Security policy and user awareness
-
Feature
28 Sep 2023
Automated cloud IR: Empowering cyber with AI-powered playbooks
As cyber threats increasingly target cloud infrastructure, demand for robust and reliable security measures is through the roof. Find out why you might want to consider bringing artificial intelligence into play Continue Reading
-
Opinion
28 Sep 2023
Security Think Tank: To encrypt or not to encrypt, that is the question
The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
-
News
05 Nov 2019
ICO launches data security campaign for UK General Election
Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes Continue Reading
-
Opinion
04 Nov 2019
Security Think Tank: Secure the cloud when negotiating contracts
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
04 Nov 2019
Sumo Logic buys into cloud security software market
Jask’s cloud-native autonomous security operations software will be integrated into Sumo Logic’s intelligence platform Continue Reading
-
Blog Post
03 Nov 2019
Insurability is the key to Cybermaturity
Most organisations are uninsurable. They spend large amounts on security products and services technology but they are not doing that which reduces the risk of a successful cyberattack, limits the ... Continue Reading
-
Opinion
01 Nov 2019
Security Think Tank: In the cloud, the buck stops with you
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security professionals best work with their teams and cloud providers to resolve the problem? Continue Reading
-
News
01 Nov 2019
Banks let customers down with mixed approaches to security
Treasury Committee report recommends new measures to tackle financial fraud Continue Reading
-
News
30 Oct 2019
What will succeed the National Cyber Security Strategy?
As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures Continue Reading
-
Opinion
28 Oct 2019
Security Think Tank: Embedding security in governance
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Feature
28 Oct 2019
Security puzzle calls for some joined-up thinking
The age of digitisation brings new risks to organisations, so security needs to be more integrated Continue Reading
-
Blog Post
24 Oct 2019
Hack the Kop – the Reds are sitting ducks
Liverpool may be flying high at the top of the Premier League table right now, but when they get home after a hard-fought 90 minutes, their fans are the most likely to have had their personal data ... Continue Reading
-
News
24 Oct 2019
Endpoint security is a procurement issue, says HP, IDC study
Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders Continue Reading
-
News
23 Oct 2019
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading
-
News
22 Oct 2019
Banks move to contain impact of Samsung biometric flaw
NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices Continue Reading
-
News
22 Oct 2019
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets Continue Reading
-
News
22 Oct 2019
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period Continue Reading
-
Blog Post
22 Oct 2019
Secure Bacon Butties With Gherkin But No Gherkins
Had my first visit to The Gherkin recently at a “mini” Netevents security briefing in London. I can certainly recommend the brioche-bun bacon butties with a view of the London rain from the 38th ... Continue Reading
-
News
22 Oct 2019
Over-30s tend to do better at cyber security than younger colleagues
Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security Continue Reading
-
News
21 Oct 2019
Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords Continue Reading
-
News
21 Oct 2019
Trend Micro buys cloud security firm to broaden offering
Acquisition of Cloud Conformity will address often overlooked cloud security fundamentals Continue Reading
-
News
21 Oct 2019
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots Continue Reading
-
News
18 Oct 2019
Huge rise in rogue banking apps driving fraud attacks
Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA Continue Reading
-
News
17 Oct 2019
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service Continue Reading
-
Opinion
17 Oct 2019
Security Think Tank: Focus on metrics to manage risk
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
News
16 Oct 2019
Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack Continue Reading
-
Opinion
16 Oct 2019
Security Think Tank: Embed security professionals in your risk strategy
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
15 Oct 2019
Attackers hunt iPhone jailbreakers in click fraud campaign
Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices Continue Reading
-
Opinion
15 Oct 2019
Security Think Tank: Risk management must go beyond spreadsheets
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Opinion
14 Oct 2019
Security Think Tank: Consider risk holistically, not just from an IT angle
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Feature
11 Oct 2019
McAfee’s push for secure cloud adoption
Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee Continue Reading
-
Feature
10 Oct 2019
Data management strategies are evolving – so must enterprises
A growing number of data-driven initiatives, alongside heightened demand for security in governance, data management and compliance, has led to the rise of a more holistic approach – integrated risk management Continue Reading
-
Opinion
09 Oct 2019
Small business guide: How to keep your organisation secure from fraudsters and hackers
Doing a few things well can keep your organisation protected from common cyber attacks and fraudsters Continue Reading
-
Opinion
09 Oct 2019
Security Think Tank: The operational approach to integrated risk management
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Opinion
08 Oct 2019
Security Think Tank: Get basic security policy right, and the rest will follow
Paying attention to basic aspects of cyber security such as policy and permission will give you a sold base to build from Continue Reading
-
Opinion
07 Oct 2019
Security Think Tank: Risk is unavoidable in digital transformation
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
News
03 Oct 2019
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year Continue Reading
-
News
03 Oct 2019
New threat group behind Airbus cyber attacks, claim researchers
Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore Continue Reading
-
News
27 Sep 2019
Nodersok malware campaign is infecting thousands, Microsoft warns
Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks Continue Reading
-
News
27 Sep 2019
Five million DoorDash customers’ details lost in data breach
Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen Continue Reading
-
News
27 Sep 2019
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to Continue Reading
-
News
24 Sep 2019
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee Continue Reading
-
News
24 Sep 2019
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading
-
News
18 Sep 2019
Universities tempting targets for cyber criminals, warns NCSC
As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack Continue Reading
-
News
18 Sep 2019
WannaCry variants accidentally protecting against WannaCry
New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection Continue Reading
-
News
18 Sep 2019
Emotet phishing botnet returns from summer vacation
The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers Continue Reading
-
News
17 Sep 2019
Ecuador citizens’ data breach holds lessons for enterprises
What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it? Continue Reading
-
Blog Post
17 Sep 2019
PSD2 security deadline extension is not a reason for further can kicking
The extension of a compliance deadline for PSD2 should not be a signal for banks to reduce preperations Continue Reading
-
News
16 Sep 2019
Ensign InfoSecurity opens global headquarters in Singapore
The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence Continue Reading
-
News
13 Sep 2019
European court to decide on legality of bulk phone and internet surveillance
The European Court of Justice will decide whether intelligence agencies across Europe can continue to lawfully collect the telephone and internet communications data of citizens, following a two-day hearing this week Continue Reading
-
Blog Post
12 Sep 2019
A Cybercommunity Safety Partnership to address On-line Harms and Abuse
We need voluntary co-operation to join up cybercommunity safety across silo boundaries without waiting for governments, regulators and lobbyists Continue Reading
-
News
11 Sep 2019
Nordic countries deepen collaboration with Estonia-based cyber security operation
Nordic countries are now working closer with Nato’s Estonia-based centre of excellence in cyber security Continue Reading
-
News
11 Sep 2019
GDPR non-compliance worse than feared
Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts Continue Reading
-
News
10 Sep 2019
UK calls for cyber capacity-building at UN security group
The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security Continue Reading
-
News
09 Sep 2019
Social engineering a factor in virtually all cyber attacks, report claims
Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint Continue Reading
-
News
06 Sep 2019
Australia government to chart 2020 cyber security strategy
Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint Continue Reading
-
News
05 Sep 2019
Singapore’s SecureAge eyes US market
The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan Continue Reading
-
News
02 Sep 2019
CISOs turn to AI, detection, response and education
Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows Continue Reading
-
News
30 Aug 2019
Social media and enterprise apps pose big security risks
The lack of security policies in many business applications is putting enterprise data at risk and social media apps are the biggest source of malware, a poll of IT professionals reveals Continue Reading
-
Blog Post
29 Aug 2019
Towards a joined-up Cybersecurity Policy
It is not enough to have policies that satisfy the conflicting requirements of the EU and US for data protection, including notification to attract fraudsters to the victims of a breach, like ... Continue Reading
-
News
29 Aug 2019
Finland’s security agencies collaborate after cyber attacks
National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure Continue Reading
-
News
28 Aug 2019
Targeted cyber attacks, including ransomware, on the rise
Governments and healthcare institutions are prime targets of ransomware operators, a report shows Continue Reading
-
Feature
28 Aug 2019
Mitigating social engineering attacks with MFA
The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing Continue Reading
-
News
28 Aug 2019
Most UK firms ignore security in tech investments
Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals Continue Reading
-
News
23 Aug 2019
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials Continue Reading
-
E-Zine
22 Aug 2019
CW Nordics: Copenhagen woos tech startups
Copenhagen offers all the advantages startups need to get off the ground and many are setting up with the intention of staying there for the long haul. Also read how shipping giant Maersk is employing a cloud-first strategy to disrupt competition and build innovation, and why three Finnish banks are sharing a core IT platform. Continue Reading
-
News
21 Aug 2019
Box aims to shield businesses from data loss threat
Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders Continue Reading
-
News
20 Aug 2019
Malware still top security threat, say infosec pros
Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows Continue Reading
-
Blog Post
19 Aug 2019
From Action Fraud to Action Plans
1 Action Fraud had an impossible task The Times undercover investigation at Action Fraud has led to a rash of publicity, both tabloid and professional . The only surprise is that it has taken so ... Continue Reading
-
News
15 Aug 2019
Australia needs to get digital identity right
A top Ping Identity executive urges Australia to put more focus on digital identity management following the government’s efforts to lay the groundwork for an open banking regime Continue Reading
-
News
15 Aug 2019
Most UK financial firms hit by cyber attack in the past year
The majority of UK financial companies are failing to prevent cyber security incidents, mainly because of employees failing to follow security policies and a lack of security budget, a survey reveals Continue Reading
-
News
14 Aug 2019
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading
-
News
14 Aug 2019
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading
-
Blog Post
13 Aug 2019
A new look at the Cybersecurity Skills Market
Hence the need to address the cyberskills for justice and deterrence , not just those for cyberwarfare, protection and surveillance. And the more widespread those skills, the more dangerous the ... Continue Reading
-
News
30 Jul 2019
Australian firms grappling with “train-smash” of security legislation
While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators Continue Reading
-
News
26 Jul 2019
86 million reasons to support No More Ransom
Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world Continue Reading
-
News
25 Jul 2019
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC
Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated Continue Reading
-
News
24 Jul 2019
Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine
Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission Continue Reading
-
E-Zine
23 Jul 2019
How Apollo 11 influenced modern computing
In this week’s Computer Weekly, on the 50th anniversary of the Moon landings we look at the influence Apollo 11 had on modern hardware and software. Our latest buyer’s guide examines data protection. And we find out how retailers with physical stores are using technology to respond to the rise of online shopping. Read the issue now. Continue Reading
-
Feature
19 Jul 2019
How IT pros are building resilience against email security threats
For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen Continue Reading
-
News
19 Jul 2019
HID weighs in the glacial move towards digital ID
There are still concerns over data integrity, security and privacy of digital identities, but the convenience of the technology outweighs the risks, says a HID expert Continue Reading
-
E-Zine
18 Jul 2019
CW ASEAN: Trend Watch – Security
Artificial intelligence tools are becoming a vital part of the security arsenal for organizations and cyber criminals alike. In this handbook, Computer Weekly looks at how ASEAN firms are using AI to combat cyber threats and experts discuss the latest smart cyber security tools. Continue Reading
-
E-Zine
18 Jul 2019
CW ANZ: Trend Watch – Security
With regulations pushing data protection up the business agenda, we look at how Australia’s Notifiable Data Breaches scheme has been received and consider why a survey that found Australian firms are experiencing fewer cyber breach incidents appears to conflict with anecdotal evidence that suggests the opposite. Continue Reading
-
News
18 Jul 2019
UK poor cyber security practice undermining controls
UK firms investing in the latest cyber security products and services risk this being undermined by poor security practices, a survey reveals Continue Reading
-
News
18 Jul 2019
Lateral phishing used to attack organisations on global scale
Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 email accounts Continue Reading
-
News
16 Jul 2019
Digital safety skills initiative launched against cyber crime
Security industry partners have launched an initiative aimed at raising individuals’ digital safety skills to enable them to protect themselves and their families from most common cyber attacks Continue Reading
-
News
15 Jul 2019
Organisations turn to AI in race against cyber attackers
Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks Continue Reading
-
News
15 Jul 2019
UK boards ignoring £30bn cyber risk
Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds Continue Reading
-
Podcast
02 Jul 2019
Podcast: The Computer Weekly Downtime Upload – Episode 22
In this week’s episode of the Computer Weekly Downtime Upload podcast, Brian McKenna, Caroline Donnelly and Clare McDonald talk about digital transformation in the NHS, Sky’s efforts to get more women working in tech and how big businesses could be risking extinction by ignoring IT Continue Reading
-
News
01 Jul 2019
Symantec gearing up for future cyber security
Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson Continue Reading
-
Feature
01 Jul 2019
Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data
Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation Continue Reading
-
News
28 Jun 2019
TIN coalition calls for industry action against cyber fraud
An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud Continue Reading
-
News
24 Jun 2019
Hospitality industry at highest risk of phishing
Benchmarking report shows average phish-prone percentage across all industries and sizes of organisations at 29.6% – up 2.6% since 2018 Continue Reading
-
Opinion
18 Jun 2019
Security Think Tank: Business needs to see infosec pros as trusted advisers
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
News
17 Jun 2019
Inside F5’s cyber security playbook
F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading
-
News
13 Jun 2019
UK firms need to address risky user habits
McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers Continue Reading
-
Blog Post
07 Jun 2019
Threat vs trust: the overlooked power of words
Words have power – in particular, your choice of words modifies how your readers or listeners react to what you write or say. Politicians do this sort of thing all the time, swapping one word or ... Continue Reading
-
Opinion
05 Jun 2019
Joining the dots to deliver effective cyber security
In too many organisations, cyber security is dislocated and siloed. Security chiefs need to take a more joined-up approach, but that is likely to mean a rethink of how the security team operates Continue Reading
-
Opinion
05 Jun 2019
Making threat intelligence greater than the sum of its parts
Organisations can become more secure if they join up their varied sources of intelligence about business threats, and avoid losing valuable information within individual silos Continue Reading
-
News
04 Jun 2019
Businesses investing blindly in cyber security
Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker Continue Reading
-
Blog Post
31 May 2019
Passing the baton on Cybersecurity Skills
This year will be the first time I visit Infosec with no agenda. Or to be more precise I will have a Community Safety rather than a Cybersecurity Skills Agenda. This has caused me to take a cool ... Continue Reading
-
Blog Post
29 May 2019
IT in the Tory Candidates' Manifestos
I added a comment on Dominic Rabb's inclusion of degree apprenticeships in his call for Fairness and Choice to my recent blog on the IfA apprenticeship review. In his opening campaign letter Rory ... Continue Reading