IT operations management and IT support

Cyber training firm launches £20k data protection scholarship

Training specialist Freevacy has launched a £20,000 scholarship fund to train data privacy and protection professionals Continue Reading

Russian DDoS hacktivists seen targeting western hospitals

A swathe of attacks by the Putin-supporting DDoS operation known as Killnet has targeted hospitals and other infrastructure in several Nato countries, with the UK thought to be at risk Continue Reading

GitHub warns Desktop, Atom users after code-signing certificates pinched

Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users Continue Reading

Three outsourcing trends to look out for in 2023

ISG's Andreas Fahr outlines three IT sourcing trends to look out for in the coming year. Continue Reading

Digital banking changing the high street forever as banks close branches and open alternatives

Banks are reshaping their channels as customers move to digital services, with physical innovation complementing digital strategies Continue Reading

Royal Mail recovers more International Tracked services

Royal Mail is making further progress in recovering IT systems hit by a ransomware attack, and has re-enabled another tranche of international export services Continue Reading

Former Fujitsu staff under police investigation to face Post Office IT scandal inquiry

Two former Fujitsu IT professionals being investigated for potential perjury will face Post Office Horizon public inquiry in May Continue Reading

Noventiq eyes APAC IT services market

IT services provider Noventiq has been expanding its presence in APAC through several acquisitions in India, and is eyeing a bigger slice of the region’s IT services pie Continue Reading

UK local authorities reveal connectivity priorities, challenges

Study examining topics ranging from gigabit-capable broadband to 5G, smart places, telecoms and net-zero finds progress being made in UK local government, but challenges remain in the drive to improve digital connectivity Continue Reading

Hive ransomware gang taken down after FBI hacks back

The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation Continue Reading

Leeds Building Society uses AIops in Dynatrace to improve observability

Automation and AI is improving how the service delivery team assesses the business impact of an IT service degradation Continue Reading

Arnold Clark cyber attack claimed by Play ransomware gang

A cyber attack that struck car dealer Arnold Clark prior to Christmas has been claimed as the work of the Play ransomware cartel Continue Reading

Boards struggle to resolve cyber risk in digital supply chains

Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk Continue Reading

Green storage: Savings to be made but tricky to achieve

Storage upgrades can bring energy savings. New hardware, the cloud and as-a-service procurement models all cut costs, but can need careful tweaking to get right Continue Reading

IT’s shift to the cloud: Veeam’s data protection report in detail

With half of servers in the cloud, most backup and nearly all disaster recovery cloud-centric, the shift to the cloud is significant – but container backup is one area that is yet to settle down Continue Reading

Nationwide Building Society CIO to join Co-operative Bank

Gary Delooze to join Co-operative Bank as CIO after six years heading up Nationwide Building Society’s IT department Continue Reading

SSRF attacks hit 100,000 businesses globally since November

There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers Continue Reading

SMEs keen on embedded finance, but more choice needed to increase take-up

Suppliers to small and medium-sized enterprises need to offer more choice when embedding financial products in their services if take-up is to increase Continue Reading

Trellix automates patching for 62,000 vulnerable open source projects

Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months Continue Reading

NCSC warning over cyber risk to charity sector

Cash-strapped charities without the resource to tackle their resilience deficit are increasingly at risk from malicious actors, says the NCSC Continue Reading

More than 1,000 tech roles chopped at Capital One

US bank makes tech job cuts as its digital transformation moves into a new phase Continue Reading

CW APAC January 2023 – Trend Watch: CIO Trends

As we enter a new year, it remains vital for IT leaders to keep track of the latest developments across the industry. In this handbook, focused on CIO trends in the Asia-Pacific region, Computer Weekly looks at predictions for 2023, how the Australian Red Cross managed a donation surge, Mondelez’s digital transformation and Singapore’s public sector IT strategy Continue Reading

UK seeks to ban sharing ‘positive’ Channel crossing videos online

Under UK government amendments to the Online Safety Bill, video footage that shows people crossing the Channel in a ‘positive light’ could be added to a list of illegal content that all tech platforms must proactively prevent from reaching users, while senior managers could face further criminal sanctions Continue Reading

Outdated IT infrastructure poses growing risk to UK Security Vetting

Delays to UKSV’s important work in safeguarding the country’s national security are in part down to a legacy IT estate in dire need of modernisation, says the NAO Continue Reading

Ukraine cyber teams responded to more than 2,000 attacks in 2022

The Ukrainian authorities responded to more than 2,000 major cyber incidents during 2022, and are blocking thousands more potential attacks every day Continue Reading

Advisory board goal for Post Office scandal victims to be returned to rightful financial position

The board set up to monitor the compensation scheme for Post Office scandal victims agrees goal of returning them to the financial position they would be in had the scandal never happened Continue Reading

Benelux CIO interview: Richard Ventre, SHV Holdings

In his role at Netherlands-based SHV Holdings, Richard Ventre is tackling the challenge of enabling a diverse set of digital transformations across a range of industries Continue Reading

Crest throws support behind CyberUp CMA reform campaign

Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990 Continue Reading

Royal Mail promises ‘workarounds’ to restore services after ransomware attack

Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a ‘workaround’ will be in place in the near future Continue Reading

LockBit cartel suspected of Royal Mail cyber attack

The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation Continue Reading

BBC assures UK Parliament that digital transformation plans are on track

UK Parliamentary accounts watchdog probes British Broadcasting Corporation senior management regarding plans to reconstruct organisation to be fit for purpose in modern media industry and satisfy multiplatform needs of licence fee payers Continue Reading

Europe’s cyber security strategy must be clear about open source

Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem Continue Reading

Guardian confirms Christmas 2022 cyber attack was ransomware

Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack Continue Reading

How Indian banks can drive automation in corporate banking

Banks should prioritise their processes for automation based on the level of human intervention, understand their processes thoroughly and put employees at the centre of their automation efforts Continue Reading

Royal Mail services hit by major cyber attack

UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack Continue Reading

Should we be worried about malicious use of AI language models?

WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned? Continue Reading

Microsoft fixes EoP zero-day on January Patch Tuesday

On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns Continue Reading

Latest Innovate Finance report reveals decrease in UK fintech investment, but like-for-like increase

Innovate Finance’s latest figures on fintech investment show reduction in UK, but report methodology leaves this open to change Continue Reading

Tech firms failing to address forced labour in supply chains

Subpar due diligence processes in the tech sector – including poor purchasing practices, sparsely implemented collective bargaining coverage, and a lack of redress for workers – is leaving supply chain workers open to abuse, says KnowTheChain Continue Reading

Vulnerable organisations to get free Cyber Essentials support

Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre Continue Reading

Vice Society cyber gang targeted multiple UK schools

The Vice Society ransomware gang has made a habit of attacking educational institutions, and now appears to have struck multiple schools, colleges and universities in the UK Continue Reading

Cyber gang abused free trials to exploit public cloud CPU resources

A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying Continue Reading

Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading

Fallout from Guardian cyber attack to last at least a month

The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time Continue Reading

Traditional banking under threat from platform-based alternatives

Banking as a service embedded in non-banking business offerings will take large chunks from traditional banks Continue Reading

High tech meets agriculture in Denmark

Thanks to a few strategic investments, Denmark may one day become a major exporter of farming technology Continue Reading

Cyber security professionals share their biggest lessons of 2022

In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading

Top 10 Nordic IT stories of 2022

Here are Computer Weekly's top 10 Nordic IT articles of 2022 Continue Reading

How does red teaming test the ultimate limits of cyber security?

An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading

Why the current fraud model is broken, and how to fix it

Scammers and fraudsters are catching up with the good guys; a new technological approach is needed to fight skyrocketing volumes of digital fraud, says Darwinium founder Alisdair Faulkner Continue Reading

Top 10 Middle East IT stories of 2022

Here are Computer Weekly's top 10 Middle East IT articles of 2022 Continue Reading

Top 10 financial services IT stories of 2022

Here are Computer Weekly’s top 10 financial services IT articles of 2022, looking back at the moves and changes over the past year Continue Reading

Top 10 Benelux IT stories of 2022

Here are Computer Weekly’s top 10 Benelux articles of 2022 Continue Reading

Top 10 cyber security stories of 2022

The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading

A sticky story: How, and why, hackers love stickers on laptops

We’ve all seen laptops adorned with security stickers and in-jokes, but how did this cyber community trend get started, what does it signify, and what does it say about the humans behind the screens? Continue Reading

Four-day working week set to stay at Atom bank

Challenger bank Atom has formalised a four-day working week policy after a successful trial Continue Reading

TSB hit with huge fine after IT migration disaster

TSB has been fined nearly £50m due to failings during its IT migration catastrophe Continue Reading

Dealing with the growing problem of edge and IoT sprawl

Amidst all the hype regarding the massive growth potential for IoT and for edge computing in general, there is an elephant in the room, and that’s edge sprawl. It’s as if the edge evangelists are ... Continue Reading

Security Think Tank: 2022 brought plenty of learning opportunities in cyber

At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading

UK unis implement new IP traffic policies to combat ransomware

Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading

How to build your tech budget for 2023

This is a guest post by Chrystal Taylor, head geek at SolarWinds As the year comes to a close, discussions about next year’s financials and budgets  are rising among business leadership. But with ... Continue Reading

Digital Ethics Summit: Who benefits from new technology?

Experts at the 2022 Digital Ethics Summit say expedited development cycles and obviously over-hyped PR material, in tandem with the public’s near-total exclusion from conversations around technology, is creating distrust towards the tech sector Continue Reading

Criminal Cases Review Commission calls on more convicted subpostmasters to come forward

The Criminal Cases Review Commission wants more former subpostmasters to come forward if they think they were prosecuted by the Post Office based on data from the error-prone Horizon computer system Continue Reading

Ethical hackers flex their muscles in 2022

Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021 Continue Reading

Microsoft and London Stock Exchange agree £2.3bn 10-year cloud deal

The London Stock Exchange is building on its acquisition of financial data provider Refinitiv through a deal with Microsoft Continue Reading

Microsoft fixes two zero-days in final Patch Tuesday of 2022

December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading

NAO: BBC digital transformation plan at risk from lack of resources

Financial watchdog warns broadcaster that it may lack resources to achieve its desired digital ambitions, with particular worry over best practice in acquiring, storing and securing personal data and potential exposure to reputational risks Continue Reading

Security Think Tank: How much digital trust can you place on zero-trust?

The events of the past couple of years have highlighted many considerations that should be taken into consideration when pursuing a zero-trust strategy, says ISACA’s Steven Sim Kok Leong Continue Reading

The nature of the CISO role will be in flux in 2023

As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report Continue Reading

More Uber data exposed in possible supply chain attack

A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading

Special educational needs students use virtual reality to help navigate real world

Students on the autistic spectrum are using virtual reality to help them prepare for real-world interaction Continue Reading

Security Think Tank: Embrace prioritisation, people, imperfections

Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading

CIISec, DCMS to fund vocational cyber courses for A-level students

The Chartered Institute of Information Security and the Department for Digital, Culture, Media and Sport plan to fund vocational cyber qualifications for 300 teenagers Continue Reading

Iranian APT seen exploiting GitHub repository as C2 mechanism

A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading

Digital bank to recruit 1,000 tech experts in Manchester

App-based bank Starling is adding 1,000 people to its workforce with technology professionals being recruited for its new operation in Manchester Continue Reading

IT system limitations a factor in passport delays

Limitations in the UK’s passport office IT system led to delays in applicants receiving their documents during a recent period of high demand Continue Reading

Security Think Tank: 2022 changed how we thought about resilience

Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading

Rackspace email outage confirmed as ransomware attack

An ongoing outage affecting Rackspace email customers is the result of a ransomware attack Continue Reading

Security Think Tank: As cyber pros, we need to articulate our needs better

There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading

Post Office scandal – “cock-up or cook-up”?

The second phase of the Post Office Horizon IT scandal raised more questions over who did what, when and where, with shocking revelations at every turn Continue Reading

EU fails to protect human rights in surveillance tech transfers

Transfers of surveillance technology from the European Union to African governments are carried out without due regard for the human rights impacts, the European Ombudsman has found after a year-long investigation into the European Commission’s management of an aid fund Continue Reading

Don’t become an unwitting tool in Russia’s cyber war

Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack? Continue Reading

Finland connects a quantum computer to a supercomputer

VTT and CSC recently connected a quantum computer with Europe’s fastest supercomputer to enable a hybrid service for researchers Continue Reading

How HashiCorp is driving cloud provisioning and management

HashiCorp CEO Dave McJannet talks up how the company is supporting cloud provisioning in a hybrid environment and its investments in Asia-Pacific to capitalise on the region’s growth potential Continue Reading

French cyber consultancy Hackuity sets up UK operation

Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading

Twitter ‘replacement’ Hive Social shuts off service in privacy alert

Hive Social, a recently established social media network, has temporarily closed its servers to address deep structural privacy issues identified by ethical hackers Continue Reading

Ransomware: Is there hope beyond the overhyped?

Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading

Microsoft 365 banned in German schools over privacy concerns

German schools cannot legally use Microsoft Office 365 over lack of clarity about how data is collected, shared and used, as well as the potential for unlawful transfer of European citizens’ personal data to the US Continue Reading

Subpostmaster federation deliberately kept public in dark over computer problems

The federation representing subpostmasters deliberately suppressed information about computer errors that could have saved its members from devastating life-changing events Continue Reading

Latest LockBit ransomware versions have wormable capabilities

Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter Continue Reading

Parity AI talks about auditing recruitment algorithms for bias

Algorithmic auditing firm Parity speaks to Computer Weekly about the process of auditing artificial intelligence for bias, following its partnership with AI-powered recruitment platform Beamery Continue Reading

Think technology, process, human risk to manage ransomware

Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading

Chartered status and aligned standards are crucial for the UK's cyber sector

As the UK moves closer to ushering in the world’s first chartered cyber professionals, the UK Cyber Security Council’s Simon Hepburn outlines the sector’s defining moment Continue Reading

Digital Transformation Week Amsterdam: HSBC discusses low-code in financial services

A member of HSBC’s global transformation team has shared her views on low-code with an audience in Amsterdam Continue Reading

How gamifying cyber training can improve your defences

Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading

How MongoDB is driving growth in ANZ

MongoDB, which counts the likes of Bendigo and Adelaide Bank as clients, has been driving skills development and investing in local manpower in Australia and New Zealand Continue Reading

Ransomware: Practical tips to improve resiliency

With ransomware attacks on organisations increasing, the question is not if an attack will happen, but when. We look at ways to minimise the impact of such an attack Continue Reading

Data management, backup becoming the CISO's responsibility

More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year Continue Reading

Your staff are the frontline in your ransomware fight

As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading

AI accountability held back by ‘audit-washing’ practices

Algorithmic auditing will be useless in holding artificial intelligence accountable until there are common standards, approaches and goals that scrutinise systems at each stage of development and deployment, says think-tank Continue Reading