Identity and access management products

What will points-based immigration mean for IT recruitment?

In this week’s Computer Weekly, we look at the government’s new points-based immigration rules and assess the implications for the tech sector. IR35 tax rules change in April – we find out how IT contractors need to prepare. And we examine whether the rise of cloud is really displacing the datacentre. Read the issue now. Continue Reading

Data breaches in Australia showing no signs of abating

Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019 Continue Reading

By

• Aaron Tan, TechTarget

NCSC makes ransomware attack guidance more accessible

Following a swathe of high-profile ransomware attacks, the UK’s National Cyber Security Centre has made changes to its guidance, emphasising the importance of offline backups Continue Reading

By

• Alex Scroxton, Security Editor

CW Nordics: Swedes lose faith in social media as data security fears increase

Swedish citizens are becoming more concerned about the activities of social media companies and are reducing their online interaction with them as a result. Also read about new mobility-as-a-service projects gaining traction across Denmark, Finland, Norway and Sweden, and why the Finnish government has committed resources to a cyber security project aimed at local authorities. Continue Reading

How tech suppliers are easing barriers to hybrid cloud adoption

The tech industry has risen to the challenge of helping enterprises ease their transition to hybrid cloud, but issues remain Continue Reading

By

• Aaron Tan, TechTarget

Is the EU better equipped than the US to supervise the use of facial recognition?

Clearview AI can be an indispensable tool to reinforce national security, but there are many risks associated with the use of facial recognition technology that the EU might be better equipped to deal with than the US Continue Reading

By

• Mathilde Gérot, Signature Litigation

The Security Interviews: Gil Shwed’s 10-year vision for security

Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years Continue Reading

Using meteorological data to prepare for the worst

In this week’s Computer Weekly, after the storms that swept across the UK, we look at the technology behind Weather Source’s meteorological data service. Oracle and SAP are battling over customers to upgrade their ERP systems to the cloud. And we report from the world’s biggest retail tech show. Read the issue now. Continue Reading

Open security group unveils common OpenDXL language

Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework Continue Reading

By

• Alex Scroxton, Security Editor

Cisco goes all-in on security integration with SecureX platform

CISOs are struggling to stitch together disparate cyber security products and services – Cisco believes its cloud-native SecureX platform will change their working lives for the better Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Zero trust strategies must start small, then grow

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Paddy Francis

Ex-soldiers to become ethical hackers

A new programme will give armed forces veterans in Scotland a grounding in cyber security skills, including penetration testing and ethical hacking Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Ask yourself if zero trust is right for you

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Simon Persin, Turnkey Consulting

Want to hear the latest on Gov.uk Verify? Sorry, GDS still has nothing to say

The great and the good of the digital identity sector gathered in London yesterday (13 February) for the Think Digital Identity for Government conference – a popular bi-annual event that always ... Continue Reading

By

• Bryan Glick, Editor in chief

Security Think Tank: How zero trust lets you take back control

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust architecture? Continue Reading

By

• James Walsh, Fieldfisher

Security Think Tank: Practical steps to achieve zero trust

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Petra Wenham

Inside the SOC: the nerve centre of security operations

Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel Continue Reading

By

• Aaron Tan, TechTarget

What should be in Australia’s next cyber security strategy

The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues? Continue Reading

By

• Stephen Withers

Security Think Tank: Zero trust is complex, but has rich rewards

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Bhanu Jagasia

Security Think Tank: No trust in zero trust need not be a problem

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Silvano Sogus

Web app ubiquity gives cyber criminals new opportunities

The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals Continue Reading

By

• Alex Scroxton, Security Editor

Check Point pledges end to security updates

Check Point’s Gil Shwed expands on a vision for the next 10 years of cyber security, which he calls Infinity Next Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Zero trust is not the answer to all your problems

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Mike Gillespie

Security Think Tank: Facing the challenge of zero trust

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Eoin Keary

NHS adds supplier security audits to procurement platform

A new feature in the NHS’s Edge4Health procurement platform will help NHS suppliers improve their cyber security posture and NHS organisations make better buying decisions Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Zero trust – just another name for the basics?

In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust architecture? Continue Reading

By

• Tim Holman, 2-sec

NCSC launches study on cyber security diversity

The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector Continue Reading

By

• Alex Scroxton, Security Editor

UK cyber security sector worth more than £8bn

The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS Continue Reading

By

• Alex Scroxton, Security Editor

Met Police could deploy facial recognition against protesters

Live facial recognition will be rolled out operationally by the Met Police, but police monitoring group Netpol believes it will hamper people’s ability to exercise their rights to protest Continue Reading

By

• Sebastian Klovig Skelton, Data & ethics editor

Organisations losing control of cloud data

Data is more widely dispersed in enterprise clouds than most organisations think, and as a result they are at risk of losing control of it, according to a report Continue Reading

By

• Alex Scroxton, Security Editor

Interpol uncovers cyber crime operation in Indonesia

An Interpol-coordinated cyber operation leads to the arrest of three people in Indonesia who allegedly used a JavaScript-sniffer malware to steal payment card details of online shoppers Continue Reading

By

• Aaron Tan, TechTarget

Milan hosts Cisco’s first European security innovation unit

Cisco has cut the ribbon on its first Cyber Security Co-Innovation Centre in Europe, at Milan’s Leonardo da Vinci Science and Technology Museum Continue Reading

By

• Alex Scroxton, Security Editor

End-user security ignorance laid bare in new report

Proofpoint’s 2020 State of the Phish report highlights an urgent need for better user training and reporting Continue Reading

By

• Alex Scroxton, Security Editor

Startup uses machine learning to support GDPR’s right to be forgotten

Non-intrusive algorithms enable users to track which companies hold their data, so they can take it back Continue Reading

By

• Sebastian Klovig Skelton, Data & ethics editor

5G builders test vulnerabilities in Finnish hackathon

University hackathon puts 5G security to the test as new wireless technology’s roll-out nears Continue Reading

By

• Gerard O'Dwyer

App developers sue Facebook over ‘anti-competitive conduct’

Lawsuit is based on leaked internal Facebook documents obtained and published by Computer Weekly and NBC last year Continue Reading

By

• Sebastian Klovig Skelton, Data & ethics editor

A quarter of users will fall for basic phishing attacks

Phishing emails that appear to be security alerts are the most effective method of compromise, says KnowBe4 Continue Reading

By

• Alex Scroxton, Security Editor

Security Think-Tank: Tackle insider threats to achieve data-centric security

The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading

By

• Mike Yeomans, Information Security Forum

Thailand gets ready for data protection law

Thailand’s personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals Continue Reading

By

• Aaron Tan, TechTarget

LGBTQ+ social app Grindr accused of breaching GDPR

Norwegian Consumer Council files complaints about LGBTQ+ social networking app, alleging it is in breach of the General Data Protection Regulation Continue Reading

By

• Alex Scroxton, Security Editor

Two-thirds of UK healthcare organisations breached last year

The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices Continue Reading

By

• Alex Scroxton, Security Editor

Sextortion campaign hits Nest home security cameras

Owners of Google’s Nest home security cameras are being targeted in a sextortion scam by criminals playing on fears over IoT security Continue Reading

By

• Alex Scroxton, Security Editor

Implementing a 21st century approach to digital identity

The government’s attempts at digital identity have failed – it is time for a new, modern approach Continue Reading

By

• Jerry Fishenden

Broadcom flogs Symantec enterprise security unit to Accenture

Acquisition is set to make Accenture a global leader in managed cyber security services Continue Reading

By

• Alex Scroxton, Security Editor

Iran likely to hit back with cyber attacks, security experts warn

The possibility of cyber attack by threat groups acting on behalf of the Iranian government has dramatically increased following US actions in Iraq Continue Reading

By

• Alex Scroxton, Security Editor

Government injects £40m into single sign-on NHS programme

The government has put aside funding to speed up login times. Additional funding has been announced to support adult digital health services Continue Reading

By

• Cliff Saran, Managing Editor

Survey about Swedish people’s attitude to the internet reveals growing distrust of social media

Swedish citizens are becoming more concerned about the activities of social media companies and are reducing their online interaction with them as a result Continue Reading

By

• Gerard O'Dwyer

Top 10 enterprise IT in the Middle East stories of 2019

Here are Computer Weekly’s top 10 enterprise IT in the Middle East stories of 2019 Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Top 10 cyber crime stories of 2019

Here are Computer Weekly’s top 10 cyber crime stories of 2019 Continue Reading

By

• Alex Scroxton, Security Editor

Top 10 cyber security stories of 2019

Here are Computer Weekly’s top 10 cyber security stories of 2019 Continue Reading

By

• Alex Scroxton, Security Editor

Finnish government supports local authorities in cyber security initiative

The Finnish government has committed resources to a cyber security project aimed at local authorities Continue Reading

By

• Gerard O'Dwyer

Top 10 artificial intelligence stories of 2019

Here are Computer Weekly’s top 10 artificial intelligence stories of 2019 Continue Reading

By

• Cliff Saran, Managing Editor

Group-IB CEO talks up global threat landscape

Public attribution of cyber attacks could backfire while a global cyber norms framework won’t emerge until a catastrophic incident occurs, says the head of Singapore-based Group-IB Continue Reading

By

• Aaron Tan, TechTarget

Security Think Tank: Data-centric security requires a holistic approach

The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading

By

• James Walsh, Fieldfisher

Alarm bells ring, the IoT is listening

With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Data-centric security requires context and understanding

The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading

By

• Eoin Keary

Public sector still losing user devices in high numbers

The Ministry of Justice has lost 354 smartphones, PCs, laptops and tablets in the past 12 months, according to a Freedom of Information request, and other government departments are in the same boat Continue Reading

By

• Alex Scroxton, Security Editor

How commodities firm ED&F Man solved its threat detection challenges

After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations Continue Reading

By

• Alex Scroxton, Security Editor

Aviatrix VPN vulnerability left user endpoints wide open

Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: In-depth protection is a matter of basic hygiene

The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading

By

• Petra Wenham

Chinese web users take more risks than Brits or Americans

A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation Continue Reading

By

• Alex Scroxton, Security Editor

Cyber criminal RAT busted by cops

Police forces around the UK have arrested nine people as part of an international operation targeting users of a remote access trojan Continue Reading

By

• Alex Scroxton, Security Editor

TfL locks down Oyster accounts to ward off credential stuffing

Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019 Continue Reading

By

• Alex Scroxton, Security Editor

Top APAC security predictions for 2020

More attacks on critical infrastructure, supply chain vulnerabilities and file-less attacks are some of the security threats that enterprises should keep an eye on next year Continue Reading

By

• Aaron Tan, TechTarget

Uber app exploit posed safety risk to passengers

A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel Continue Reading

By

• Alex Scroxton, Security Editor

Massive increase in fraud attacks on TSB customers during IT meltdown

There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018 Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Is facial recognition happening too fast?

In this week’s Computer Weekly, as the information commissioner calls on police forces to slow down the introduction of facial recognition, we examine the issues. We look at what the use of DevOps methods means for storage strategy. And we talk to Microsoft’s global cyber security chief. Read the issue now. Continue Reading

11 new 5G hacks enable user device tracking and monitoring

Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities Continue Reading

By

• Alex Scroxton, Security Editor

Finnish biometric identity plans for seamless air travel

Finnair and Finavia explore options for automatic digital identification and authentication of air travellers Continue Reading

By

• Alex Cruickshank

Nordic SMEs lack the money needed for cyber security

Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country Continue Reading

By

• Gerard O'Dwyer

Australia’s productivity woes pinned on poor employee experience

Research by Ricoh suggests that the lukewarm view of employee experience among IT leaders is part of the reason for Australia’s declining productivity Continue Reading

By

• Beverley Head

Ransomware authors seeking new ways to avoid being spotted

Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls Continue Reading

By

• Alex Scroxton, Security Editor

Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches

Social media giant also promises to change the way its platform is used to protect people’s data Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Mitigating social engineering attacks with MFA

The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing. Continue Reading

Hack the Kop – the Reds are sitting ducks

Liverpool may be flying high at the top of the Premier League table right now, but when they get home after a hard-fought 90 minutes, their fans are the most likely to have had their personal data ... Continue Reading

By

• Alex Scroxton, Security Editor

Endpoint security is a procurement issue, says HP, IDC study

Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders Continue Reading

By

• Alex Scroxton, Security Editor

Take responsibility for cyber security basics, urges NCSC CEO

At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading

By

• Alex Scroxton, Security Editor

Banks move to contain impact of Samsung biometric flaw

NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices Continue Reading

By

• Alex Scroxton, Security Editor

Over-30s tend to do better at cyber security than younger colleagues

Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security Continue Reading

By

• Alex Scroxton, Security Editor

Equifax lawsuit offers more evidence against passwords

Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords Continue Reading

By

• Alex Scroxton, Security Editor

Huge rise in rogue banking apps driving fraud attacks

Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA Continue Reading

By

• Alex Scroxton, Security Editor

Amazon consumer devices vulnerable to two-year-old exploit

Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017 Continue Reading

By

• Alex Scroxton, Security Editor

Sweden’s first GDPR fine sets regulatory tone

Secondary school fined for breaching General Data Protection Regulation, signalling the attitude of Sweden’s Data Protection Authority Continue Reading

By

• Jane Hamrin

Podcast: The Computer Weekly Downtime Upload – episode 34

In this week’s episode of the Computer Weekly Downtime Upload podcast, the team discusses BBC conspiracy thriller, The Capture, and its focus on video surveillance and facial recognition technology Continue Reading

By

• Clare McDonald, Business Editor
• Caroline Donnelly, Senior Editor, UK
• Brian McKenna, Enterprise Applications Editor

Private equity swoops on Sophos

British cyber security star picked up by technology sector investors for $3.9bn Continue Reading

By

• Alex Scroxton, Security Editor

McAfee’s push for secure cloud adoption

Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee Continue Reading

By

• Sebastian Klovig Skelton , Senior reporter

How APAC enterprises can keep pace with container security

For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities Continue Reading

By

• Aaron Tan, TechTarget

IBM, McAfee among founders of open source security alliance

A group of cyber security suppliers have come together to form the Open Cybersecurity Alliance Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Get basic security policy right, and the rest will follow

Paying attention to basic aspects of cyber security such as policy and permission will give you a sold base to build from Continue Reading

By

• Petra Wenham

Showcasing the potential of 5G

In this week’s Computer Weekly, we visit an ambitious trial in Bristol that is showcasing the possibilities offered by 5G roll-out. We look at how emerging automation technologies are enhancing the use of identity and access management tools. And we assess the Government Digital Service plan for transforming public services. Read the issue now. Continue Reading

LogRhythm touts unlimited data plan for SIEM systems

SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank Continue Reading

By

• Aaron Tan, TechTarget

Local authorities hit by 800 cyber attacks every hour

Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year Continue Reading

By

• Alex Scroxton, Security Editor

New threat group behind Airbus cyber attacks, claim researchers

Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore Continue Reading

By

• Alex Scroxton, Security Editor

CIO interview: Michael Ibbitson, executive VP for technology and infrastructure, Dubai Airports

Former CIO at Gatwick Airport took flight to the Middle East three years ago, and is using data to transform the technology and infrastructure at Dubai Airports Continue Reading

By

• Mark Samuels

ABN Amro investigation lends weight to anti-money laundering collaboration by Dutch banks

Dutch authorities are investigating ABN Amro for possible failures to monitor and report potential money laundering activity Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Five million DoorDash customers’ details lost in data breach

Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen Continue Reading

By

• Alex Scroxton, Security Editor

Overinvestment breeds overconfidence among security pros

CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach Continue Reading

By

• Alex Scroxton, Security Editor

Singapore payment card data compromised by JavaScript sniffers

Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer Continue Reading

By

• Aaron Tan, TechTarget

Google pushes back on scale of YouTube phishing threat

Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading

By

• Alex Scroxton, Security Editor

Putting blockchain technology to good use

Experts share their views on the best and most effective ways information security professionals can use blockchain technology Continue Reading

By

• Cliff Saran, Managing Editor