IT security
-
News
30 Apr 2025
Current SaaS delivery model a risk management nightmare, says CISO
JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience Continue Reading
-
News
30 Apr 2025
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack Continue Reading
-
Feature
30 Dec 2020
How to monitor remote workers humanely
Monitoring employees who work remotely has taken on a whole extra dimension in the Covid-19 pandemic year of 2020. Financial services firms are among those which suggest ways of doing it humanely and legally Continue Reading
-
Feature
29 Dec 2020
Editor's picks: Top cybersecurity articles of 2020
As the year no one could have predicted comes to a close, SearchSecurity takes a 30,000-foot view of the cybersecurity trends and challenges that defined the last 12 months. Continue Reading
-
Blog Post
24 Dec 2020
NPCC brings the Christmas present of partnership to UK Cyber Policing
The combination of the Cyber Resilience Centres, Police Cyber Alarm and The Cyber Helpline provides a major advance towards joining up the UK approach to policing the on-line world, Continue Reading
-
Feature
24 Dec 2020
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
News
24 Dec 2020
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020 Continue Reading
-
Opinion
24 Dec 2020
How to manage non-human identities
Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach Continue Reading
-
Quiz
23 Dec 2020
Endpoint security quiz: Test your knowledge
Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading
-
News
23 Dec 2020
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020 Continue Reading
-
Opinion
23 Dec 2020
It’s time to accept that disinformation is a cyber security issue
Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge Continue Reading
-
Feature
23 Dec 2020
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
News
22 Dec 2020
Ministry of Justice in the dock for catalogue of serious data breaches
Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading
-
News
22 Dec 2020
Top 10 end-user computing stories of 2020
Here are Computer Weekly’s top 10 end-user computing stories of 2020 Continue Reading
-
Blog Post
21 Dec 2020
My Question Answered: Neteventing (not not eventing) In Cyberspace...
My fine friends at Netevents have continued to battle the global lockdown elements (and we now know in England that the words "lockdown" and "tier" mean the same thing - who would have guessed?) ... Continue Reading
-
Blog Post
20 Dec 2020
Why Security As A Service Makes Common Sense...
Let us go back in time to 2019 – a time when we could actually attend IT events in a physical way. There I am, on the top level of a stand, having a coffee and scanning the hall, seeing “me too” ... Continue Reading
-
News
18 Dec 2020
Finnish government tables laws to protect data from cyber criminals
Government is strengthening its legal framework to protect data from hackers in the wake of a massive breach at a psychotherapy centre Continue Reading
-
News
18 Dec 2020
Utility supplier People’s Energy has entire customer list stolen
All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident Continue Reading
-
News
18 Dec 2020
SolarWinds cyber attack is ‘grave risk’ to global security
More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear Continue Reading
-
News
17 Dec 2020
Dodgy browser extensions put social media users at risk
More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast Continue Reading
-
News
17 Dec 2020
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading
-
News
17 Dec 2020
NHS Scotland taps Check Point to secure Covid-19 data
NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus Continue Reading
-
News
17 Dec 2020
FireEye and partners release SolarWinds kill-switch
A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue Continue Reading
-
News
17 Dec 2020
UK police unlawfully processing over a million people’s data on Microsoft 365
The roll-out of Microsoft 365 to dozens of UK police forces may be unlawful, because many have failed to conduct data protection checks before deployment and hold no information on their contracts Continue Reading
-
News
17 Dec 2020
Danske Bank fights money laundering with AI
Danske Bank is using artificial intelligence to help it prevent a repeat of the huge money laundering scandal that hit one of its operations in Estonia Continue Reading
-
News
17 Dec 2020
AWS brings disaster recovery programme to Australia
Project Resilience will offer up to $5,000 worth of credits to public sector and community organisations to offset the cost of storing data on Amazon Web Services Continue Reading
-
News
16 Dec 2020
Lancashire police integrate body-worn video into digital policing app
Body-worn video integration will transform Lancashire police’s time-consuming and manual procedures into an efficient digital workflow, but claims that BMV will increase transparency and accountability are not backed by the evidence Continue Reading
-
News
15 Dec 2020
SolarWinds cyber attack: How worried should I be, and what do I do now?
Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next? Continue Reading
-
News
15 Dec 2020
Cyber crime victims in the Netherlands not reporting offences
Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied Continue Reading
-
E-Zine
15 Dec 2020
How security will be different after Covid-19
In this week’s Computer Weekly, the world of cyber security will probably never return to its pre-pandemic state – we look ahead. The combination of remote working and streaming video is putting extra strain on networks. And we look at how digital transformation is changing the way contact centres are run. Read the issue now. Continue Reading
-
14 Dec 2020
No going back to pre-pandemic security approaches
The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021. Continue Reading
-
News
14 Dec 2020
FireEye identifies flaw in networking monitoring software as US agencies attacked
Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software Continue Reading
-
Opinion
14 Dec 2020
Negotiating the complexities of international transfers of personal data
How to navigate international data transfers, standard contractual clauses and the impact of Brexit on data protection Continue Reading
-
Blog Post
14 Dec 2020
Confidence in print security drops and data breach costs rise
As cyberattacks continue to increase, capitalising on the new vulnerabilities of remote working, securing the print infrastructure – across the office and home environments – must be a strategic ... Continue Reading
-
News
13 Dec 2020
Singapore trials beacons to bolster police operations
Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial Continue Reading
-
News
11 Dec 2020
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months Continue Reading
-
News
11 Dec 2020
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL Continue Reading
-
News
11 Dec 2020
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure Continue Reading
-
Opinion
11 Dec 2020
Security Think Tank: Integration between SIEM/SOAR is critical
SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
Feature
11 Dec 2020
Post-pandemic approaches to IAM for cloud security
Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading
-
News
10 Dec 2020
French regulators fine Google and Amazon over cookie policies
Google and Amazon rapped over their use of advertising cookies by the French data protection authorities Continue Reading
-
News
10 Dec 2020
Cyber Helpline awarded lottery funding to support victims
The Cyber Helpline, a UK charity that provides emergency support to victims of cyber crime and online stalking, is to receive funding from the National Lottery Continue Reading
-
News
10 Dec 2020
After critical year, Vodafone trains security sights on CNI market
Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets Continue Reading
-
News
10 Dec 2020
Data on Pfizer/BioNTech Covid-19 vaccine stolen in cyber attack
The European Medicines Agency has launched a full investigation into an apparent security incident that has seen documents on the Pfizer/BioNTech Covid-19 vaccine stolen Continue Reading
-
News
10 Dec 2020
Alan Turing Institute appoints global advisory board to aid digital identity schemes project
The Alan Turing Institute announces an international advisory board for a project investigating digital identity schemes, with a view to building the technology and organisational infrastructure to sustain them as trustworthy Continue Reading
-
E-Zine
10 Dec 2020
CW Europe: Tour de France fans get a virtual experience
The organisers of this year's Tour de France worked with technology services company NTT in partnership with Amaury Sport Organisation to provide what they described as an “enhanced experience” for race fans who could not be at the roadside because of Covid restrictions. Also read why Deutsche Bank has agreed to sell its retail banking IT operation to one of its main IT suppliers for a token €1. Read the issue now. Continue Reading
-
Tip
09 Dec 2020
How cloud-based SIEM tools benefit SOC teams
It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading
-
Opinion
09 Dec 2020
Security Think Tank: SOAR to the next level with automation
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
09 Dec 2020
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users Continue Reading
-
News
09 Dec 2020
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance Continue Reading
-
News
09 Dec 2020
FireEye’s ethical hacking tools stolen in state-backed attack
Hacking tools used to conduct red team penetration testing were stolen in the state-backed attack on security firm FireEye Continue Reading
-
News
09 Dec 2020
There’s no going back to pre-pandemic security approaches
The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021 Continue Reading
-
News
09 Dec 2020
Top IT predictions in APAC in 2021
The Asia-Pacific region will continue to be a cradle for technology innovation in the new year, whether it is 5G services, artificial intelligence, cloud computing or cyber security Continue Reading
-
Blog Post
08 Dec 2020
API, API, API, API (aye aye aye aye)
I very recently spoke at a webinar for a long-time client emanating from the artist formerly known as helpdesk market - Sunrise Software - on the increasing importance of APIs - usable ones, not ... Continue Reading
-
News
08 Dec 2020
Multiple D-Link routers found vulnerable to attack
Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices Continue Reading
-
News
08 Dec 2020
Russian state actors exploiting VMware bug to hijack data, users warned
Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings Continue Reading
-
E-Zine
08 Dec 2020
Where next for Windows?
In this week’s Computer Weekly, Windows is still the most-used operating system in enterprises – we look at where Microsoft aims to take it next. We examine some of the key questions for CIOs for their 2021 IT strategy. And we analyse the best practice in preventing distributed denial of service (DDoS) attacks. Read the issue now. Continue Reading
-
07 Dec 2020
DDoS mitigation strategies needed to maintain availability during pandemic
The growing prevalence of DDoS attacks combined with the increased reliance on internet connectivity during the pandemic means enterprises can no longer afford to ignore the threat of DDoS attacks. Computer Weekly explores organisations’ perceptions of the risks and best practice for mitigation. Continue Reading
-
News
07 Dec 2020
Met Police failed to clear backlog of subject access requests
Metropolitan Police failed to comply fully with an enforcement notice issued by the Information Commissioner, and despite hundreds of overdue subject access requests the regulator did not take further action Continue Reading
-
News
07 Dec 2020
HMRC referred 11 data security incidents to ICO in 2019-20
HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report Continue Reading
-
News
07 Dec 2020
Grindr and others patch critical Android bug
Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability Continue Reading
-
News
07 Dec 2020
Singapore government to boost blockchain adoption
Singapore government unveils S$12m programme to promote development and adoption of blockchain applications beyond financial services Continue Reading
-
News
07 Dec 2020
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime Continue Reading
-
News
06 Dec 2020
China lags US in computer vision
China trails the US in the field of computer vision despite making inroads in computing and research, new report finds Continue Reading
-
News
04 Dec 2020
Opportunistic Egregor ransomware is an emerging and active threat
Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it Continue Reading
-
News
04 Dec 2020
Avast and Borsetta to support Intel’s AI security project
Security firm Avast and AI security specialist Borsetta have signed up to support an Intel-led artificial intelligence security research project Continue Reading
-
News
03 Dec 2020
Cyber Aware campaign to help safeguard Christmas shoppers
New government campaign sets out to raise awareness of online shopping fraud in the run-up to Christmas Continue Reading
-
News
03 Dec 2020
Covid-19 vaccine supply chain attacked by unknown nation state
An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines Continue Reading
-
Opinion
03 Dec 2020
SIEM or SOAR or both? Consider your business complexity first
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
03 Dec 2020
Lax Android app developers putting millions of users at risk
Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk Continue Reading
-
News
03 Dec 2020
Dangerous Trickbot evolves to target UEFI/BIOS firmware
Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware Continue Reading
-
News
02 Dec 2020
Re:Invent 2020: AWS CEO Andy Jassy on redefining hybrid cloud
Amazon Web Services’ Re:Invent user conference has moved online this year, with the firm’s CEO using the opening keynote to explain how AWS’s take on hybrid cloud has changed over time Continue Reading
-
News
02 Dec 2020
Covid-19: Cyber criminals will target vaccine programmes
Interpol issues a global alert to law enforcement as the UK becomes one of the first countries to approve the Pfizer/BioNTech Covid-19 vaccine for use Continue Reading
-
News
02 Dec 2020
Double extortion ransomware will be a big theme in 2021
Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration Continue Reading
-
Opinion
02 Dec 2020
Security Think Tank: SIEM and SOAR are far from mutually exclusive
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
02 Dec 2020
Singapore government remains ‘juicy target’ for cyber attackers
The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats Continue Reading
-
News
01 Dec 2020
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020 Continue Reading
-
News
01 Dec 2020
22,000 malicious .uk domains suspended in past year
Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected Continue Reading
-
Opinion
01 Dec 2020
Security Think Tank: Alerts are great, it’s what you do with them that counts
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
01 Dec 2020
Government covers its ears as complaint by victims of Post Office abuse heads to ombudsman
Government denies responsibility for the abuse inflicted on subpostmasters by the Post Office over faulty IT system Continue Reading
-
News
01 Dec 2020
What it takes for APAC firms to ride out the pandemic
Whether businesses will recover from the Covid-19 pandemic will depend on how they leverage technology to innovate, create new business models and build digital trust Continue Reading
-
News
30 Nov 2020
MI5 accused of withholding surveillance compliance failures from cabinet minister
MI5 withheld high-risk concerns about its ability to comply with legislation from the home secretary when it submitted applications for surveillance warrants, NGOs Privacy International and Liberty claimed last week Continue Reading
-
News
30 Nov 2020
IT Priorities: APAC enterprises readying recovery budget
Enterprises in Asia-Pacific are investing in cloud and other key technologies to not only survive but thrive in the post-pandemic world Continue Reading
-
News
27 Nov 2020
UK government ramps up efforts to regulate tech giants
The Digital Markets Unit of the Competitions and Markets Authority aims to protect consumer privacy and lower barriers to entry for businesses Continue Reading
-
News
27 Nov 2020
NI police unable to delete data seized unlawfully from journalists for 10 years
The Police Service of Northern Ireland is unable to delete terabytes of unlawfully seized data taken from journalists who exposed police failings in the investigation of the Loughinisland sectarian murders Continue Reading
-
News
27 Nov 2020
Algorithmic transparency obligations needed in public sector
Public sector’s use of algorithms with social impacts needs to be more transparent to foster trust and hold organisations responsible for the negative outcomes their systems may produce, says report Continue Reading
-
Opinion
27 Nov 2020
How to modernise identity governance and administration
Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure Continue Reading
-
News
27 Nov 2020
How Grab is using technology to improve trust and safety
Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay Continue Reading
-
Feature
27 Nov 2020
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
Blog Post
26 Nov 2020
The authentication arms race continues
This week we are heading back to 2006, when we reported on that sadly-perennial favourite: IT access security, and more specifically, Managing Access Securely. As our contribution to the bit of fun ... Continue Reading
-
News
26 Nov 2020
Data safes will give users control over their data
Belgian computer scientist tells Computer Weekly how people can regain control of their online personal information Continue Reading
-
E-Zine
26 Nov 2020
CW Nordics: Bank branch closures continue as digital banking grows
Sweden’s Handelsbanken is cutting its branch network by nearly half, which means more money will be invested in IT. But it’s not just Sweden and the Nordics – banks across the world are watching the fintech industry demonstrate to consumers what banking can be like if the right technology is in place. Also in this issue, read about the Norwegian government’s decision not to implement an outright ban on the use of 5G equipment supplied by China's Huawei. Continue Reading
-
News
26 Nov 2020
APAC plagued by APT, ransomware attacks
The Asia-Pacific region was a primary target of advanced persistent threat groups, mostly from China, Iran, North Korea and Russia, that carried out 34 campaigns between June 2019 to June 2020 Continue Reading
-
News
25 Nov 2020
Three cyber criminals arrested in Nigerian BEC investigation
Prolific cyber criminal gang is thought to have compromised up to half a million victims since 2017 Continue Reading
-
Tip
25 Nov 2020
8 benefits of a security operations center
A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
-
News
25 Nov 2020
Merger of national policing systems over budget and behind schedule
UK government effort to replace legacy IT systems suffers further delays, and will not be fully completed until 2025 at the earliest Continue Reading
-
Opinion
25 Nov 2020
From front line to back office – how supporting the cyber community keeps the NHS safe
NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care Continue Reading
-
News
25 Nov 2020
Securing UK’s critical national infrastructure is a 2021 priority
Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority Continue Reading
-
News
25 Nov 2020
Use of abusive stalkerware against women skyrocketed in 2020
Rise in the use of malicious stalkerware correlates closely to increased domestic violence during lockdown Continue Reading
-
Blog Post
24 Nov 2020
What next for digital identity in the UK? Industry welcomes latest DCMS plan
After months – some would say years – of frustration and delay, tech suppliers have largely welcomed the latest government initiative to establish a digital identity ecosystem in the UK. The ... Continue Reading
-
Feature
24 Nov 2020
Business continuity vendors bolster offerings during pandemic
Organizations must ensure their pandemic business continuity and technology DR plans address cybersecurity, as well as remote employees, social distancing and company shutdowns. Continue Reading
-
News
24 Nov 2020
Belgian security researcher hacks Tesla with Raspberry Pi
Belgian security researcher Lennert Wouters once again succeeds in hacking a Tesla vehicle, this time by exploiting the Bluetooth Low Energy standard Continue Reading