IT governance
IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.
-
Feature
11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI
Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
-
News
24 Apr 2023
Finland and Estonia deepen cross-border digital partnerships
Finland and Estonia, two global tech pioneers, are increasingly sharing their expertise Continue Reading
-
News
22 Apr 2022
EU lawmakers propose limited ban on predictive policing systems
MEPs’ joint report on European Artificial Intelligence Act sets out limited ban on predictive policing systems alongside a raft of further amendments to improve redress mechanisms and extend the list of AI systems deemed high-risk Continue Reading
-
News
22 Apr 2022
What’s up with Conti and REvil, and should we be worrying?
New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back Continue Reading
-
News
22 Apr 2022
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading
-
News
21 Apr 2022
Zoom adds new round of cyber security enhancements
Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading
-
News
21 Apr 2022
Five Eyes in new Russia cyber warning
Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure Continue Reading
-
News
21 Apr 2022
Impact of Lapsus$ attack on Okta less than feared
Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential Continue Reading
-
News
20 Apr 2022
Bots could help businesses polish up their green credentials
Metrics are a key aspect of a sound sustainability strategy and Oracle believes automation can help businesses achieve their environmental goals Continue Reading
-
News
20 Apr 2022
Home secretary Priti Patel to decide whether to extradite Assange
Home secretary will decide in four weeks whether to approve Julian Assange’s extradition to the US, where he faces espionage and hacking charges Continue Reading
-
News
19 Apr 2022
Softbank and UnaBiz team up on internet of robotic things
Japan’s Softbank Robotics and Singapore-based UnaBiz are bringing IoT and robotics technology together to improve facilities management, among other applications Continue Reading
-
Feature
14 Apr 2022
Refugee support group works with tech startup on reporting system
Computer Weekly speaks to a refugee support group about its ongoing collaboration with an academic tech startup to develop a digital human rights reporting system for refugees Continue Reading
-
Feature
14 Apr 2022
How algorithmic automation could manage workers ethically
Managing workers by algorithm and automated process has generated ethical problems aplenty. Can such means be pressed into the service for a more ethical mode of worker management? We find out Continue Reading
-
News
14 Apr 2022
Government agrees bulk surveillance powers fail to protect journalists and sources
Campaign group Liberty to launch legal appeal that will call for journalists to receive stronger legal protections from state surveillance Continue Reading
-
News
13 Apr 2022
WatchGuard firewall users urged to patch Cyclops Blink vulnerability
The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading
-
News
13 Apr 2022
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading
-
News
13 Apr 2022
Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack
Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief Continue Reading
-
News
12 Apr 2022
AI researcher says police tech suppliers are hostile to transparency
Expert witness in Lords police tech inquiry welcomes committee’s findings but questions whether its recommendations on how to end the ‘Wild West’ of police artificial intelligence and algorithmic technologies in the UK would be implemented Continue Reading
-
News
11 Apr 2022
Border IT system fixed after 10-day outage
Post-Brexit border IT system failure fixed after going down at the start of April, allowing traders to once again file customs documents electronically rather than by hand Continue Reading
-
News
08 Apr 2022
EncroChat: France says ‘defence secrecy’ in police surveillance operations is constitutional
Constitutional court finds that invoking ‘defence secrecy’ to withhold information about the state hacking of EncroChat cryptophones is constitutional. Defence lawyers now head for the supreme court Continue Reading
-
Feature
06 Apr 2022
Snapshots best practice: Five key things you need to know
We look at snapshots best practice, including the way they work, why they are not the same as backups, how to avoid heavy processing overheads and key user permissions tweaks Continue Reading
-
News
05 Apr 2022
Structured decentralisation is the key to unlocking Nordic-level innovation
Finnish tech entrepreneurs will be taking the stage at the World Economic Forum to tell the world about the role of trust in Finnish startup success Continue Reading
-
News
05 Apr 2022
Saudi Arabian ICT sector hits $32.1bn after strong pandemic response
The Saudi Arabian IT and communications sector is recovering strongly from the Covid-19 pandemic Continue Reading
-
News
01 Apr 2022
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading
-
News
31 Mar 2022
EU Act ‘must empower those affected by AI systems to take action’
Ada Lovelace Institute publishes recommendations on how European institutions can improve the Artificial Intelligence Act by establishing a ‘comprehensive remedies framework’ around those affected by the deployment of AI systems Continue Reading
-
News
31 Mar 2022
Global upheaval shows cyber security isn’t good enough, says GCHQ director
Generational global upheaval has laid bare significant gaps in national cyber strategies, GCHQ chief Jeremy Fleming has said in a speech Continue Reading
-
News
31 Mar 2022
Bank fraud prevention scheme blocked £60m in fraud last year
Scheme to catch fraudsters, including online scammers, before they commit their crimes has reported a significant increase in crimes prevented Continue Reading
-
News
30 Mar 2022
One-third of UK firms suffer a cyber attack every week
New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors Continue Reading
-
Feature
30 Mar 2022
Recruitment risks: Avoiding the dangers of fraudulent candidates
Tech companies are seeing an increase in fraudulent job applications, with associated impacts on risk and cyber security. So how can organisations protect themselves from fraudulent applicants while ensuring they recruit the best talent? Continue Reading
-
News
29 Mar 2022
Overhaul of UK police tech needed to prevent abuse
Lords inquiry finds UK police are deploying artificial intelligence and algorithmic technologies without a thorough examination of their efficacy or outcomes, and are essentially ‘making it up as they go along’ Continue Reading
-
News
29 Mar 2022
NCSC: Not necessarily wise to ditch Kaspersky
UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates Continue Reading
-
News
29 Mar 2022
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
-
News
29 Mar 2022
FCA reports 52% jump in security incidents
The Financial Conduct Authority received 116 cyber incident reports in 2021, a fifth of them involving ransomware Continue Reading
-
Definition
28 Mar 2022
business metric
A business metric is a quantifiable measure businesses use to track, monitor and assess the success or failure of various business processes. Continue Reading
-
News
25 Mar 2022
European Commission proposes new cyber security regulations
New cyber and information security regulations have been proposed by the European Commission to create a minimum set of standards in both areas Continue Reading
-
News
24 Mar 2022
The Security Interviews: Red gets automated
We speak to Jack Stockdale, CTO of Darktrace, about Cambridge’s strong data analytics and artificial intelligence links and the role of AI in cyber security Continue Reading
-
Opinion
22 Mar 2022
Revised scope of UK security strategy reflects digitised society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF Continue Reading
-
News
21 Mar 2022
Siloed data holding back coordinated health responses
Digital health experts discuss the role of data in coordinating the NHS’s pandemic response and how managing privacy and governance issues are key to further success Continue Reading
-
Opinion
21 Mar 2022
How 2022’s most significant data privacy trends affect your organisation
Data privacy and protection are now core responsibilities for most, but as we all know by now, compliance is a moving target. Here, expert Alan Calder looks ahead at what to expect in the coming months Continue Reading
-
Opinion
21 Mar 2022
UK Cyber Strategy a welcome injection of progress
The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber Continue Reading
-
News
18 Mar 2022
Electronic patient records key to NHS digital transformation
Getting EPR systems rolled out across NHS organisations will help boost digital transformation efforts, and are key to fulfilling government healthcare plans Continue Reading
-
Opinion
18 Mar 2022
National Cyber Strategy will enhance UK’s cyber power status
The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of Airbus Cybersecurity Continue Reading
-
News
18 Mar 2022
Russian IT sector faces unprecedented crisis
The Russian IT sector faces a major crisis as IT professionals and businesses flee the country after its invasion of Ukraine Continue Reading
-
News
17 Mar 2022
Kaspersky CEO: Ukraine war must end through diplomacy
Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting Continue Reading
-
News
17 Mar 2022
Online Safety Bill introduced in Parliament
The government has introduced its long-awaited Online Safety Bill in Parliament, alongside new criminal offences and sanctions for tech company execs Continue Reading
-
News
17 Mar 2022
Alarm raised over ‘trickster’ LokiLocker ransomware
The new LokiLocker ransomware is, like its namesake, adept at tricks and misdirection, say BlackBerry researchers Continue Reading
-
News
16 Mar 2022
German authorities warn on Kaspersky but stop short of ban
Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine Continue Reading
-
Opinion
15 Mar 2022
How cyber security teams can conquer the four-day working week
The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition Continue Reading
-
Opinion
15 Mar 2022
Achieving agility, collaboration and data control in the cloud
Organisations have historically had to make a trade-off between the proven benefits of the cloud and maintaining full control of their data, but with the right strategy it is possible to have both Continue Reading
-
Feature
14 Mar 2022
How can I avoid an exodus of cyber talent linked to stress and burnout?
Cyber security professionals have played a crucial role during the pandemic, yet many feel like their employers aren’t providing adequate mental health support and have considered quitting their jobs as a result. What can employers do to help them? Continue Reading
-
News
11 Mar 2022
Majority of UK adults support legal right to disconnect
The introduction of ‘right to disconnect’ legislation to stop employees having to engage in work-related electronic communications outside their normal hours remains popular in the UK Continue Reading
-
Opinion
10 Mar 2022
National Cyber Strategy misses the mark in one important way
The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way Continue Reading
-
News
10 Mar 2022
Tech brands sign on to HackerOne responsible security drive
Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices Continue Reading
-
News
09 Mar 2022
Paid-for advertising measures included in Online Safety Bill
New measures to deal with fraudulent paid-for advertising have been included in the government’s draft Online Safety Bill, marking the fourth extension in two months Continue Reading
-
Feature
09 Mar 2022
Cloud-era disaster recovery planning: Maintenance and continuous improvement
In the final article in this four-part guide to disaster recovery planning, we look at how and when to update, maintain, audit, review and continually improve the DR plan Continue Reading
-
News
09 Mar 2022
Strategic Review of Policing: Police tech needs better ethical scrutiny
The Strategic Review of Policing confirms the central role that tech will be playing going forward, but warns of the need for greater ethical scrutiny to ensure public trust Continue Reading
-
News
09 Mar 2022
Microsoft serves up three zero-days on March Patch Tuesday
Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders Continue Reading
-
Opinion
08 Mar 2022
Security Think Tank: Building the cyber workforce we need
The UK’s new National Cyber Strategy is clear in its ambitions, but to fulfil them, we must double down on appropriate skills development, says ISACA director Mike Hughes Continue Reading
-
News
08 Mar 2022
Challenges for IT providers as Ukraine crisis worsens
Many IT providers have ceased sales to Russia, but cloud services can operate and be delivered anywhere, helping – indirectly – to fund the invasion Continue Reading
-
News
07 Mar 2022
Ukraine joins Nato cyber knowledge hub
Ukraine is to become a contributing participant in Nato’s Cooperative Cyber Defence Centre of Excellence Continue Reading
-
News
04 Mar 2022
Scrapping NHS Digital a backward step for patient data rights
Former NHS Digital chair Kingsley Manning has spoken out over proposals to fold NHS Digital into NHS England, saying that more oversight is needed to safeguard patient data in light of recent events Continue Reading
-
Opinion
04 Mar 2022
Assessing the aims of the Government Cyber Security Strategy
The clear aims of the Government Cyber Security Strategy are welcome, but are they realistic or achievable? Continue Reading
-
Feature
03 Mar 2022
English Channel surveillance used ‘to deter and punish migrants’
Instead of opening safe and legal routes to the UK, the country’s border control ecosystem is deploying surveillance technologies in the English Channel to deter migrant crossings, it is claimed Continue Reading
-
News
02 Mar 2022
How FinOps can rein in cloud costs
More organisations are warming to FinOps to keep escalating cloud costs in check, amid growing usage of public cloud services Continue Reading
-
News
02 Mar 2022
Ban predictive policing systems in EU AI Act, says civil society
A coalition of civil society groups has called on European lawmakers to use the upcoming Artificial Intelligence Act as an opportunity to ban predictive policing systems Continue Reading
-
News
01 Mar 2022
Toyota production to resume after supply chain attack
Toyota production has been set back by over 10,000 vehicles following a cyber attack on a critical components supplier in Japan Continue Reading
-
News
01 Mar 2022
DCMS opens consultation on telecoms cyber standards
Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act Continue Reading
-
News
01 Mar 2022
Workplace surveillance ‘spiralling out of control’, says TUC
Trade union body pushes for workers to be consulted on the implementation of new technologies at work, warning that invasive surveillance practices are getting out of hand Continue Reading
-
News
28 Feb 2022
Online Safety Bill updated to deal with anonymous abuse
Social media companies will be forced to deal with anonymous abuse online by the introduction of new measures in the Online Safety Bill Continue Reading
-
Blog Post
25 Feb 2022
At last, the world is listening to the Horizon victims - the Post Office must finally listen, too
We are only two weeks into the statutory inquiry examining the Post Office IT scandal – two weeks of what is likely to be a year-long process – and already what we’ve learned is only compounding ... Continue Reading
-
Feature
24 Feb 2022
Define RPO and RTO tiers for storage and data protection strategy
We look at RPO and RTO in defining data protection and disaster recovery strategies and how to specify tiers that reflect the importance of different systems in your organisation Continue Reading
-
Opinion
24 Feb 2022
The UK’s cyber security sector is thriving, but our work has only just begun
The government’s Annual Cyber Sector Report painted a positive picture of the UK security industry. CIISec’s Amanda Finch thinks we can go further in developing cyber talent and opening up the sector Continue Reading
-
News
24 Feb 2022
Security organisations form Nonprofit Cyber coalition
Founding members of the Nonprofit Cyber coalition pledge to enhance joint action on cyber security around the world Continue Reading
-
News
24 Feb 2022
New cyber guidelines to safeguard construction sector
NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building Continue Reading
-
News
23 Feb 2022
Paid-for advertising still not covered in Online Safety Bill
Consumer group Which? calls again for government to include measures against scam paid-for advertising in the Online Safety Bill Continue Reading
-
News
23 Feb 2022
Tech acquisition to be major priority for UK police
Policing minister cites technology as major focus for future of UK police, in comments made ahead of the publication of the Strategic Review of Policing in England and Wales Continue Reading
-
News
22 Feb 2022
UK organisations swift to chide phishing victims
While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated Continue Reading
-
Opinion
22 Feb 2022
Security Think Tank: Good training is all about context
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
News
21 Feb 2022
Zoom gains NCSC Cyber Essentials Plus and NHS security badges
Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats Continue Reading
-
News
21 Feb 2022
Union pushes for collective bargaining around technology and data
Prospect union releases guidance on how workers and unions can engage employers over the use of technology at work, with particular emphasis on the need to include technology provisions in collective bargaining agreements Continue Reading
-
Opinion
18 Feb 2022
Why culture is critical for data integration
For data integration to succeed, the business needs to foster a culture of data sharing and collaboration Continue Reading
-
News
18 Feb 2022
UK organisations untroubled by Trickbot surge
A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected Continue Reading
-
News
16 Feb 2022
DWP data sharing pilot aims for single source of the truth
A pilot to share labour data across government departments aims to develop a safe framework for collaboration and to improve policy-making Continue Reading
-
News
16 Feb 2022
DDoS attacks hit Ukrainian defence ministry and banks
A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region Continue Reading
-
News
16 Feb 2022
BlackCat ransomware gang claims responsibility for Swissport attack
Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm Continue Reading
-
News
16 Feb 2022
CIO interview: Steve Williams, M&A lead and IT director, Waterstons
Steve Williams is applying decades of CIO experience to the advice he gives businesses during major mergers and acquisitions Continue Reading
-
News
15 Feb 2022
Botched third-party configuration exposes Internet Society data to web
Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage Continue Reading
-
News
15 Feb 2022
TA2451 targets aviation and transport sector with tailored lures
Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors Continue Reading
-
Feature
14 Feb 2022
Evolving a data integration strategy
Linking IT systems together is never going away, but the approach CIOs adopt is key to ensuring relevant data feeds the decision-making process Continue Reading
-
News
11 Feb 2022
CMA secures final Privacy Sandbox guarantees from Google
The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser Continue Reading
-
News
11 Feb 2022
Why security professionals should pay attention to what Russia is doing
Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to Continue Reading
-
News
10 Feb 2022
IR35 reforms: HMRC slammed for ‘over-collecting tax’ from non-compliant public sector bodies
HMRC has moved to play down claims it is collecting more tax than it is due when tackling non-compliance with the IR35 reforms in the public sector Continue Reading
-
News
10 Feb 2022
UK second in money laundering hall of shame
Banks need to step up their anti-money laundering processes if billions of pounds’ worth of criminal activity is to be prevented Continue Reading
-
News
09 Feb 2022
Minister defends digital economy legislation before Lords
A digital minister has said that the UK’s forthcoming digital markets legislation is ‘superior’ to similar efforts in the EU, but could not commit to a specific time frame for when it will be introduced to Parliament Continue Reading
-
News
09 Feb 2022
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware Continue Reading
-
News
09 Feb 2022
Ransomware ever more sophisticated and impactful, warns NCSC
UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs Continue Reading
-
News
09 Feb 2022
Microsoft stomps on 48 bugs in February Patch Tuesday update
It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day Continue Reading
-
Opinion
09 Feb 2022
Five key tech trends for digital leaders in 2022
The past two years have seen a surge in investment that will bring new challenges to digital leaders over the next year Continue Reading
-
News
08 Feb 2022
NHS England works with Ada Lovelace Institute to tackle AI bias in healthcare
A guide to algorithmic impact assessments is being used to help developers, data scientists and product owners check bias in healthcare systems Continue Reading
-
News
08 Feb 2022
DPD delivers swift fix for serious API flaw
API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure Continue Reading
-
News
08 Feb 2022
Microsoft to start blocking macros to thwart malware
Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security Continue Reading
-
News
08 Feb 2022
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions Continue Reading