IT security
-
News
03 May 2024
Why IAM is central to cyber security
BeyondTrust’s chief security strategist talks up the importance of identity and access management, and the role of cyber insurance in driving security improvements Continue Reading
-
News
02 May 2024
How Okta is fending off identity-based attacks
Okta has been bolstering the security of its own infrastructure and building new tools to scan customer environments for vulnerable identities, among other efforts to fend off identity-based attacks Continue Reading
-
Opinion
02 Jun 2021
Security Think Tank: Printer risks go deep into IT history
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Opinion
01 Jun 2021
Long-term thinking is vital to secure UK’s critical infrastructure
To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie Continue Reading
-
News
01 Jun 2021
European-led consortium investigates quantum cryptography
The arms race to a quantum internet is under way – the European Commission is looking at secure critical national infrastructure and member state comms Continue Reading
-
News
01 Jun 2021
Exagrid pays $2.6m to Conti ransomware attackers
Backup appliance specialist hit by Conti ransomware in May with cyber criminals downloading employee and customer data, confidential contracts and source code Continue Reading
-
News
01 Jun 2021
Ex-IT manager stole over £800,000 from NHS trust
A former senior IT manager at an Essex NHS trust has pleaded guilty to defrauding his employer out of more than £800,000 Continue Reading
-
Definition
01 Jun 2021
Amazon Cognito
Amazon Cognito is an Amazon Web Services product that controls user authentication and access for mobile applications on internet-connected devices. Continue Reading
-
News
31 May 2021
Microsoft brings APAC policymakers together in security council
Microsoft’s APAC public sector security council will meet once a quarter to share threat intelligence and best practices for combating cyber threats Continue Reading
-
Feature
28 May 2021
Inept cybersecurity education and training feed into skills gap
Learn why former infosec instructor and author of 'How Cybersecurity Really Works' advocates for changes to security education and training to alleviate the industry skills gap. Continue Reading
-
Feature
28 May 2021
Network reconnaissance techniques for beginners
In this excerpt of 'How Cybersecurity Really Works,' author Sam Grubb breaks down common network reconnaissance techniques used by adversaries to attack wired networks. Continue Reading
-
Answer
28 May 2021
When should you use AWS IAM roles vs. users?
Access management is critical to securing the cloud. Understand the differences between AWS IAM roles and users to properly restrict access to AWS resources. Continue Reading
-
News
28 May 2021
Privacy experts concerned over NHS data collection plans
Security and data privacy experts warn NHS Digital that its data collection plans could increase risk and cause a public backlash Continue Reading
-
Guide
28 May 2021
Essential Guide: How APAC firms can ride out the pandemic
In this Essential Guide, we examine the impact of Covid-19 on Asia-Pacific businesses, how they have responded and important lessons that can be learned as they ready themselves for the post-pandemic world. Continue Reading
-
27 May 2021
Industry reflects on three years of GDPR
Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection Continue Reading
-
News
27 May 2021
Loss of 150,000 police records made worse by management failures
The loss of 150,000 records from a number of national policing systems was caused by a human coding error, but made worse by process and management failures Continue Reading
-
News
27 May 2021
Security ops teams struggle to switch off at home
Spiralling stress levels among SOC and IT security teams can be attributed mainly to alert overload, says Trend Micro Continue Reading
-
E-Zine
27 May 2021
CW Nordics: Denmark takes a top-down approach to gender equality in tech entrepreneurship
Tech Nordic Advocates has adopted a new approach to closing the gender gap in Danish technology startups, looking to emulate Canada’s top-down approach. Also in this issue, find out the state of play with the adoption of open banking in Europe. Continue Reading
-
News
27 May 2021
NGOs file complaints against Clearview AI in five countries
Privacy and human rights organisations have asked data protection regulators in the UK, France, Austria, Italy and Greece to investigate controversial facial recognition company Clearview AI Continue Reading
-
News
26 May 2021
More data stolen in January 2021 than in all of 2017, says report
The volume of data being stolen through breaches is growing steadily and shows no sign of slowing, according to a report from Imperva Continue Reading
-
News
26 May 2021
Millions of pounds lost to crypto fraud on social media
More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud Continue Reading
-
Blog Post
25 May 2021
Lessons from the Post Office Horizon Case
The presumption of the machine functioning properly in practice, means that the prosecution can rely on the presumption that a computer was operating reliably at all material times. It needs to be ... Continue Reading
-
News
25 May 2021
GCHQ bulk interception programme breached privacy rights, Strasbourg court rules
European Court of Human Rights finds that the UK’s bulk surveillance programme breached citizens’ privacy rights Continue Reading
-
Opinion
25 May 2021
Policies key to revolutionising Identity Governance and Administration
The proliferation of digital identities, applications, data, security threats and compliance requirements means that Identity Governance and Administration (IGA) has never been more important, but not all organisations are approaching it in an effective and efficient way Continue Reading
-
News
25 May 2021
CyberSprinters game gives kids a head start, says NCSC
An online game for primary schools, clubs and youth organisations will teach children aged seven to 11 the fundamentals of staying safe online Continue Reading
-
News
25 May 2021
Threat of group GDPR legal action haunts CISOs
The vast majority of security leaders questioned for a new report say they are concerned about the possibility of group legal settlements against them following a serious data breach Continue Reading
-
News
25 May 2021
McAfee to change terms of auto-renewing consumer plans
Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back Continue Reading
-
News
25 May 2021
Industry reflects on three years of GDPR
Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection Continue Reading
-
News
25 May 2021
Legacy vulnerabilities may be biggest enterprise cyber risk
While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats Continue Reading
-
News
24 May 2021
Air India is latest victim of Sita hack
Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack Continue Reading
-
News
24 May 2021
Dutch researchers build security software to mimic human immune system
Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection Continue Reading
-
Feature
24 May 2021
How Bureau Veritas migrated 85% of its applications to the AWS cloud
In six years, France-based services giant BV has migrated 115 applications to the AWS cloud, mostly using in-house expertise. We talk to the company’s IT director Continue Reading
-
News
24 May 2021
MEPs urge European Commission to revise UK adequacy decisions
Members of the European Parliament are calling for the European Commission to ensure EU citizens have greater privacy rights Continue Reading
-
News
24 May 2021
Why the security stack needs to move to the edge
Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge Continue Reading
-
Podcast
21 May 2021
CyberUK, bees and datacentres, Red Cross digital mapping – Computer Weekly Downtime Upload podcast
In this episode of the Computer Weekly Downtime Upload podcast, Caroline Donnelly and Brian McKenna are joined by Alex Scroxton, security editor, to discuss CyberUK, bees and datacentres, and the British Red Cross’ use of digital mapping to combat Covid-19 Continue Reading
-
News
21 May 2021
Lack of developer attention to cloud security prompts alerts
The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations Continue Reading
-
Definition
21 May 2021
ethical hacker
An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit. Continue Reading
-
Definition
21 May 2021
hacktivism
Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason. Continue Reading
-
Tip
20 May 2021
Create a remote access security policy with this template
The expansion of remote work has created complicated security risks. Get help developing and updating a remote access security policy. Download our free template to get started. Continue Reading
-
News
20 May 2021
Pandemic tech use heightens consumer privacy fears
Report on consumer attitudes to privacy finds evidence of a “heightened sense of fear” as digital footprints expand inexorably Continue Reading
-
News
20 May 2021
Malicious scans for at-risk systems start minutes after disclosure
Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes Continue Reading
-
Blog Post
20 May 2021
Throwback Thursday: Even data fragmentation has gone virtual
If there’s one thing that our report Storage Anywhere and Everywhere from eight years ago reminds us, it’s that the risks of uncontrolled data growth are nothing new. As our contribution to the bit ... Continue Reading
-
News
20 May 2021
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained Continue Reading
-
News
20 May 2021
UK government publishes framework on automated decision-making
The framework focuses on making the use of algorithms and automated decision-making systems within the public sector more ethical, transparent and accountable Continue Reading
-
News
19 May 2021
Reports of stolen Irish health service data being leaked online
Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang Continue Reading
-
News
19 May 2021
Barclays first bank to publish online scam refund details
All banks must be transparent about the proportion of victims of authorised push payment fraud they refund, says consumer rights organisation Which? Continue Reading
-
News
19 May 2021
Flexxon bakes AI into SSDs to fight unknown threats
Singapore-based Flexxon has developed a solid-state drive that uses artificial intelligence to fend off malware and other unknown threats Continue Reading
-
Blog Post
18 May 2021
From Talk to Action - Joining up Cyber, Resilience, Fraud and On-line Safety Skills.
The current pipeline supplies less than half the demand. Most of that demand is not for full-time professionals with technical skills. It is for those with the people skills to manage business risk ... Continue Reading
-
News
18 May 2021
Microsoft EU Data Boundary dubbed ‘smoke and mirrors’
Data protection experts claim Microsoft’s decision to create an EU Data Boundary is a tacit admission that it routinely transfers and processes the personal data of European citizens outside the bloc Continue Reading
-
News
18 May 2021
Government response to National Data Strategy consultation depicts data as ‘asset, not threat’
Government responds to consultation with a promise of delivery, putting an emphasis on data as an asset, not a threat, and finding respondents keen on levelling up Continue Reading
-
News
18 May 2021
Cisco acquires Kenna Security amid security expansion
Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers Continue Reading
-
News
18 May 2021
Irish High Court dismisses legal bid by Facebook over EU-US data transfers
Latest twist in long-running legal battle sees Facebook lose legal bid to prevent the Irish Data Protection Commissioner suspending its transfer of data about European citizens to the US Continue Reading
-
News
18 May 2021
Australian budget lends support to digital economy
Australia’s A$1.2bn Digital Economy Strategy ticks most of the right boxes, but some industry experts say areas such as broadband infrastructure and artificial intelligence are still underfunded Continue Reading
-
18 May 2021
Colonial Pipeline ransomware attack has grave consequences
The ramifications of a major ransomware attack against a US fuel pipeline operator could spread far and wide Continue Reading
-
E-Zine
18 May 2021
The real-life consequences of ransomware attacks
In this week’s Computer Weekly, after a ransomware attack shut a major US oil pipeline, we examine the real-life consequences for organisations facing similar threats. We ask the experts for their top tips in reducing datacentre running costs. And we hear how data science skills are helping government make better decisions. Read the issue now. Continue Reading
-
News
17 May 2021
Conti ransomware syndicate behind attack on Irish health service
More details continue to emerge of the significant ransomware attack on Ireland’s HSE Continue Reading
-
News
17 May 2021
NCSC study to probe disability and neurodiversity in cyber
National Cyber Security Centre and KPMG have launched a new diversity study aiming to capture benchmarks on disability and neurodiversity in cyber Continue Reading
-
News
17 May 2021
Government seeks input on supply chain security
Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security Continue Reading
-
News
14 May 2021
Colonial Pipeline paid $5m ransom, reports say
Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here Continue Reading
-
Definition
14 May 2021
cipher block chaining (CBC)
Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block. Continue Reading
-
News
14 May 2021
Irish health service hit by major ransomware attack
IT systems in hospitals across Ireland have been switched off following a significant ransomware attack Continue Reading
-
News
14 May 2021
Dutch police used deep learning model to predict threats to life
Dutch police developed a deep learning model in their EncroChat investigation to predict which messages contain serious threats to life Continue Reading
-
Opinion
14 May 2021
The shape of fraud and cyber crime: 10 things we learned from 2020
While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises Continue Reading
-
News
14 May 2021
Okta and Auth0 to expand APAC coverage
Okta’s acquisition of rival Auth0 will enable both companies to expand their footprint in the Asia-Pacific region as demand for identity management services soars amid the pandemic Continue Reading
-
News
13 May 2021
NHSX data strategy due in ‘a few weeks’
NHSX director of policy and strategy Simon Madden says the long-awaited strategy is expected to “trigger huge debates” on issues such as access, choice and transparency, and will be published in draft form shortly to allow for consultation Continue Reading
-
News
13 May 2021
Publishing exploit code does more harm than good, says report
Disclosing exploit code before patches are available gives malicious actors a ‘massive’ head-start, says Kenna Security Continue Reading
-
News
13 May 2021
Biden beefs up public-private security cooperation
Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing Continue Reading
-
E-Zine
13 May 2021
CW Benelux: Netherlands university launches centre of expertise in applied AI
Amsterdam University of Applied Sciences has launched a centre of expertise in applied artificial intelligence, and students from all faculties of the university will learn how to apply AI in their field of study. Also in this issue, read why a training ‘roadmap’ is needed to get Netherlands police officers up to speed with tackling cyber crime. Continue Reading
-
News
13 May 2021
Refuge launches tech safety site for domestic abuse victims
Created with the help of survivors, Refuge’s resource site offers guidance on protecting yourself from tech-enabled domestic abuse Continue Reading
-
News
13 May 2021
CISOs weathered the pandemic well, but at personal cost
Over 80% of CISOs think their existing security capabilities stayed strong during the worst of the Covid-19 pandemic, but now face stress and burnout on an unheard-of scale Continue Reading
-
News
13 May 2021
Verizon DBIR underscores year of unprecedented cyber challenge
Verizon 2021 Data Breach Investigations Report draws predictable conclusions as the impact of the Covid-19 pandemic continues to be felt Continue Reading
-
News
12 May 2021
UK government publishes Online Safety Bill draft
Bill builds on previous commitments by the government, which has added new measures to uphold democracy and freedom of speech while making tech giants more accountable Continue Reading
-
News
12 May 2021
Inside DarkSide: Researchers share intel on break-out cyber gang
Security researchers swap information on the newly famous DarkSide ransomware gang, the group that doesn’t appear to understand what ‘being a criminal’ actually means Continue Reading
-
News
12 May 2021
CyberUK 2021: NCSC encourages startups to invest in cyber
National Cyber Security Centre is launching bespoke cyber security guidance aimed at the UK’s valuable startup community Continue Reading
-
News
12 May 2021
UK to fund national cyber teams in Global South
Government will commit millions of pounds to supporting vulnerable countries in establishing cyber capacity Continue Reading
-
News
12 May 2021
Microsoft fixes four critical bugs on lighter Patch Tuesday
Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away Continue Reading
-
News
12 May 2021
The Security Interviews: Why helpful bots could hurt vaccine roll-outs
Earlier this year, spikes in traffic to websites containing information about Covid-19 vaccines were attributed by Imperva to automated bots scraping data. Why is that a problem? Continue Reading
-
News
11 May 2021
UK Plc invited to sign up for Early Warning of cyber incidents
The launch of the Early Warning incident notification service is among the enhancements being made by the NCSC to its service packages Continue Reading
-
News
11 May 2021
NCSC cyber guidance targets cloud and home working
The NCSC’s refreshed cyber security guidance for larger organisations places particular emphasis on cloud, home working and ransomware Continue Reading
-
News
11 May 2021
Collaboration key to success of UK’s Cyber Security Council
The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event Continue Reading
-
News
11 May 2021
Government to reform Computer Misuse Act
Home secretary Priti Patel will explore reforming the Computer Misuse Act as calls mount for the 31-year-old law to be updated to reflect the changed online world Continue Reading
-
News
11 May 2021
SolarWinds CEO calls for collective action against state attacks
SolarWinds CEO tells NCSC’s CyberUK conference he is exploring the possibility of collaborating with other companies on collective cyber action against attacks backed by nation states Continue Reading
-
News
11 May 2021
Swedish court finds ambiguities in hacked EncroChat cryptophone evidence
Defence lawyer claims evidence obtained by hacking the EncroChat encrypted phone network has ‘no legal’ value following Swedish appeal court ruling Continue Reading
-
News
11 May 2021
Colonial Pipeline ransomware attack has grave consequences
The ramifications of a major ransomware attack against a US fuel pipeline operator could spread far and wide Continue Reading
-
News
10 May 2021
NCSC Active Cyber Defence blocks surge of pandemic scams
The NCSC responded to a surge in online scams last year as it moved to protect both the general public and critical national services during the pandemic Continue Reading
-
Feature
10 May 2021
APAC career guide on cloud computing
Besides having engineering chops and certifications, aspiring cloud professionals should have curiosity and soft skills to succeed in the evolving cloud computing landscape Continue Reading
-
Feature
10 May 2021
How to support a hybrid workforce
As the economy opens up, organisations are rethinking the idea of office-based work – and a more flexible approach is on the cards Continue Reading
-
Feature
07 May 2021
Despite confusion, zero-trust journey underway for many
Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading
-
Blog Post
07 May 2021
One size does not fit all - current cyber security practice as revealed by the DCMS Breaches Survey
The report is an excellent snapshot but it also illustrates why most business leaders (large or small) find it so hard to take cyber security seriously until it is put into the context of their own ... Continue Reading
-
Feature
07 May 2021
How do I get my users to pay attention to security training?
As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees? Continue Reading
-
News
07 May 2021
NCSC, CISA publish new information on Russia’s Cozy Bear
New intelligence from UK and US cyber agencies suggests that APT29, or Cozy Bear, has been switching up its tactics Continue Reading
-
News
07 May 2021
NCSC publishes smart city security guidelines
Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects Continue Reading
-
Definition
07 May 2021
session key
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers. Continue Reading
-
News
07 May 2021
Cyber accreditation to improve legal standing of security pros
Institute of Cyber Digital Investigations Professionals will help incident responders and cyber investigators get the professional recognition they deserve Continue Reading
-
Opinion
07 May 2021
Securing the UK's emerging smart cities
UK councils have a huge opportunity to improve services through the use of smart city technologies - but they must avoid the cyber security risks, says the government's digital minister Continue Reading
-
News
07 May 2021
Reddit enlists HackerOne to run public bug bounty programme
Online community platform is opening up its HackerOne bug bounty programme to any ethical hacker who cares to have a look under the bonnet Continue Reading
-
News
07 May 2021
Ransomware, supply chain attacks show no sign of abating
Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors Continue Reading
-
Definition
07 May 2021
kill switch
A kill switch in an IT context is a mechanism used to shut down or disable a device or program. Continue Reading
-
News
06 May 2021
Government urged to add scam protections to Online Safety Bill
Group of organisations calls for the government to use the Online Safety Bill to protect people from cyber scams Continue Reading
-
News
06 May 2021
Scammers accidentally reveal fake Amazon review data
More than 13 million records relating to an organised fake review scam have been found on an unsecured ElasticSearch database, implicating hundreds of thousands of people in unethical behaviour Continue Reading
-
News
06 May 2021
Google to introduce mandatory MFA for users
In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services Continue Reading
-
News
06 May 2021
HSBC blocks £249m in UK fraud with voice biometrics
HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases Continue Reading