IT for consulting and business services
Companies in the consulting and business services industries often have specialist needs that require effective use of IT. Law firms, consultancies, accountants, recruitment firms and other advisory services use innovative technology to deliver business benefits, and you can read our news and analysis of the key trends and what they mean to you
-
News
01 Feb 2023
Cloud security top risk to enterprises in 2023, says study
A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year Continue Reading
-
News
01 Feb 2023
UK Cyber Council and ISACA launch audit, assurance programme
The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros Continue Reading
-
News
25 Jul 2022
Umbrella IT contractors could get back-dated holiday pay windfall following Supreme Court ruling
Umbrella industry stakeholders weigh-up the financial implications of a Supreme Court ruling, which could pave the way for IT contractors to submit back-dated claims for holiday pay Continue Reading
-
News
25 Jul 2022
Latest Atlassian Confluence vulnerability raises concerns
CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading
-
News
25 Jul 2022
The Security Interviews: Why you need to protect abandoned digital assets
The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias Continue Reading
-
News
22 Jul 2022
Russia could become the world’s largest market for illegal IT
Russia could become the biggest market for illegal IT equipment as companies try to get round sanctions imposed on the country Continue Reading
-
News
21 Jul 2022
Buy ‘plug-n-play’ malware for the price of a pint of beer
Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report Continue Reading
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
-
News
20 Jul 2022
Cato aims to bust cyber myths as it extends network protections
Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading
-
News
19 Jul 2022
European IT services see bumper quarter, but signs of slowing emerge
Spending on IT and BPO services in Europe saw significant growth in the past quarter, but there are signs of a slowdown Continue Reading
-
News
18 Jul 2022
US cyber agency CISA to open London office
The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America Continue Reading
-
News
15 Jul 2022
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
-
News
14 Jul 2022
Global IT services market shows signs of slowing
Spending on IT and business process services could be set to reduce over the coming months as the latest ISG figures show early signs of decline Continue Reading
-
News
14 Jul 2022
ICO wants to ‘empower people through information’
Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society Continue Reading
-
News
13 Jul 2022
Slippery phish wriggles around MFA protections, says Microsoft
Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence Continue Reading
-
News
13 Jul 2022
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on Continue Reading
-
News
12 Jul 2022
MaliBot Android malware spreading fast, says Check Point
The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point Continue Reading
-
News
12 Jul 2022
Microsoft Windows Autopatch now generally available
Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service Continue Reading
-
News
11 Jul 2022
Microsoft VBA macro block will return
Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure Continue Reading
-
Opinion
11 Jul 2022
Cyber insurance: An effective use of your scant security budget?
The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading
-
News
08 Jul 2022
Stop telling clients to pay ransomware gangs, solicitors told
The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims Continue Reading
-
News
08 Jul 2022
Microsoft appears to reverse VBA macro-blocking
Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading
-
Opinion
08 Jul 2022
Lots to consider when buying cyber insurance, so do your homework
When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading
-
News
07 Jul 2022
MI5, FBI chiefs warn of Chinese cyber espionage threat
In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests Continue Reading
-
Opinion
07 Jul 2022
Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it
In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading
-
News
05 Jul 2022
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams Continue Reading
-
News
05 Jul 2022
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country Continue Reading
-
Opinion
01 Jul 2022
Security Think Tank: Now is the time to think about cyber insurance
Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs Continue Reading
-
News
29 Jun 2022
New cyber extortion op appears to have hit AMD
Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data Continue Reading
-
News
27 Jun 2022
Brexit a net negative for UK cyber, say CISOs
Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe Continue Reading
-
News
27 Jun 2022
LockBit ransomware gang launches bug bounty programme
A bug bounty programme is among a number of features LockBit’s developers have added to ‘version 3.0’ of the ransomware Continue Reading
-
Feature
27 Jun 2022
The cyber security impact of Operation Russia by Anonymous
The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading
-
News
24 Jun 2022
Black Basta ransomware crew aiming for ‘big leagues’
Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason Continue Reading
-
News
24 Jun 2022
US cyber agency in fresh warning over Log4Shell risk to VMware
Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability Continue Reading
-
Opinion
24 Jun 2022
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
Opinion
23 Jun 2022
What will the Data Reform Bill mean for UK businesses operating in the EU?
Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading
-
Opinion
23 Jun 2022
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
Opinion
22 Jun 2022
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
News
21 Jun 2022
Government won’t regulate on professional cyber standards
The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession Continue Reading
-
News
21 Jun 2022
New coalition lifts Finland’s 6G status
Finland is laying the foundations for future European leadership in 6G research and development Continue Reading
-
Opinion
21 Jun 2022
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
News
20 Jun 2022
Tribunal rules in favour of HMRC as it pursues umbrella company for £11m in unpaid tax
Umbrella firm Exchequer Solutions said it plans to appeal against the outcome of a First-Tier Tribunal, which claims it owes in excess of £11m in unpaid tax relating to its handling of contractor expenses Continue Reading
-
News
17 Jun 2022
British businesses to recognise Google skills certificates
Google training programmes are being made available to more people in the UK as part of an initiative from the supplier and major UK businesses Continue Reading
-
News
17 Jun 2022
Government responds to Data Reform Bill consultation
Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit Continue Reading
-
Opinion
17 Jun 2022
Consider governance, coordination and risk to secure supply chain
A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
-
News
16 Jun 2022
Loan charge MPs want contractor adviser community to participate in latest call for evidence
Loan Charge and Taxpayer Fairness All-Party Parliamentary Group seeks input from accountants, lawyers and tax advisers who work with contractors in-scope of the loan charge policy Continue Reading
-
News
16 Jun 2022
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
-
Opinion
16 Jun 2022
Security Think Tank: Best practices for boosting supply chain security
In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading
-
News
15 Jun 2022
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
-
Opinion
15 Jun 2022
Security Think Tank: Basic steps to secure your supply chain
When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading
-
News
14 Jun 2022
MS Azure Synapse vulnerability fixed after six-month slog
Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
-
Opinion
10 Jun 2022
Security Think Tank: Don’t trust the weakest link? Don’t trust any link
Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must Continue Reading
-
News
10 Jun 2022
Snake Keylogger climbing malware charts, says Check Point
Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers Continue Reading
-
News
08 Jun 2022
ProxyLogon, ProxyShell may have driven increase in dwell times
The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data Continue Reading
-
News
30 May 2022
UAE residents think 3D printing will have the most positive impact on society
People in the UAE believe next-generation technologies such as 3D printing and artificial intelligence will become widespread in the country Continue Reading
-
Opinion
30 May 2022
Strong internal foundations are key to withstanding external threats
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
26 May 2022
Two-thirds of UK organisations defrauded since start of pandemic
Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report Continue Reading
-
News
26 May 2022
Dutch companies struggle to fill tech jobs
There are plenty of IT job vacancies in the Netherlands, but a shortage of IT professionals Continue Reading
-
News
25 May 2022
IR35 reforms: PAC report blames HMRC for ‘widespread non-compliance’ in public sector
The Public Accounts Committee has shared the findings of its report into the after-effects of the IR35 reforms coming into force in the public sector back in April 2017 Continue Reading
-
News
24 May 2022
Ransomware volumes grew faster than ever in 2021
Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody Continue Reading
-
Opinion
18 May 2022
Security Think Tank: To follow a path, you need a good map
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
17 May 2022
(ISC)² to train 100,000 cyber pros in UK
Security association (ISC)² unveils ambitious UK training programme Continue Reading
-
News
11 May 2022
CyberUK 22: Five Eyes focuses on MSP security
The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves Continue Reading
-
News
11 May 2022
Cyber accreditation body Crest forges new training partnerships
Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills Continue Reading
-
News
11 May 2022
Microsoft fixes three zero-days on May Patch Tuesday
It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days Continue Reading
-
News
11 May 2022
Queen’s Speech: Employment Bill omission suggests further delays to umbrella market regulation
Contracting market stakeholders were hoping for some clarification on the delivery timeline for umbrella market regulation in the Queen’s Speech, but none was forthcoming Continue Reading
-
News
10 May 2022
CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy
On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy Continue Reading
-
News
10 May 2022
CyberUK 22: NCSC refreshes cloud security guidance
The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading
-
News
28 Apr 2022
Ransomware recovery costs dwarf actual ransoms
The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data Continue Reading
-
News
27 Apr 2022
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading
-
News
27 Apr 2022
Ransomware victims paying out when they don’t need to
Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to Continue Reading
-
News
27 Apr 2022
Government digital ignorance puts Dutch economy at risk
In this interview, Michiel Steltman, managing director of Digital Infrastructure Netherlands, tells Computer Weekly why the Dutch digital economy is at risk due to a lack of knowledge and understanding at government level Continue Reading
-
News
26 Apr 2022
BCS passes defiant Ukrainian tech industry message to its members
BCS, the Chartered Institute for IT, has passed on a message from Ukrainian IT suppliers that the country is open for, and in need of, business Continue Reading
-
News
26 Apr 2022
Emotet tests new tricks to thwart enhanced security
The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users Continue Reading
-
News
13 Apr 2022
WatchGuard firewall users urged to patch Cyclops Blink vulnerability
The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading
-
News
13 Apr 2022
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading
-
News
07 Apr 2022
European IT and BPO outsourcing off to strong start
European IT and business process outsourcing services continue to increase rapidly, with cloud-based services now more than half of the total Continue Reading
-
News
06 Apr 2022
IR35 reforms: Private sector warned HMRC's 12-month 'light-touch' enforcement period is ending
HMRC confirmed, in the lead up to the IR35 reforms coming into force in the private sector in April 2021, that it would be taking a ‘light-touch’ approach to enforcing the rules for 12 months. And that grace period ends today Continue Reading
-
News
05 Apr 2022
Triple-threat Borat malware no joke for victims
Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros Continue Reading
-
News
05 Apr 2022
Saudi Arabian ICT sector hits $32.1bn after strong pandemic response
The Saudi Arabian IT and communications sector is recovering strongly from the Covid-19 pandemic Continue Reading
-
News
04 Apr 2022
Environmental campaigners halt Meta datacentre construction in the Netherlands
Datacentre being built to serve ‘metaverse’ worlds would consume nearly half as much energy as all other datacentres in the country Continue Reading
-
News
01 Apr 2022
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading
-
News
30 Mar 2022
One-third of UK firms suffer a cyber attack every week
New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors Continue Reading
-
News
30 Mar 2022
CIO interview: Spencer Clarkson, CTO, Verastar
Digital transformation and unifying customer relationship management systems are driving the business services group forward Continue Reading
-
Feature
30 Mar 2022
Recruitment risks: Avoiding the dangers of fraudulent candidates
Tech companies are seeing an increase in fraudulent job applications, with associated impacts on risk and cyber security. So how can organisations protect themselves from fraudulent applicants while ensuring they recruit the best talent? Continue Reading
-
News
29 Mar 2022
NCSC: Not necessarily wise to ditch Kaspersky
UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates Continue Reading
-
News
29 Mar 2022
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
-
News
28 Mar 2022
Most big businesses are taking up banking as a service
API-based banking services allow corporate customers to offer financial services without the need for heavy tech development or regulatory approval Continue Reading
-
News
23 Mar 2022
Umbrella company Workwell refutes contractor’s ‘withheld holiday pay’ claim
A dispute between a contractor and their former umbrella company shines a light once more on the knotty issue of holiday pay Continue Reading
-
Opinion
22 Mar 2022
Revised scope of UK security strategy reflects digitised society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF Continue Reading
-
News
21 Mar 2022
Teleperformance’s robotic process automation increases job satisfaction
A project to introduce software robots at the Dutch arm of Teleperformance has been adopted globally Continue Reading
-
Opinion
21 Mar 2022
UK Cyber Strategy a welcome injection of progress
The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber Continue Reading
-
News
18 Mar 2022
Ukrainian cyber defences prove resilient
Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks Continue Reading
-
Opinion
18 Mar 2022
National Cyber Strategy will enhance UK’s cyber power status
The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of Airbus Cybersecurity Continue Reading
-
News
16 Mar 2022
German authorities warn on Kaspersky but stop short of ban
Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine Continue Reading
-
Opinion
15 Mar 2022
How cyber security teams can conquer the four-day working week
The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition Continue Reading
-
News
15 Mar 2022
Cross-party group of MPs calls on Loan Charge contractors to participate in call for evidence
The Loan Charge and Taxpayer Fairness All Party Parliamentary Group is seeking input from contractors about the real-world toll the loan charge policy is having on them Continue Reading
-
News
15 Mar 2022
IR35 private sector reforms one year on: Assessing the impact on the UK’s tech talent pool
With the first anniversary of the IR35 reforms taking effect in the private sector fast approaching, IT contractors set out how the changes have affected their ability to find work in the UK Continue Reading
-
Feature
14 Mar 2022
How can I avoid an exodus of cyber talent linked to stress and burnout?
Cyber security professionals have played a crucial role during the pandemic, yet many feel like their employers aren’t providing adequate mental health support and have considered quitting their jobs as a result. What can employers do to help them? Continue Reading
-
Opinion
10 Mar 2022
National Cyber Strategy misses the mark in one important way
The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way Continue Reading
-
News
10 Mar 2022
Tech brands sign on to HackerOne responsible security drive
Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices Continue Reading
-
News
09 Mar 2022
China’s APT41 exploited Log4j within hours
APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims Continue Reading