Identity and access management products

Is facial recognition happening too fast?

In this week’s Computer Weekly, as the information commissioner calls on police forces to slow down the introduction of facial recognition, we examine the issues. We look at what the use of DevOps methods means for storage strategy. And we talk to Microsoft’s global cyber security chief. Read the issue now. Continue Reading

11 new 5G hacks enable user device tracking and monitoring

Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities Continue Reading

By

• Alex Scroxton, Security Editor

Finnish biometric identity plans for seamless air travel

Finnair and Finavia explore options for automatic digital identification and authentication of air travellers Continue Reading

By

• Alex Cruickshank

Nordic SMEs lack the money needed for cyber security

Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country Continue Reading

By

• Gerard O'Dwyer

Australia’s productivity woes pinned on poor employee experience

Research by Ricoh suggests that the lukewarm view of employee experience among IT leaders is part of the reason for Australia’s declining productivity Continue Reading

By

• Beverley Head

Ransomware authors seeking new ways to avoid being spotted

Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls Continue Reading

By

• Alex Scroxton, Security Editor

Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches

Social media giant also promises to change the way its platform is used to protect people’s data Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Mitigating social engineering attacks with MFA

The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing. Continue Reading

Hack the Kop – the Reds are sitting ducks

Liverpool may be flying high at the top of the Premier League table right now, but when they get home after a hard-fought 90 minutes, their fans are the most likely to have had their personal data ... Continue Reading

By

• Alex Scroxton, Security Editor

Endpoint security is a procurement issue, says HP, IDC study

Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders Continue Reading

By

• Alex Scroxton, Security Editor

Take responsibility for cyber security basics, urges NCSC CEO

At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading

By

• Alex Scroxton, Security Editor

Banks move to contain impact of Samsung biometric flaw

NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices Continue Reading

By

• Alex Scroxton, Security Editor

Over-30s tend to do better at cyber security than younger colleagues

Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security Continue Reading

By

• Alex Scroxton, Security Editor

Equifax lawsuit offers more evidence against passwords

Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords Continue Reading

By

• Alex Scroxton, Security Editor

Huge rise in rogue banking apps driving fraud attacks

Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA Continue Reading

By

• Alex Scroxton, Security Editor

Amazon consumer devices vulnerable to two-year-old exploit

Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017 Continue Reading

By

• Alex Scroxton, Security Editor

Sweden’s first GDPR fine sets regulatory tone

Secondary school fined for breaching General Data Protection Regulation, signalling the attitude of Sweden’s Data Protection Authority Continue Reading

By

• Jane Hamrin

Podcast: The Computer Weekly Downtime Upload – episode 34

In this week’s episode of the Computer Weekly Downtime Upload podcast, the team discusses BBC conspiracy thriller, The Capture, and its focus on video surveillance and facial recognition technology Continue Reading

By

• Clare McDonald, Business Editor
• Caroline Donnelly, Senior Editor, UK
• Brian McKenna, Enterprise Applications Editor

Private equity swoops on Sophos

British cyber security star picked up by technology sector investors for $3.9bn Continue Reading

By

• Alex Scroxton, Security Editor

McAfee’s push for secure cloud adoption

Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee Continue Reading

By

• Sebastian Klovig Skelton , Senior reporter

How APAC enterprises can keep pace with container security

For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities Continue Reading

By

• Aaron Tan, TechTarget

IBM, McAfee among founders of open source security alliance

A group of cyber security suppliers have come together to form the Open Cybersecurity Alliance Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: Get basic security policy right, and the rest will follow

Paying attention to basic aspects of cyber security such as policy and permission will give you a sold base to build from Continue Reading

By

• Petra Wenham

Showcasing the potential of 5G

In this week’s Computer Weekly, we visit an ambitious trial in Bristol that is showcasing the possibilities offered by 5G roll-out. We look at how emerging automation technologies are enhancing the use of identity and access management tools. And we assess the Government Digital Service plan for transforming public services. Read the issue now. Continue Reading

LogRhythm touts unlimited data plan for SIEM systems

SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank Continue Reading

By

• Aaron Tan, TechTarget

Local authorities hit by 800 cyber attacks every hour

Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year Continue Reading

By

• Alex Scroxton, Security Editor

New threat group behind Airbus cyber attacks, claim researchers

Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore Continue Reading

By

• Alex Scroxton, Security Editor

CIO interview: Michael Ibbitson, executive VP for technology and infrastructure, Dubai Airports

Former CIO at Gatwick Airport took flight to the Middle East three years ago, and is using data to transform the technology and infrastructure at Dubai Airports Continue Reading

By

• Mark Samuels

ABN Amro investigation lends weight to anti-money laundering collaboration by Dutch banks

Dutch authorities are investigating ABN Amro for possible failures to monitor and report potential money laundering activity Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Five million DoorDash customers’ details lost in data breach

Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen Continue Reading

By

• Alex Scroxton, Security Editor

Overinvestment breeds overconfidence among security pros

CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach Continue Reading

By

• Alex Scroxton, Security Editor

Singapore payment card data compromised by JavaScript sniffers

Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer Continue Reading

By

• Aaron Tan, TechTarget

Google pushes back on scale of YouTube phishing threat

Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading

By

• Alex Scroxton, Security Editor

Putting blockchain technology to good use

Experts share their views on the best and most effective ways information security professionals can use blockchain technology Continue Reading

By

• Cliff Saran, Managing Editor

The UK’s digital identity policy conundrum

The UK government’s recent consultation on digital identity suggests that past mistakes and assumptions have yet to be resolved – a different, more user-centric vision is required Continue Reading

By

• Colin Wallis, Kantara Initiative

Going online for a SIBOS press pass was harder than applying for a bank account

My troubles getting a press pass online for SIBOS made m,e appreciate how easy mobile banking is Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Universities tempting targets for cyber criminals, warns NCSC

As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack Continue Reading

By

• Alex Scroxton, Security Editor

Ecuador citizens’ data breach holds lessons for enterprises

What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it? Continue Reading

By

• Alex Scroxton, Security Editor

Ensign InfoSecurity opens global headquarters in Singapore

The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence Continue Reading

By

• Aaron Tan, TechTarget

Inside blockchain and its various applications

We explore the technology around blockchain shaping how businesses use data Continue Reading

By

• Bob Tarzey

European court to decide on legality of bulk phone and internet surveillance

The European Court of Justice will decide whether intelligence agencies across Europe can continue to lawfully collect the telephone and internet communications data of citizens, following a two-day hearing this week Continue Reading

By

• Bill Goodwin, Computer Weekly

Dutch banks to work together in fight against money laundering

Dutch banks are sharing expertise and resources to help reduce money laundering through their accounts Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Security Think Tank: The case for blockchain-based identity

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• Richard Hunt, Turnkey Consulting

Security Think Tank: Too soon to dismiss blockchain in cyber security

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• Maxine Holt, Omdia

Security Think Tank: Use blockchain for integrity and immutability checks

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• Eoin Keary

Security Think Tank: Blockchain is not for everyone, so look carefully before you leap

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• Paddy Francis

Security Think Tank: Blockchain utility depends on business type and cost

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• Petra Wenham

At least 47,000 servers vulnerable to remote attack

All organisations using Supermicro servers are being urged to update firmware to block remote attacks exploiting vulnerabilities in baseboard management controllers Continue Reading

By

• Warwick Ashford, Senior analyst

Security Think Tank: Risk mitigation is key to blockchain becoming mainstream

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• Mike Yeomans, Information Security Forum

Security Think Tank: Blockchain – balance risk and opportunity for smart security

What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading

By

• RV Raghu, ISACA

Passwordless enterprise already possible, says RSA

The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says RSA’s identity chief. Continue Reading

GDS reveals details of digital identity pilot for passport data checks

The Government Digital Service (GDS) has published details of the planned pilot project for opening up passport data to companies that wish to offer digital identity services. GDS recently held a ... Continue Reading

By

• Bryan Glick, Editor in chief

Finland’s security agencies collaborate after cyber attacks

National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure Continue Reading

By

• Gerard O'Dwyer

Gov.uk Verify’s £40m bill for losing Experian

The Government Digital Service (GDS) insists that its plans for Gov.uk Verify “remain on track” despite the withdrawal of three of the five remaining identity providers (IDPs) supporting the ... Continue Reading

By

• Bryan Glick, Editor in chief

Mitigating social engineering attacks with MFA

The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading

By

• Peter Ray Allison

Three more identity providers to withdraw from troubled Gov.uk Verify programme

Three of the five companies supporting the government's troubled digital identity scheme are pulling out, raising further questions over the viability of the £175m programme Continue Reading

By

• Bryan Glick, Editor in chief

How to bolster IAM strategies using automation

Identity and access management processes and technologies play an important role in security strategies, but organisations and IT professionals need to ensure these strategies are robust enough to deal with new threats Continue Reading

By

• Nicholas Fearn

Silence APT group eyes APAC banks

Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks Continue Reading

By

• Aaron Tan, TechTarget

How EDR is moving beyond the endpoint

An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise Continue Reading

By

• Aaron Tan, TechTarget

Google finds that web users log in with compromised credentials

People continue to use passwords that have been breached. Google has proposed a protocol, which could warn them if their credentials have been stolen Continue Reading

By

• Cliff Saran, Managing Editor

Passwordless enterprise already possible, says RSA

The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says RSA’s identity chief Continue Reading

By

• Warwick Ashford, Senior analyst

How C3M is easing multi-cloud management

Managing and securing access to multiple public cloud services can be a challenge for enterprises that are embarking on a multi-cloud strategy. Besides making sure that only authorised members of ... Continue Reading

By

• Aaron Tan, TechTarget

Australia needs to get digital identity right

A top Ping Identity executive urges Australia to put more focus on digital identity management following the government’s efforts to lay the groundwork for an open banking regime Continue Reading

By

• Beverley Head

Publicly accessible biometric database highlights key failings

The discovery of a publicly accessible database of biometric information highlights failings by the supplier, the need for supply chain security, and the challenges of using biometric data Continue Reading

DCMS funding aims to increase diversity in cyber sector

A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading

By

• Clare McDonald, Business Editor

GDPR faces growing pains across Europe

The General Data Protection Regulation is over a year old now, but it faces challenges across Europe where compliance has taken place at different speeds Continue Reading

By

• Pat Brans, Pat Brans Associates/Grenoble Ecole de Management

Digital domain identified as major security threat by Norway’s intelligence service

Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading

By

• Gerard O'Dwyer

UK finance regulator gives extra time for companies to meet payment security rules

Financial Conduct Authority gives companies under its watch an extra 18 months to meet an EU payments security standard Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Why Gov.uk Verify faces a critical few months - again

Gov.uk Verify – the government’s flagship digital identity system – faces a critical few months ahead. Again. As the clock ticks down towards the end of March 2020, when further public investment ... Continue Reading

By

• Bryan Glick, Editor in chief

Leaked Sephora databases peddled on dark web

Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand Continue Reading

By

• Aaron Tan, TechTarget

Cyber kill chain is outdated, says Carbon Black

The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles Continue Reading

By

• Aaron Tan, TechTarget

F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated Continue Reading

By

• Avanti Kumar

Most SMEs severely underestimate cyber security vulnerabilities

Small businesses are the primary target for cyber attacks, yet most are unprepared and do not think they will be targeted, a survey reveals Continue Reading

By

• Warwick Ashford, Senior analyst

Government launches digital identity consultation and new pilot scheme

DCMS is seeking views on the role of the government and private sector in developing digital identities, while a small-scale trial will open up passport data for companies to prove online IDs Continue Reading

By

• Bryan Glick, Editor in chief

How IT pros are building resilience against email security threats

For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading

By

• Nicholas Fearn

HID weighs in the glacial move towards digital ID

There are still concerns over data integrity, security and privacy of digital identities, but the convenience of the technology outweighs the risks, says a HID expert Continue Reading

By

• Aaron Tan, TechTarget

CW ASEAN: Trend Watch – Security

Artificial intelligence tools are becoming a vital part of the security arsenal for organizations and cyber criminals alike. In this handbook, Computer Weekly looks at how ASEAN firms are using AI to combat cyber threats and experts discuss the latest smart cyber security tools. Continue Reading

UN resolution ignores special rapporteur’s call for halt to spyware sales

UN’s Human Rights Council adopts resolution to explore the impact of new and emerging digital technologies on human rights, but the text ignores a damning report by the council’s own expert on freedom of expression Continue Reading

By

• Sebastian Klovig Skelton, Data & ethics editor

UK boards ignoring £30bn cyber risk

Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds Continue Reading

By

• Warwick Ashford, Senior analyst

Windows 10 to enable passwordless sign-in

Windows 10 users will soon be able to sign in to devices without using a password to encourage the use of two-factor authentication methods to improve security Continue Reading

By

• Warwick Ashford, Senior analyst

We shouldn't need to debate online identity again, but it's right that we do

The latest select committee report by MPs into the progress of digital government in the UK has resurrected a question that has reared its head on several occasions in the past – do we need a ... Continue Reading

By

• Bryan Glick, Editor in chief

Nearly half of firms fear cloud apps make them insecure

Survey shows more than one-third of global companies appoint a CISO in the face of data breaches, and the UK is giving CISOs more power despite making fewer appointments Continue Reading

By

• Warwick Ashford, Senior analyst

APAC experts weigh in on cyber security trends

The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures Continue Reading

By

• Aaron Tan, TechTarget

UK consumers still concerned about personal data security

Most UK consumers are still concerned about the security of their personal data, indicating that organisations need to do more to gain consumer trust, such as implementing biometric controls Continue Reading

By

• Warwick Ashford, Senior analyst

Sweden’s Protective Security Act targets cyber risks

IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies Continue Reading

By

• Gerard O'Dwyer

Podcast: The Computer Weekly Downtime Upload – Episode 22

In this week’s episode of the Computer Weekly Downtime Upload podcast, Brian McKenna, Caroline Donnelly and Clare McDonald talk about digital transformation in the NHS, Sky’s efforts to get more women working in tech and how big businesses could be risking extinction by ignoring IT Continue Reading

By

• Caroline Donnelly, Senior Editor, UK

Singapore to beef up police tech capabilities

Singapore government singles out biometrics, data analytics and digital forensics as promising areas to boost crime-fighting efforts Continue Reading

By

• Aaron Tan, TechTarget

Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading

By

• Bill Goodwin and Sebastian Klovig Skelton

Dutch bank and researchers begin defence against quantum computing’s dark side

ABN Amro is working with QuTech to ensure that banks can protect data against quantum computers in the future Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

DWP looks to extend digital identity capabilities

Department for Work and Pensions wants to reduce reliance on existing identity assurance methods such as Gov.UK Verify and face-to-face Continue Reading

By

• Bryan Glick, Editor in chief

Fido Alliance announces new standards

Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security Continue Reading

By

• Warwick Ashford, Senior analyst

Saudi banks trial blockchain-based identity technology at ATMs

Biometric and blockchain technologies are being used in tandem to provide ID verification at Saudi Arabian cash machines Continue Reading

By

• Alicia Buller

Online porn age-verification checks delayed for six months

Changes to force UK internet users to prove their age to access adult content are postponed for a third time because of failure to notify the European Commission of key policy details Continue Reading

By

• Angelica Mari

Facebook officially unveils cryptocurrency plans

Facebook has released details about its Libra cryptocurrency, but questions still remain over how, and if, it will work Continue Reading

By

• Sebastian Klovig Skelton, Data & ethics editor

UK to host world’s first surveillance camera day

The UK is to host the world’s first surveillance camera day to raise awareness about surveillance cameras and generate a debate about how they are used Continue Reading

By

• Warwick Ashford, Senior analyst

Singapore faced fewer cyber threats in 2018

Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns Continue Reading

By

• Aaron Tan, TechTarget

Inside F5’s cyber security playbook

F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading

By

• Aaron Tan, TechTarget

Facebook London hiring spree focuses on tackling online harms

Facebook is hiring for 500 tech jobs in the capital in the next six months, with a particular focus on seeking out and clamping down on malicious content and fake accounts, and curbing other harmful behaviour on its platforms Continue Reading

By

• Alex Scroxton, Security Editor

Government increases efforts to drive Verify uptake

Renewed push to create a ubiquitous digital identity market will include a consultation with the private sector and the creation of a dedicated unit Continue Reading

By

• Angelica Mari

Large firms look to zero-trust security to reduce cyber risk

In the face of increasing cyber breach risk as organisations move to hybrid multi-cloud IT environments, just over half of large firms in Europe are planning a zero-trust approach to security Continue Reading

By

• Warwick Ashford, Senior analyst