IT governance

IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.

Feature 11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI

Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
News 24 Apr 2023
Finland and Estonia deepen cross-border digital partnerships

Finland and Estonia, two global tech pioneers, are increasingly sharing their expertise Continue Reading

News 27 Apr 2021

UK supermarkets to trial age estimation tech for alcohol purchases

Biometric age estimation technology developed by Yoti to be tested in UK supermarkets for alcohol purchases as part of government-led digital identities initiative Continue Reading
News 27 Apr 2021

Total cost of ransomware attack heading towards $2m

Sophos’ latest study finds that ransomware attacks are proving increasingly disruptive to their victims’ finances Continue Reading
News 27 Apr 2021

Leaky Azure storage account puts software developer IP at risk

Source code for multiple products was left exposed in an unsecured Microsoft Azure cloud storage account, say researchers, but attributing responsibility for the error has proved difficult Continue Reading
Opinion 27 Apr 2021

Why we need to reset the debate on end-to-end encryption to protect children

Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent Continue Reading
News 27 Apr 2021

Apple OS updates patch multiple security holes

The much-heralded release of the privacy-centric iOS 14.5 also brings patches for multiple CVEs, and users of Apple smartphones, tablets and notebooks are best advised to update as soon as possible Continue Reading
News 27 Apr 2021

The Security Interviews: Making sense of outbound email security

Screening inbound emails is an accepted part of an organisation’s security posture, but the topic of securing outbound traffic is less often discussed. Zivver’s Rick Goud is on a mission to change this Continue Reading
News 22 Apr 2021

GCHQ: Cyber investment a guarantor of UK’s global status

GCHQ director Jeremy Fleming sets out a vision for the UK’s cyber security future Continue Reading
News 22 Apr 2021

Researchers shed more light on APT29 activity during SolarWinds attack

RiskIQ’s Atlas threat intel team uncovers new patterns and threat infrastructure used in the SolarWind’s attacks Continue Reading
News 22 Apr 2021

ToxicEye malware exploits Telegram messaging service

The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye Continue Reading
Opinion 22 Apr 2021

Security Think Tank: Security culture must underpin vaccine passports

What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
News 21 Apr 2021

NCSC offers teachers free cyber security training

The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
News 21 Apr 2021

EU lays out plans to regulate AI development

Proposal aims to encourage the development of ethical artificial intelligence systems that do not infringe the human rights of EU citizens Continue Reading
News 21 Apr 2021

SonicWall Email Security zero-days need urgent patch

Users of SonicWall Email Security are advised to patch immediately, but the supplier is being criticised for the pace of its response Continue Reading
News 20 Apr 2021

Health app myGP adds Covid-19 vaccine passport function

The new feature is described as the UK’s first NHS-assured Covid-19 certification feature Continue Reading
News 20 Apr 2021

Chinese APT exploits critical CVE in Pulse Secure VPN

A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
Opinion 20 Apr 2021

Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports

What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
News 20 Apr 2021

Codecov supply chain attack has echoes of SolarWinds

Supply chain attack on code auditing service may have compromised the likes of HPE and IBM Continue Reading
News 19 Apr 2021

Digital secretary steps in on Nvidia/Arm deal

The first stage of a formal investigation by the CMA is now underway, to look at whether the sale of Arm to Nvidia will damage the chip industry Continue Reading
News 19 Apr 2021

YouGov incentivises sharing of personally identifiable information

YouGov Safe is a new service to help organisations target consumers more precisely, where people can select how much personal data they wish to share Continue Reading
Opinion 16 Apr 2021

The Secret IR Insider’s Diary – from Sunburst to DarkSide

From dealing with SolarWinds fallout to ransomware attacks, it’s been a busy few weeks for the Secret IR Insider, but they've picked up some new tricks along the way Continue Reading
News 15 Apr 2021

Uber ordered to reinstate six drivers fired by automated process

A default judgment handed down by Dutch court has ordered Uber to reinstate six drivers with compensation following unevidenced accusations of fraud and automated firing via algorithm Continue Reading
News 15 Apr 2021

Biden sanctions Russia over SolarWinds cyber attacks

US president imposes new sanctions on Russia following malicious cyber attacks against the US and allies Continue Reading
News 15 Apr 2021

University of Hertfordshire is latest academic cyber attack victim

Multiple systems are offline at the University of Hertfordshire following a cyber attack Continue Reading
News 15 Apr 2021

Ireland’s DPC launches probe into Facebook leak

The Irish Data Protection Commission has launched an ‘own volition’ inquiry into the leak of data from 500 million Facebook profiles Continue Reading
News 14 Apr 2021

FBI accesses ProxyLogon target servers to disrupt cyber criminals

US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation Continue Reading
News 14 Apr 2021

EU set to tilt AI balance in favour of citizen rights

New draft EU regulations aim to protect people from biased decision-making Continue Reading
News 14 Apr 2021

NSA unearths more MS Exchange vulnerabilities

Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency Continue Reading
Opinion 14 Apr 2021

Security Think Tank: Vaccine passports cannot be taken lightly

What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
Opinion 14 Apr 2021

Security Think Tank: Vaccine passports must be secure by design

What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
News 13 Apr 2021

MP told to ditch official email over hacking fears

MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked Continue Reading
News 13 Apr 2021

Millions of devices at risk from NAME:WRECK DNS bugs

Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading
Feature 12 Apr 2021

Why some jobseekers have turned to cyber crime during the pandemic

Research shows that many people have been seeking cyber crime-related work on the dark web, but why? Continue Reading
Opinion 12 Apr 2021

What has a year of home working meant for the DPO?

Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months Continue Reading
News 09 Apr 2021

Cring ransomware hits ICS through two-year-old bug

A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
News 08 Apr 2021

Nation-state cyber attacks double in three years

Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
News 07 Apr 2021

Facebook ducks calls to apologise over huge data leak

Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise Continue Reading
News 07 Apr 2021

Digital Markets Unit starts work on codes of conduct for tech giants

Digital markets regulator officially launched to ensure tech giants such as Facebook and Google cannot exploit their market dominance to crowd out competition and stifle innovation online Continue Reading
News 06 Apr 2021

Facebook data leak could be outside scope of GDPR

Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force Continue Reading
News 31 Mar 2021

NHS is apparently closing security skills gap

By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
News 31 Mar 2021

Cyber Security Council to champion UK security pros

A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
News 30 Mar 2021

Ransomware attack on London schools highlights warnings

Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
News 30 Mar 2021

The Security Interviews: How to secure an F1 team in a pandemic

A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
News 29 Mar 2021

Backup survey: UK councils’ downtimes five times longer than average

Backup product supplier Veeam’s freedom of information request finds councils’ average downtime is seven hours and that backup and disaster recovery testing is not done frequently Continue Reading
Feature 29 Mar 2021

Ecolabels and data sanitisation key to recycling and reusing IT assets

Ecolabels on hardware and data sanitisation of devices are key to recycling and reusing old IT equipment respectively, helping enterprises avoid unnecessary asset destruction and contributing to increasingly high levels of electronic waste globally Continue Reading
Feature 26 Mar 2021

Backup appliances the hot topic for Pas-de-Calais fire brigade

With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
News 26 Mar 2021

Retailer FatFace pays $2m ransom to Conti cyber criminals

Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
News 26 Mar 2021

Remote working burn-out a factor in security risk

After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected Continue Reading
News 25 Mar 2021

Cyber security complacency puts UK at risk, says NCSC head

National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
Feature 25 Mar 2021

The 3-2-1 backup rule: Has cloud made it obsolete?

The 3-2-1 backup rule was made for small-scale use in the pre-cloud era when tape still ruled. Is it relevant in the 2020s, or can we repurpose its fundamental principles? Continue Reading
News 24 Mar 2021

Oil giant Shell hit through Accellion FTA breach

Energy firm discloses cyber attack through Accellion File Transfer Appliance Continue Reading
News 24 Mar 2021

Apparent drop in cyber incidents highlights underlying problems

UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report Continue Reading
News 24 Mar 2021

Cyber criminals forging Covid-19 vaccine certificates

Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon Continue Reading
News 23 Mar 2021

NCSC beefs up support for education sector after spate of attacks

Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
Opinion 23 Mar 2021

Security Think Tank: Attacks on CNI – an evolving frontier in warfare

In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
News 22 Mar 2021

$50m ransomware demand on Acer is highest ever

Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer Continue Reading
News 22 Mar 2021

Unionised drivers call on Microsoft to suspend Uber’s Face API licences

Unionised private hire drivers in the UK are calling for Microsoft to suspend Uber’s licences to use its Face API technology after claims the ride-hailing firm’s ID-checking system has led to drivers losing their jobs and having licences revoked Continue Reading
Opinion 22 Mar 2021

Security Think Tank: Back to square one – ground-up CNI protection

In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
News 22 Mar 2021

CIO interview: Juliette Atkinson, IT director, Bradford University

Bradford University’s IT director took a different route than most to get into IT leadership Continue Reading
News 18 Mar 2021

Vaccine passports cannot put basic rights at risk, warns BCS

BCS warns of challenges to come as the government presses on with its plans for Covid-19 vaccine passports Continue Reading
Opinion 17 Mar 2021

Security Think Tank: Take a realistic perspective on CNI cyber attacks

In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
News 17 Mar 2021

Average ransomware cost triples, says report

The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report Continue Reading
News 17 Mar 2021

Digital Green Certificate proposed for travel in Europe

Digital Green Certificates will supposedly help re-establish freedom of movement within the European Union Continue Reading
Opinion 17 Mar 2021

Security Think Tank: CNI operators must focus on core issues

In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
News 17 Mar 2021

Cyber sector welcomes PM’s defence review

Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
News 16 Mar 2021

MoD partners playing fast and loose with confidential data

Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD Continue Reading
News 16 Mar 2021

Banks still lack tech skills at the top

Banks have made progress in adding IT knowledge in their boardrooms, but they need more as digital transformation accelerates Continue Reading
News 16 Mar 2021

Unusual DearCry ransomware uses ‘rare’ approach to encryption

Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
News 16 Mar 2021

Microsoft releases one-click ProxyLogon mitigation tool

Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
News 16 Mar 2021

Government calls for input into Covid-19 vaccine passports

Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme Continue Reading
News 15 Mar 2021

Microsoft Exchange ProxyLogon attacks spike 10 times in four days

Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
Opinion 15 Mar 2021

Security Think Tank: CNI operators are in an unenviable position

In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
News 12 Mar 2021

NCSC issues emergency alert on Microsoft Exchange patch

UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading
News 12 Mar 2021

IR35 private sector reforms: IT contractors ‘growing reluctant’ to work for ‘blanket banning’ firms

IT-focused staffing company Ellis Recruitment Group shares its take on how the contracting market is responding to the private sector firms enforcing blanket bans Continue Reading
Feature 12 Mar 2021

Does email security need a human solution or a tech solution?

People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on Continue Reading
News 12 Mar 2021

Web founder calls for ubiquitous, safe internet access for young people

Internet access has a direct correlation to GDP. On the 32nd birthday of the world wide web, its founder calls for improvements to safe access Continue Reading
News 12 Mar 2021

DearCry ransomware targets vulnerable Exchange servers

As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading
News 12 Mar 2021

Brewer Molson Coors targeted in cyber attack

Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers Continue Reading
Opinion 12 Mar 2021

Security Think Tank: US security efforts may centre on collaboration

As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
News 11 Mar 2021

UK digital regulators set out plans to strengthen cooperation

Digital Regulation Cooperation Forum outlines plans for the coming year, marking a shift towards a more collaborative regulatory approach Continue Reading
News 11 Mar 2021

Attack on surveillance cameras a warning over security, ethics

The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading
Opinion 11 Mar 2021

Data-driven innovation needs trustworthy governance

The pandemic has given us a glimpse of what data-driven technology can do for society – and we cannot go back to the status quo Continue Reading
News 11 Mar 2021

Norwegian government falls victim to Microsoft attacks

Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers Continue Reading
E-Zine 11 Mar 2021

CW Europe: Nordic tech startups create blueprint for post-Covid working environment

Business can learn lessons from Nordic tech startups to prepare employees to return to the office after Covid restrictions end. Also read why Netherlands police need a training ‘roadmap’ to get them up to speed to tackle cyber crime. Continue Reading
News 10 Mar 2021

Met Police chooses Capgemini as strategic IT infrastructure services provider

Capgemini has a history of providing the force with day-to-day technology services, and will now deliver its infrastructure services under the Pegasus programme Continue Reading
News 10 Mar 2021

Patch Tuesday overshadowed by Microsoft Exchange attacks

Microsoft’s March Patch Tuesday update drops amid ongoing fall-out from widespread Exchange attacks Continue Reading
News 10 Mar 2021

Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC

Belgian and Dutch police have breached the encryption of users of Sky ECC, the world’s largest cryptophone network. There are significant parallels with the international police operation against the EncroChat cryptophone network which led to hundreds of arrests Continue Reading
Opinion 09 Mar 2021

Why your business needs SOC as a service

Security in the digital era demands that businesses monitor their entire IT estate and resolve all alerts, but for many organisations the most effective way of doing that is SOCaaS Continue Reading
Opinion 09 Mar 2021

Gartner: Three tips to avoid cloud service suspension

As recent events have shown, public cloud providers have the power to terminate cloud contracts, and seemingly legitimate businesses may be at risk Continue Reading
News 09 Mar 2021

EBA restores services after Microsoft Exchange attack

European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online Continue Reading
News 09 Mar 2021

Private equity house buys McAfee enterprise business

Deal to sell off enterprise unit will see McAfee become a pure-play consumer organisation Continue Reading
News 08 Mar 2021

US teases retaliation over state-backed cyber attacks

Consequences for alleged perpetrators of the SolarWinds attack are expected within the next few weeks Continue Reading
News 05 Mar 2021

Williams F1 car launch disrupted by data leak

Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack Continue Reading
News 05 Mar 2021

Mandiant: MS Exchange bugs first exploited in January

Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago Continue Reading
News 05 Mar 2021

Clarification needed on IT ‘super-deduction’ allowance

Chancellor announces that companies investing in qualifying new plant and machinery assets will be able to claim a ‘super-deduction’ allowance Continue Reading
Feature 05 Mar 2021

Dealing with the challenge of beg bounties

The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
News 05 Mar 2021

Innovation underpinned by trustworthy governance, says CDEI

Public support for greater use of digital technologies such as AI depends on how much trust people have in its governance, says report Continue Reading
News 04 Mar 2021

Okta picks up Auth0 for $6.5bn

Multibillion-dollar acquisition a vote of confidence in future of identity and access management services Continue Reading
News 04 Mar 2021

Microsoft Exchange CVEs more widely exploited than thought

US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer Continue Reading
News 04 Mar 2021

IR35 private sector reforms: HMRC under fire over ‘omission’ of employers’ NI from webinar guidance

HM Revenue & Customs confirms it has corrected a calculation error in a recent educational IR35 webinar that saw it fail to factor in employers’ NI in examples of how payments should be made between end-clients, agencies and PSCs post-April 2021 Continue Reading
News 04 Mar 2021

Qualys caught up in Accellion FTA breach

Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product Continue Reading

8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

CIO

Tensions rise over China's control of critical materials
While there is disagreement in Congress over how to diversify the critical materials supply chain, there is bipartisan agreement ...
Businesses face growing patchwork of state AI laws
As U.S. states like Colorado pass their own AI laws, businesses will need to prepare compliance measures if they do business in ...
How to lead a digital transformation: 10 key steps
Digital transformation success requires cross-organizational alignment, actionable goals and top-notch project management. Here's...

Congress grills Microsoft president over security failures
Microsoft President Brad Smith testifies on a wide range of issues, including Chinese and Russian nation-state attacks, the ...
The enduring importance of digital trust
Digital trust is an increasingly important issue, yet confusion remains about what exactly it is, how to achieve it and how to ...
Microsoft's Recall changes might be too little, too late
Criticism of Microsoft's Recall feature continues even after the software giant announced several updates to address concerns ...

Recap: Enterprise Strategy Group Thoughts on Cisco Live 2024
Analysts Jim Frey and Jon Brown from Enterprise Strategy Group talk about their takeaways from the Cisco Live 2024 conference in ...
Mass General Brigham tackles network upgrade, AI pilots
As Mass General Brigham updated its network and invested in other upgrades, the hospital ecosystem also developed a measured ...
Cisco Live 2024 conference coverage and analysis
Cisco Live 2024 will focus largely on AI and its potential to transform enterprise networking and IT. Use this guide to follow ...

8 green computing best practices
As climate change becomes a more pressing issue, these sustainability best practices can help your data center go greener, which ...
StorMagic debuts HCI, hypervisor as VMware alternative
StorMagic looks to court customers with smaller data centers for SMBs and the edge with SvHCI, a new VMware alternative with a ...
Lessons in AI from Dell Technologies World 2024
A main focus of the Dell Technologies World 2024 conference was AI and how it impacts infrastructure environments. Dell ...

Data Management

Anomalo unveils quality monitoring for unstructured data
The data quality specialist's capabilities will enable customers to monitor unstructured text to ensure the health of data used ...
Graph database vs. relational database: Key differences
Graph databases offer plenty of advantages for enterprises, but relational databases still top the market. Both emphasize ...
Multi-cloud databases: How to deploy and manage them
Deploying databases on different cloud platforms offers various benefits. Here's a set of 10 best practices for building a ...

Close