IT governance

IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.

Feature 11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI

Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
News 24 Apr 2023
Finland and Estonia deepen cross-border digital partnerships

Finland and Estonia, two global tech pioneers, are increasingly sharing their expertise Continue Reading

News 21 Apr 2023

CyberUK 23: New advice on smart city security issued

The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities Continue Reading
News 21 Apr 2023

Prototype cyber tech has revolutionary potential

The so-called CHERI protection model developed at the University of Cambridge is showing great promise for future cyber security technologies Continue Reading
News 20 Apr 2023

Bumblebee malware flies on the wings of Zoom and ChatGPT

Bumblebee malware, often used as a stepping stone to ransomware, is now spreading via trojanised installers for popular software applications Continue Reading
E-Zine 20 Apr 2023

CW APAC April 2023 – Trend Watch: Business applications

Tech’s role in the workplace continues to grow. In this handbook, focused on business applications in the Asia-Pacific region, Computer Weekly looks at industry cloud platforms, how microservices improve customer experience, what automation brings to banking and Rimini Street’s approach to third-party support. Continue Reading
News 20 Apr 2023

New GovAssure cyber regime launches across UK government

An enhanced cyber security regime is being put in place to better protect UK government IT systems from growing threats Continue Reading
News 19 Apr 2023

CyberUK 23: Irresponsible use of commercial hacking tools a rising threat

Commercial cyber tools and hackers-for-hire pose a growing threat to organisations and individuals worldwide, according to an NCSC report Continue Reading
News 19 Apr 2023

TUC says government is failing to protect workers from AI harms

TUC issues warning about artificial intelligence leading to more widespread workplace discrimination if the right checks are not put in place Continue Reading
News 19 Apr 2023

UK plc sees fewer cyber breaches and attacks, but lacks resilience

Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears poor Continue Reading
News 19 Apr 2023

Surrey and Sussex police spared fines after recording 200,000 phone calls without people’s knowledge

Police forces escape potential £1m fines following change of policy by ICO to protect the finances of public sector bodies Continue Reading
News 19 Apr 2023

IT Priorities 2023: Budget optimism among EMEA IT leaders

IT leaders across the EMEA region are optimistic that their budgets will increase over the coming year Continue Reading
News 19 Apr 2023

CyberUK 23: NCSC launches Cyber Advisor service for SMEs

The UK’s NCSC has launched an industry assurance scheme designed to address the needs of SMEs, and is calling for potential advisors to step up and help out Continue Reading
News 19 Apr 2023

CyberUK 23: NCSC CEO calls for collaboration and warns against complacency

NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency Continue Reading
News 19 Apr 2023

CyberUK 23: Alert over mercenary Russian threat to CNI

Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned Continue Reading
Opinion 18 Apr 2023

Cloud identity: Are you who you say you are?

As identity, rather than networking segmentation, becomes the primary determining factor in accessing cloud resources. ISACA’s Ser Yoong Goh highlights three trends driving cloud IAM Continue Reading
News 18 Apr 2023

CyberUK 23: NCSC conference centres cyber collaboration

The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda Continue Reading
News 18 Apr 2023

Focus on these three risky behaviours to boost cloud security

Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report Continue Reading
News 18 Apr 2023

UK presses on with post-Brexit data protection reform

The revised version of the Data Protection and Digital Information Bill has had its second reading in Parliament as the government presses on with post-Brexit changes, but critics remain sceptical that the EU will be convinced to maintain the UK's data adequacy agreement Continue Reading
News 17 Apr 2023

Charity data stolen in ransomware attack on supplier

A number of charities in Ireland and the UK have had their data compromised following a ransomware attack on an IT supplier Continue Reading
Feature 17 Apr 2023

Belgian experts take on data challenges

Having been involved in storage and data management for more than two decades, Belgian experts are positioned to help tackle the challenges brought on by a growing volume of unstructured data Continue Reading
News 14 Apr 2023

Former TSB CIO fined for migration meltdown

Both TSB and its CIO have now been fined for the catastrophic migration of TSB’s core banking system Continue Reading
News 13 Apr 2023

UK joins key allies to launch secure-by-design guidelines

The UK has joined international partners in sharing new advice to help technology companies embed security into the product design and development process Continue Reading
News 13 Apr 2023

Italy to lift ChatGPT ban subject to new data protection controls

Italian regulator will lift its ban on OpenAI’s ChatGPT subject to a strict new data protection regime Continue Reading
Opinion 13 Apr 2023

With cyber attacks on the rise, businesses should prepare for quantum hacks now

Advances in quantum computing have brought the world is on the cusp of a technological revolution, but it is not without risk. Find out why you should start to prepare for post-quantum cryotography today. Continue Reading
News 13 Apr 2023

ICO responds to UK government AI regulation plans

The ICO has officially responded to the government’s plans for regulating artificial intelligence as outlined in its recent whitepaper, but called for clarity on certain aspects before the proposals are taken further Continue Reading
News 12 Apr 2023

UK police double down on ‘improved’ facial recognition

The Met and South Wales Police have doubled down on their use of facial recognition technology after research found improved accuracy in their algorithms when using certain settings, but civil society groups maintain that the tech will still be used in a discriminatory fashion Continue Reading
News 12 Apr 2023

April Patch Tuesday fixes zero-day used to deliver ransomware

A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update Continue Reading
News 12 Apr 2023

Gartner: Rebalance cyber investment towards human-centric elements

Security decision-makers need to reprioritise their investment outlooks towards people, rather than technology, according to the latest market forecast from Gartner Continue Reading
News 11 Apr 2023

Anne Keast-Butler named as new director of GCHQ

The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ Continue Reading
News 11 Apr 2023

KFC, Pizza Hut data stolen in January ransomware attack

Yum!, the parent organisation behind KFC and Pizza Hut in the UK, has disclosed that employee data was accessed and exfiltrated in a January 2023 ransomware attack Continue Reading
Opinion 11 Apr 2023

Security Think Tank: Adopt a coherent framework for ID first security

With IAM central to enabling appropriate access to cloud-based services, identity first security is becoming a key trend for IAM in the cloud. Continue Reading
News 06 Apr 2023

IBM's Nataraj Nagaratnam on the cyber challenges facing cloud services

Governments are introducing increasingly prescriptive data protection policies, but with organisations becoming ever more reliant on multiple cloud service platforms for essential business needs, how can they ensure they meet regulatory requirements? Continue Reading
News 06 Apr 2023

Prioritise automated hardening over traditional cyber controls, says report

A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way Continue Reading
Feature 06 Apr 2023

Inspired by the human brain, Belgian researchers develop a new generation of sensors

Belgian researchers have found ways of mimicking the human brain to improve sensors and the way they pass data to central computers Continue Reading
News 05 Apr 2023

Italy’s ChatGPT ban: Sober precaution or chilling overreaction?

Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms? Continue Reading
News 05 Apr 2023

Scottish police tech piloted despite major data protection issues

Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk Continue Reading
News 04 Apr 2023

TikTok fined in UK over unlawful use of children’s data

The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13 Continue Reading
News 04 Apr 2023

Over 90% of organisations find threat hunting a challenge

Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report Continue Reading
News 03 Apr 2023

Better SME connectivity could contribute more than £5bn a year to local economies

Operator research finds almost two-thirds of small to medium-sized enterprises in UK’s second city reveal their business could grow faster if they had access to better tech Continue Reading
News 03 Apr 2023

CIO interview: Carter Busse, CIO, Workato

Workato CIO Carter Busse talks up the company’s approach towards automation and its efforts to drive the technology across its business Continue Reading
News 31 Mar 2023

Mounting Russian disinformation campaign targeting Arab world

Researchers have found evidence of a broad Russian disinformation campaign targeting Arabic-speakers in the Middle East and North Africa Continue Reading
News 31 Mar 2023

Ukrainians bust cyber criminals who stole over £3m across Europe

Ukrainian police have arrested members of a cyber crime gang who stole and embezzled millions of pounds from victims across Europe Continue Reading
News 30 Mar 2023

OSC&R supply chain security framework goes live on Github

The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework Continue Reading
News 30 Mar 2023

NCSC issues revised security Board Toolkit for business leaders

National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools Continue Reading
News 30 Mar 2023

UK government study reveals 50,000 people employed in AI sector

Government publishes baseline analysis of UK artificial intelligence sector as it pins hopes on future growth Continue Reading
News 30 Mar 2023

NHS Highland rapped over data breach affecting HIV patients

NHS Highland inadvertently exposed the personal data of individuals likely to be accessing HIV services in a lapse of email hygiene Continue Reading
News 30 Mar 2023

Reactive approach to cyber procurement risks damaging businesses

Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes Continue Reading
Opinion 30 Mar 2023

Preventing artificial deception in the age of AI

The proposals contained in Westminster’s AI whitepaper are a good start, but more creative thinking and investment will be required to achieve a truly pro-innovation regulatory environment Continue Reading
Podcast 29 Mar 2023

Podcast: Cloud storage, data protection and compliance

The lure of cloud storage hides its drawback, namely that you can lose control of it from a compliance perspective. We talk to Mathieu Gorge, CEO of Vigitrust, about how to tame it Continue Reading
News 29 Mar 2023

UK government publishes AI whitepaper

Artificial intelligence whitepaper outlines UK government’s proposals to regulate the technology, which are based around creating an agile, “pro-innovation” framework Continue Reading
News 29 Mar 2023

Generative AI presents opportunities and challenges to UK schools

Generative AI and LLMs hold great potential for use in the classroom, but the privacy and security implications of its use must be carefully considered, says the Department for Education Continue Reading
News 28 Mar 2023

Alan Turing Institute unveils strategy to support UK AI

The strategy is built around helping the UK government realise its artificial intelligence ambitions, and focuses on areas where the UK can play a transformative role in shaping AI development Continue Reading
News 28 Mar 2023

Microsoft expands AI Copilot project into security realm

New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams Continue Reading
News 28 Mar 2023

How ChatGPT will become a programmer’s best friend

ChatGPT has shown it can produce code. It can also identify bugs and even figure out what a code snippet is trying to do Continue Reading
News 28 Mar 2023

Europol warns cops to prep for malicious AI abuse

In a report looking at how large language models can be used by criminals, Europol’s Innovation Lab calls on law enforcement agencies to prepare themselves for wide-ranging impacts on their work Continue Reading
News 28 Mar 2023

Ethical hackers urged to respond to Computer Misuse Act reform proposals

The deadline for submissions to the government’s consultation on reform of the Computer Misuse Act is fast approaching, and ethical hackers and security experts need to make their voices heard, says Bugcrowd Continue Reading
E-Zine 28 Mar 2023

Is TikTok really a security threat to your business?

In this week’s Computer Weekly, with the UK government becoming the latest administration to ban TikTok, we ask whether the controversial social media app is really a security threat to enterprises. Technology guru Bruce Schneier tells us about the need to take back control of AI and the personal data it relies on. And we look at how firms are trying – and failing – to make AI work for online content moderation. Read the issue now. Continue Reading
News 27 Mar 2023

Many of world’s biggest banks lack transparent policies for responsible AI

It is unclear whether many of the world’s largest banks have adopted and are using ethical artificial intelligence development principles Continue Reading
Feature 27 Mar 2023

How APCOA is using big data to reinvent car parks

Car park operator APCOA is using big data to transform traditional car parks into mobility hubs that will offer electric vehicle charging, space for small businesses and depots for delivery companies Continue Reading
News 27 Mar 2023

Lords AI weapons committee holds first evidence session

In first evidence session of Lords AI weapons committee, expert witnesses unpack claims that artificial intelligence in weapon systems will help military organisations to improve their compliance with international humanitarian law Continue Reading
News 27 Mar 2023

France latest to ban TikTok on government devices

Following bans in the UK and US, France has moved to enact restrictions on TikTok, and other social media apps, on government devices Continue Reading
News 22 Mar 2023

Government launches seven-year NHS cyber strategy

The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike Continue Reading
News 21 Mar 2023

Hitachi Energy emerges as victim of Clop gang’s Fortra attack

The power and energy division of Japanese conglomerate Hitachi has disclosed that it has fallen victim to a Clop cyber attack, but insists customer data is safe Continue Reading
News 21 Mar 2023

Ferrari rejects ransom demand after cyber attack

Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data Continue Reading
News 21 Mar 2023

Ransomware gangs harass victims to ‘bypass’ backups

Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order Continue Reading
News 20 Mar 2023

BBC cracks down on TikTok after review

The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences Continue Reading
News 17 Mar 2023

CIO interview: Russ Thornton, chief technology officer, Shawbrook Bank

Russ Thornton swapped life on the theatre podium for financial services IT, but thrives in an environment where orchestrating IT teams is a core skill Continue Reading
News 17 Mar 2023

UK government to create code of practice for generative AI firms

The code will look to strike a balance between copyright holders and generative AI firms so that both parties can benefit from the use of copyrighted material in training data Continue Reading
Feature 17 Mar 2023

The changing role of the CIO from a Finnish perspective

A small country with a sophisticated workforce, Finland has its own perspective on how IT leadership is changing in both the public and private sector Continue Reading
News 16 Mar 2023

BEC attacks doubled in 2022, outstripping ransomware

Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks Continue Reading
News 16 Mar 2023

TikTok banned on UK government devices

The UK government has followed in the footsteps of its US and European counterparts and banned the use of Chinese social media app TikTok on official devices Continue Reading
News 15 Mar 2023

Chinese Silkloader cyber attack tool falls into Russian hands

A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators Continue Reading
News 15 Mar 2023

Microsoft patches Outlook zero-day for March Patch Tuesday

A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading
News 14 Mar 2023

AI interview: Elke Schwarz, professor of political theory

Elke Schwarz speaks with Computer Weekly about the ethics of military artificial intelligence and the dangers of allowing governments and corporations to push forward without oversight or scrutiny Continue Reading
News 13 Mar 2023

MI5 to oversee new National Protective Security Authority

The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets Continue Reading
Feature 13 Mar 2023

Generative AI at watershed moment with spate of legal challenges

Just over 20 years ago, Napster was closed on copyright grounds for allowing users to access digital copies of music for free. Now, a spate of legal cases have experts questioning whether OpenAI and other generative AI innovators will go the same way Continue Reading
Feature 13 Mar 2023

Gartner: Use digital to achieve sustainability goals

Sustainability guides decision-making by incorporating economic, social and environmental impacts. Gartner looks at digital technology’s role Continue Reading
News 10 Mar 2023

Technology minister Michelle Donelan defends data reforms

Secretary of state Michelle Donelan has defended the government’s new data reforms as providing certainty for businesses while simultaneously retaining high standards of data protection, but industry figures are having mixed reactions Continue Reading
News 08 Mar 2023

UK government introduces revised data reform bill to Parliament

Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards Continue Reading
Feature 07 Mar 2023

What can security teams learn from a year of cyber warfare?

With the passing of the first anniversary of Russia’s invasion of Ukraine, we reflect on the ongoing cyber war, and ask what security leaders can learn from the past 12 months Continue Reading
News 07 Mar 2023

Taking back control: Could a distributed model breed a better AI?

AI tools such as ChatGPT are trained on datasets scraped from the web, but you don’t have much say if your data is used. Technologist Bruce Schneier says it’s time to give control of AI training data back to the people Continue Reading
Podcast 06 Mar 2023

Podcast: 2023 compliance and storage outlook

Geopolitical instability casts its shadow as organisations must think about cyber attacks, data location and what to do if things change quickly. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading
News 06 Mar 2023

Lords Committee to investigate use of AI-powered weapons systems

House of Lords to investigate the use of artificial intelligence in weapons systems, following UK government publication of AI defence strategy in June 2022 Continue Reading
Opinion 05 Mar 2023

Computer says no. Will fairness survive in the AI age?

New forms of regulation will be needed to safeguard against the risks posed by AI Continue Reading
News 03 Mar 2023

White House unveils National Cybersecurity Strategy

The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise Continue Reading
News 02 Mar 2023

AI interview: Michael Osborne, professor of machine learning

Artificial intelligence researcher speaks with Computer Weekly about the implications of a market-driven AI arms race and the overwhelming dominance of the private sector over the technology Continue Reading
Feature 01 Mar 2023

Backup testing: The why, what, when and how

We look at backup testing – why you should do it, what you should do, when you should do it, and how, with a view to the ways in which it will be made easier by forthcoming developments in backup software Continue Reading
News 28 Feb 2023

Industrial safetytech startups secure £150m funding since 2020

Industrial safetytech investment reached a record high of $100m in 2021, and remains significantly ahead of pre-pandemic funding levels despite a dip in 2022 Continue Reading
News 28 Feb 2023

Post Office’s most senior executives hushed up Horizon errors, public inquiry told

The Post Office messaging strategy was designed to reassure staff that the Horizon accounting system was robust after Computer Weekly first revealed problems in 2009 Continue Reading
Opinion 28 Feb 2023

Security Think Tank: Training can no longer be a compliance exercise

Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading
Opinion 28 Feb 2023

Software for environmental, social, and corporate governance

In the last few years there has been an explosion in software to track and report on ESG data in financial services. What are the main features to look out for? Continue Reading
News 27 Feb 2023

Advanced digital resiliency can save organisations millions

Businesses that build out their digital resiliency are not only more secure, they also have more opportunities to innovate with IT Continue Reading
Opinion 27 Feb 2023

Cyber training in 2023 needs to drive measurable change

2023 will see more focus on security training programmes that not only provide employees with an understanding of the risks they face but more importantly drive measurable behavioural change, says PA Consulting’s Richard Allen Continue Reading
News 27 Feb 2023

How Dell is future-proofing its business

Dell Technologies is building a more resilient supply chain, investing in growth areas like edge and multicloud, and responding to shifts in consumption models to position itself for long-term growth Continue Reading
News 24 Feb 2023

UK police have ‘culture of retention’ around biometric data

A culture of retention around biometric data in UK policing is damaging public trust, says UK biometrics commissioner, who is calling for clear regulation to govern police use of biometric technologies Continue Reading
News 22 Feb 2023

UK HSE to launch regulatory sandbox for industrial safety tech

The sandbox will see the regulator work with industry and tech startups to accelerate the development and adoption of a range of safety-related technologies, with a particular emphasis on data and analytics Continue Reading
News 22 Feb 2023

UK forces lead live-fire cyber war exercise

The seven-day Defence Cyber Marvel 2 exercise put cyber responders from 11 countries through their paces Continue Reading
News 22 Feb 2023

Half of cyber leaders to switch jobs by 2025, citing stress

A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study Continue Reading
News 21 Feb 2023

Royal Mail resumes full export service after cyber attack

Royal Mail resumes the last of its international services as it recovers from a ransomware attack, while the Post Office offers postmasters compensation for their lost business Continue Reading
News 21 Feb 2023

Care provider’s IT capability expands to support wider sector and beyond

Care Plus’s IT operation went from being under NHS control to an autonomous department selling its services Continue Reading
Opinion 21 Feb 2023

Cyber security training: Insights for future professionals

Future cyber security professionals need soft skills as well as technical ones, says security educator Sudeep Subramanian Continue Reading