IT governance

IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.

E-Zine 20 Jan 2023
CW APAC January 2023 – Trend Watch: CIO Trends

As we enter a new year, it remains vital for IT leaders to keep track of the latest developments across the industry. In this handbook, focused on CIO trends in the Asia-Pacific region, Computer Weekly looks at predictions for 2023, how the Australian Red Cross managed a donation surge, Mondelez’s digital transformation and Singapore’s public sector IT strategy Continue Reading
E-Zine 21 Nov 2022
CW APAC: Trend Watch: Artificial intelligence in APAC

Artificial intelligence is becoming more commonplace across business. In this handbook, focused on the adoption of the technology in the Asia-Pacific region, Computer Weekly looks at what still stands in its way, Dell’s deep learning model, how AI can realise its potential in healthcare, and the pros and cons of using AI and ML applications in the cloud. Continue Reading

News 03 Feb 2021

‘Classic’ Cerber ransomware targets health sector in high volumes

Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black Continue Reading
News 03 Feb 2021

SolarWinds patches two critical CVEs in Orion platform

New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet Continue Reading
News 01 Feb 2021

Serco confirms Babuk ransomware attack

Outsourcing firm was hit by the ransomware last week but insists most of its operations are running as normal Continue Reading
News 01 Feb 2021

UKRI suspends services after ransomware attack

UK Research and Innovation was hit by an undisclosed strain of ransomware at the end of January Continue Reading
News 01 Feb 2021

CISOs invisible to their organisations, says BT report

Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard Continue Reading
News 01 Feb 2021

IR35 private sector reforms: Zurich Insurance under fire over contractor blanket ban

Zurich Insurance is the latest high-profile financial services company to declare contractors can only continue to engage with it via umbrella setups from April 2021, ahead of the IR35 rules coming into force Continue Reading
News 01 Feb 2021

SBRC picks Check Point to support cyber helpline

The Scottish Business Resilience Centre has enlisted Check Point as the first security supplier to join its incident response partnership programme Continue Reading
News 29 Jan 2021

Hunting and anti-hunting groups locked in tit-for-tat row over data gathering

The leaking of internal documents has prompted a row between pro- and anti-hunting groups about the legality of the other’s data collection practices Continue Reading
News 29 Jan 2021

Biometrics ethics group addresses public-private use of facial recognition

Home Office’s Biometrics and Forensics Ethics Group releases briefing note on the use of live facial recognition in public–private collaborations following a year-long investigation Continue Reading
News 29 Jan 2021

Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters

Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee Continue Reading
News 29 Jan 2021

Manufacturing particularly at risk of Solorigate-linked breaches

Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers Continue Reading
News 27 Jan 2021

Pandemic response has improved privacy posture, says Cisco

Data privacy seems to be ‘coming of age’ to some extent and organisational responses to Covid-19 may be partly responsible, according to a report Continue Reading
News 27 Jan 2021

Mimecast breach was work of SolarWinds attackers

Mimecast’s investigation into a January 2021 breach of its systems turns up evidence that the culprit was the same group that targeted SolarWinds in December Continue Reading
News 27 Jan 2021

Emotet botnet goes offline as cops seize servers

The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement Continue Reading
News 27 Jan 2021

Grindr complaint results in €9.6m GDPR fine

Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices Continue Reading
News 27 Jan 2021

Emergency Apple updates patch exploited zero-days

Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately Continue Reading
Opinion 26 Jan 2021

The ransomware routine: pages from the Secret IR Insider’s diary

The Secret Incident Response Insider shares behind-the-scenes stories of what really happens after organisations are hit by cyber attacks – and shows how they could have been avoided Continue Reading
News 26 Jan 2021

Conservatives broke data law to racially profile millions

The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard Continue Reading
News 26 Jan 2021

North Korean state attacks legitimate security researchers

Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group Continue Reading
News 26 Jan 2021

ICO extends commissioner Denham’s term of office

Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor Continue Reading
News 26 Jan 2021

Cyber fraud a national security issue, says Rusi report

A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud Continue Reading
Opinion 26 Jan 2021

Security Think Tank: Are security teams the unsung heroes of 2020?

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading
Opinion 25 Jan 2021

Security Think Tank: Time to rethink stopgap solutions

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
News 22 Jan 2021

ICO resumes adtech investigation

The UK Information Commissioner’s Office was criticised for ending its investigation into alleged malpractice in advertising technology, but has now resumed its probe Continue Reading
News 22 Jan 2021

Sepa data leaks as agency resists ransom demands

The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation Continue Reading
News 22 Jan 2021

Google threatens to cut off Australia

Google’s threat to end its Australian Search operation comes in the face of new legislation that would force it to pay media publishers for news content Continue Reading
News 21 Jan 2021

Hackney Council tenders for cyber security upgrade

Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council Continue Reading
News 21 Jan 2021

Immigration exemption in data protection law faces further legal challenge

Human rights groups set to take legal challenge against immigration exemption to Court of Appeal on the basis that everyone, regardless of their nationality or residence, should have their fundamental rights and freedoms protected as stated in the GDPR Continue Reading
Feature 21 Jan 2021

How can healthcare organisations fight increased cyber crime in 2021?

As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
News 21 Jan 2021

Two-thirds of CISOs say they’ll be cyber attack victims this year

Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked Continue Reading
News 21 Jan 2021

Interview: Tony Porter, chief privacy officer, Corsight AI

Tony Porter speaks to Computer Weekly about the changes in facial-recognition during his time as surveillance camera commissioner, the ethics of using the technology, and his new role as chief privacy officer at Corsight AI Continue Reading
News 21 Jan 2021

Incompetent cyber criminals leak data in opsec failure

Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals Continue Reading
News 20 Jan 2021

Should I be worried about MFA-bypassing pass-the-cookie attacks?

Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations? Continue Reading
News 20 Jan 2021

Malwarebytes also hit by SolarWinds attackers

The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals Continue Reading
Opinion 20 Jan 2021

Security Think Tank: It’s time to secure the collaboration revolution

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading
News 19 Jan 2021

CIOs blame siloed IT teams and tools for misalignment

The inability of teams to see a single version of the truth is leading to a lot of time wasting among IT departments and businesses Continue Reading
News 19 Jan 2021

Value of GDPR fines shows dramatic increase in 2020

European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise Continue Reading
News 19 Jan 2021

Click fraud levels reach new heights in pandemic

Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike Continue Reading
News 19 Jan 2021

Criminals fiddled stolen Covid-19 vaccine data to damage trust

Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA Continue Reading
Opinion 19 Jan 2021

Security Think Tank: In 2021, enable, empower and entrust your users

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
News 18 Jan 2021

MoD reports 18% rise in data loss incidents

The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO Continue Reading
News 15 Jan 2021

150,000 records accidentally wiped from police systems

Home Office claims data wiped from national police systems only relates to people who have never been convicted of a crime or had further police action taken against them following an arrest Continue Reading
News 15 Jan 2021

US cyber security agencies get $9bn in Biden plan

New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack Continue Reading
News 15 Jan 2021

Coalition proposes secure standard model for Covid-19 passports

Vaccination Credential Initiative is working to ensure that people vaccinated against Covid-19 can access their records in a secure, verifiable and privacy-preserving way Continue Reading
News 14 Jan 2021

All EU states can take data protection cases against Facebook, says EU court

An opinion from the European Court of Justice has the potential to lead to a flood of privacy complaints against Facebook if upheld Continue Reading
Opinion 14 Jan 2021

UK government needs a digital reboot

The appointment of new digital leadership is a welcome start to what – if the UK is to thrive in a post-Covid, post-Brexit world – must become a wholesale reboot of digital government Continue Reading
News 14 Jan 2021

Experian calls for less bureaucratic data regulations

Open banking requires cross-industry collaboration, but sharing personal data requires explicit consent, which can become a bottleneck Continue Reading
News 14 Jan 2021

Old, on-premise systems targeted in Hackney ransomware attack

Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology Continue Reading
News 14 Jan 2021

Unforeseen consequences of new technologies put UK at risk

Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems Continue Reading
Opinion 14 Jan 2021

Security Think Tank: Plan for hybrid working to become normal

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
News 13 Jan 2021

Court to rule on Facebook data sharing after Schrems drops legal challenge against Irish regulator

Irish High Court says it will issue a judgment as soon as possible over a draft decision by Ireland’s data protection commissioner to order Facebook to stop the transfer of data about EU citizens to datacentres in the US Continue Reading
News 13 Jan 2021

World’s largest dark web market disrupted in major police operation

Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline Continue Reading
News 13 Jan 2021

Covid-19 immunity passport tests to begin in UK

A Covid-19 immunity and vaccination passport developed by two UK firms and backed by Innovate UK has entered the live testing phase Continue Reading
News 13 Jan 2021

Stolen Pfizer/BioNTech Covid-19 vaccine data leaked

Data dump understood to include screenshots of emails, peer review information, PDFs and PowerPoint presentations Continue Reading
News 13 Jan 2021

Critical zero-day features in first Patch Tuesday of 2021

Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender Continue Reading
News 12 Jan 2021

Mimecast latest security firm to be compromised

Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident Continue Reading
Feature 12 Jan 2021

Data Dynamics aims at single view of unstructured data

Data volume is ballooning, and storage is becoming more disparate, which makes the need for a single platform to manage storage and compliance a key requirement for organisations Continue Reading
Opinion 12 Jan 2021

Security Think Tank: Time for security teams to learn from Covid

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
News 11 Jan 2021

New SolarWinds CEO sets out rescue plan

Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community Continue Reading
News 11 Jan 2021

Kaspersky claims link between Solorigate and Kazuar backdoors

Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship Continue Reading
Opinion 11 Jan 2021

Security Think Tank: Don’t bet on a new normal just yet

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
Feature 08 Jan 2021

Picking the right IAM tools is based on more than today’s needs

With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure the correct one is chosen Continue Reading
News 08 Jan 2021

Tech sector reacts to Trump social media bans

Facebook, Instagram and others moved to limit US president’s social media access after the violence in Washington DC, but experts have condemned them for acting too slowly, while disinformation about the riots persists Continue Reading
News 08 Jan 2021

Brexit deal grants UK temporary data adequacy

The EU-UK Brexit deal has granted the UK temporary data adequacy to allow for the continued flow of data across borders, but the agreement has divided data protection experts Continue Reading
Feature 08 Jan 2021

The nation state threat to business

The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
News 08 Jan 2021

Which? online banking investigation reveals ‘worrying gaps’ in security

Consumer rights organisation has ranked the security of UK online current account providers Continue Reading
News 07 Jan 2021

Biden picks cyber veteran to reinvigorate security response

Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration Continue Reading
Opinion 07 Jan 2021

The five tenets of quality ITAM

At the end of last year we looked at some of ITAM’s failings. This time we explore how to improve ITAM Continue Reading
News 07 Jan 2021

Hackney Council data leaked by Pysa ransomware gang

Council data stolen in October is leaked online in a double extortion attack Continue Reading
News 07 Jan 2021

Robust member administration system indispensable for Dutch Coeliac Society

Organisation had to find a dedicated member administration system to support existing members, new members and countless volunteers Continue Reading
News 06 Jan 2021

WikiLeaks founder Julian Assange to remain in prison despite winning extradition battle

Judge cites Assange’s support of NSA whistleblower as one of the reasons for him being at high risk of absconding. He will remain in Belmarsh prison until the US government completes its appeal Continue Reading
News 06 Jan 2021

SolarWinds attack almost certainly work of Russian spooks

Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays Continue Reading
Opinion 05 Jan 2021

Security Think Tank: Cyber effectiveness, efficiency key in 2021

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
News 04 Jan 2021

WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules

Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal Continue Reading
Opinion 04 Jan 2021

Security Think Tank: The year of the work-from-home hangover

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
News 04 Jan 2021

Journalists’ FOI bids stayed as court reconsiders freedom of information rights of people outside UK

Tribunal questions whether people without a British passport or Britons living overseas are eligible to use the UK’s Freedom of Information Act Continue Reading
News 31 Dec 2020

Top 10 investigations and national security stories of 2020

Here are Computer Weekly’s top 10 investigations and national security stories of 2020 Continue Reading
News 31 Dec 2020

Top 10 technology and ethics stories of 2020

Here are Computer Weekly’s top 10 technology and ethics stories of 2020 Continue Reading
Feature 30 Dec 2020

How to monitor remote workers humanely

Monitoring employees who work remotely has taken on a whole extra dimension in the Covid-19 pandemic year of 2020. Financial services firms are among those which suggest ways of doing it humanely and legally Continue Reading
News 30 Dec 2020

Top 10 Benelux IT stories of 2020

Here are Computer Weekly’s top 10 Benelux IT stories of 2020 Continue Reading
News 24 Dec 2020

Top 10 Middle East stories of 2020

Here are Computer Weekly’s top 10 Middle East stories of 2020 Continue Reading
Feature 24 Dec 2020

Security Long Reads: Cyber insiders reveal what’s to come in 2021

In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
Opinion 24 Dec 2020

How to manage non-human identities

Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach Continue Reading
Opinion 23 Dec 2020

It’s time to accept that disinformation is a cyber security issue

Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge Continue Reading
Feature 23 Dec 2020

Patching: Balancing technical requirements with business considerations

With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
News 23 Dec 2020

Top 10 startup stories of 2020

Here are Computer Weekly’s top 10 startup stories of 2020 Continue Reading
News 22 Dec 2020

Ministry of Justice in the dock for catalogue of serious data breaches

Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading
News 21 Dec 2020

Top 10 enterprise IT in the Nordics stories of 2020

Here are Computer Weekly’s top 10 Nordic enterprise IT stories of 2020 Continue Reading
News 18 Dec 2020

Utility supplier People’s Energy has entire customer list stolen

All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident Continue Reading
News 18 Dec 2020

SolarWinds cyber attack is ‘grave risk’ to global security

More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear Continue Reading
News 17 Dec 2020

Post Office suffers latest court defeat in Horizon IT scandal

Court of Appeal indicates subpostmasters can pursue appeal route that could do more damage to Post Office’s reputation Continue Reading
News 17 Dec 2020

EU security strategy a ‘step up’ on cyber leadership, says Brussels

The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading
News 17 Dec 2020

NHS Scotland taps Check Point to secure Covid-19 data

NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus Continue Reading
News 17 Dec 2020

UK police unlawfully processing over a million people’s data on Microsoft 365

The roll-out of Microsoft 365 to dozens of UK police forces may be unlawful, because many have failed to conduct data protection checks before deployment and hold no information on their contracts Continue Reading
Opinion 16 Dec 2020

What is wrong with ITAM?

IT asset management should be an important pillar in an organisation's digital transformation journey, but it doesn't seem to be working Continue Reading
News 15 Dec 2020

UK government unveils details of upcoming online harms rules

Online Harms Bill due early 2021 will introduce GDPR-style fines for technology companies that breach online duty of care rules Continue Reading
News 15 Dec 2020

SolarWinds cyber attack: How worried should I be, and what do I do now?

Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next? Continue Reading
News 15 Dec 2020

Air purifier manufacturer creates IoT service in the cloud

Sweden’s Blueair introduces new functionality for customers through a cloud-based internet of things platform Continue Reading
Opinion 15 Dec 2020

Driving innovation in government

An insider's perspective on the organisation, culture and methods used to drive innovation in the Department for Work and Pensions Continue Reading
News 14 Dec 2020

FireEye identifies flaw in networking monitoring software as US agencies attacked

Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software Continue Reading