providers, vendors and software
Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading
-
Tip
23 Jan 2024
Building an incident response framework for your enterprise
Understanding incident response framework standards and how to build the best framework for your organization is essential to prevent threats and mitigate cyber incidents. Continue Reading
-
News
23 Jan 2024
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences Continue Reading
-
News
23 Jan 2024
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people Continue Reading
-
News
23 Jan 2024
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack Continue Reading
-
E-Zine
23 Jan 2024
Davos 2024: AI disinformation tops global risks
In this week’s Computer Weekly, AI-generated disinformation and misinformation will be the top risks for businesses, governments and the public over the next two years, according to the World Economic Forum. Intel’s CTO discusses the chip maker’s plans for the European market. And we examine the dearth of digital skills among elected officials. Read the issue now. Continue Reading
-
Feature
22 Jan 2024
6 must-read blockchain books for 2024
Numerous sources provide comprehensive information on blockchain fundamentals and applications. We narrowed the field to six of the most popular and diverse books available. Continue Reading
-
News
22 Jan 2024
SolarWinds hackers attack Microsoft in apparent recon mission
Russian-backed threat actor behind infamous 2020 SolarWinds Sunburst intrusion hacked into Microsoft’s systems, apparently in an attempt to get hold of intel on themselves Continue Reading
-
Feature
22 Jan 2024
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
-
News
22 Jan 2024
PAC calls on MoD to fix inventory management IT
The Public Accounts Committee is concerned that the ageing and fragmented IT systems used in the MoD’s inventory management puts front-line forces at significant risk Continue Reading
-
News
22 Jan 2024
Chat control: Tech companies warn ministers over EU encryption plans
Tech companies have written to EU ministers to urge them to back the European Parliament, rather than the European Commission, over proposed regulations to police child abuse Continue Reading
- Opinion 19 Jan 2024
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading