IT for charity organisations

Charities have to operate at the lowest cost possible, and that includes the way they use IT. IT managers in the third sector have learned how to deploy cost-effective technology to support the critical work that charities and voluntary organisations do, and their experiences can offer relevant case studies for IT managers in other sectors.

News 03 Jan 2024
Artificial intelligence to the front in Sweden’s National Technology Strategy

Sweden focuses in on artificial intelligence in its latest far-reaching national IT strategy Continue Reading
Feature 07 Sep 2023
Interview: Ashish Gupta, head of EMEA, HCLTech

It’s not just enterprises that changed their operating models during and after Covid, but also the suppliers that took them on the journey, HCLTech Europe’s head explains Continue Reading

News 17 Jun 2022

Government responds to Data Reform Bill consultation

Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit Continue Reading
Opinion 17 Jun 2022

Consider governance, coordination and risk to secure supply chain

A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
News 16 Jun 2022

Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
Opinion 16 Jun 2022

Security Think Tank: Best practices for boosting supply chain security

In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading
News 15 Jun 2022

Patch Tuesday dogged by concerns over Microsoft vulnerability response

The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
Opinion 15 Jun 2022

Security Think Tank: Basic steps to secure your supply chain

When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading
News 14 Jun 2022

MS Azure Synapse vulnerability fixed after six-month slog

Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
News 13 Jun 2022

Health data strategy to exorcise ghosts of GPDPR

Government publishes a revised data in health strategy, with an emphasis firmly on preserving the integrity and privacy of patients’ confidential information Continue Reading
Opinion 10 Jun 2022

Security Think Tank: Don’t trust the weakest link? Don’t trust any link

Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must Continue Reading
News 10 Jun 2022

Snake Keylogger climbing malware charts, says Check Point

Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers Continue Reading
News 08 Jun 2022

ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data Continue Reading
Opinion 31 May 2022

How cryptocurrency is bringing humanitarian value to Ukraine

Web3 technology has great significance as a form of charitable giving, and in providing permanent records for the government Continue Reading
News 30 May 2022

UAE residents think 3D printing will have the most positive impact on society

People in the UAE believe next-generation technologies such as 3D printing and artificial intelligence will become widespread in the country Continue Reading
Opinion 30 May 2022

Strong internal foundations are key to withstanding external threats

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
News 26 May 2022

Two-thirds of UK organisations defrauded since start of pandemic

Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report Continue Reading
News 26 May 2022

Dutch companies struggle to fill tech jobs

There are plenty of IT job vacancies in the Netherlands, but a shortage of IT professionals Continue Reading
News 24 May 2022

Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody Continue Reading
Opinion 18 May 2022

Security Think Tank: To follow a path, you need a good map

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
News 17 May 2022

(ISC)² to train 100,000 cyber pros in UK

Security association (ISC)² unveils ambitious UK training programme Continue Reading
News 11 May 2022

CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves Continue Reading
News 11 May 2022

Cyber accreditation body Crest forges new training partnerships

Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills Continue Reading
News 11 May 2022

Microsoft fixes three zero-days on May Patch Tuesday

It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days Continue Reading
News 10 May 2022

CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy Continue Reading
News 10 May 2022

CyberUK 22: NCSC refreshes cloud security guidance

The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading
News 28 Apr 2022

Ransomware recovery costs dwarf actual ransoms

The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data Continue Reading
News 27 Apr 2022

Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading
News 27 Apr 2022

Ransomware victims paying out when they don’t need to

Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to Continue Reading
News 27 Apr 2022

Government digital ignorance puts Dutch economy at risk

In this interview, Michiel Steltman, managing director of Digital Infrastructure Netherlands, tells Computer Weekly why the Dutch digital economy is at risk due to a lack of knowledge and understanding at government level Continue Reading
News 26 Apr 2022

BCS passes defiant Ukrainian tech industry message to its members

BCS, the Chartered Institute for IT, has passed on a message from Ukrainian IT suppliers that the country is open for, and in need of, business Continue Reading
News 26 Apr 2022

Emotet tests new tricks to thwart enhanced security

The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users Continue Reading
Feature 14 Apr 2022

Refugee support group works with tech startup on reporting system

Computer Weekly speaks to a refugee support group about its ongoing collaboration with an academic tech startup to develop a digital human rights reporting system for refugees Continue Reading
News 13 Apr 2022

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading
News 13 Apr 2022

Microsoft patches two zero-days, 10 critical bugs

Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading
News 07 Apr 2022

European IT and BPO outsourcing off to strong start

European IT and business process outsourcing services continue to increase rapidly, with cloud-based services now more than half of the total Continue Reading
News 05 Apr 2022

Triple-threat Borat malware no joke for victims

Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros Continue Reading
News 05 Apr 2022

Saudi Arabian ICT sector hits $32.1bn after strong pandemic response

The Saudi Arabian IT and communications sector is recovering strongly from the Covid-19 pandemic Continue Reading
News 04 Apr 2022

Environmental campaigners halt Meta datacentre construction in the Netherlands

Datacentre being built to serve ‘metaverse’ worlds would consume nearly half as much energy as all other datacentres in the country Continue Reading
News 01 Apr 2022

Four moves to ‘checkmate’ critical assets thanks to lax cloud security

Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading
News 30 Mar 2022

One-third of UK firms suffer a cyber attack every week

New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors Continue Reading
Feature 30 Mar 2022

Recruitment risks: Avoiding the dangers of fraudulent candidates

Tech companies are seeing an increase in fraudulent job applications, with associated impacts on risk and cyber security. So how can organisations protect themselves from fraudulent applicants while ensuring they recruit the best talent? Continue Reading
News 29 Mar 2022

NCSC: Not necessarily wise to ditch Kaspersky

UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates Continue Reading
News 29 Mar 2022

Wave of Log4j-linked attacks targeting VMware Horizon

Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
News 22 Mar 2022

Details of Conti ransomware affiliate released

Information about a new Conti affiliate has been released by eSentire and BreakPoint Lab after a joint investigation into the group’s indicators of compromise Continue Reading
Opinion 22 Mar 2022

Revised scope of UK security strategy reflects digitised society

The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF Continue Reading
Opinion 21 Mar 2022

UK Cyber Strategy a welcome injection of progress

The National Cyber Strategy should be seen as a welcome injection of both focus and investment in bettering cyber defence for everyone, says Turnkey Consulting senior consultant Louise Barber Continue Reading
News 18 Mar 2022

Ukrainian cyber defences prove resilient

Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks Continue Reading
Opinion 18 Mar 2022

National Cyber Strategy will enhance UK’s cyber power status

The UK punches above its weight when it comes to wielding cyber power around the world, but challenges to this status are clear. The National Cyber Strategy has a clear role to play in maintaining and enhancing this status, writes Paddy Francis of Airbus Cybersecurity Continue Reading
News 16 Mar 2022

German authorities warn on Kaspersky but stop short of ban

Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine Continue Reading
Opinion 15 Mar 2022

How cyber security teams can conquer the four-day working week

The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition Continue Reading
Feature 14 Mar 2022

How can I avoid an exodus of cyber talent linked to stress and burnout?

Cyber security professionals have played a crucial role during the pandemic, yet many feel like their employers aren’t providing adequate mental health support and have considered quitting their jobs as a result. What can employers do to help them? Continue Reading
Opinion 10 Mar 2022

National Cyber Strategy misses the mark in one important way

The National Cyber Strategy is full of fine words, says Petra Wenham, but as the old expression goes, fine words butter no parsnips, and it misses the mark in one very important way Continue Reading
News 10 Mar 2022

Tech brands sign on to HackerOne responsible security drive

Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices Continue Reading
News 09 Mar 2022

China’s APT41 exploited Log4j within hours

APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims Continue Reading
News 09 Mar 2022

Microsoft serves up three zero-days on March Patch Tuesday

Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders Continue Reading
News 03 Mar 2022

Boardroom does not see ransomware as a priority

Less than a quarter of company directors think ransomware is a top priority for their security teams, according to Egress Continue Reading
Feature 03 Mar 2022

English Channel surveillance used ‘to deter and punish migrants’

Instead of opening safe and legal routes to the UK, the country’s border control ecosystem is deploying surveillance technologies in the English Channel to deter migrant crossings, it is claimed Continue Reading
News 02 Mar 2022

Gothenburg University makes breakthrough in energy efficient computers

Swedish and Japanese universities make advancement in the development of computers that can work as energy efficiently as a brain Continue Reading
News 02 Mar 2022

Middle East IT spending to recover to at least pre-pandemic levels

Middle East IT leaders expect budgets to increase this year, with spending to match or exceed pre-Covid levels Continue Reading
News 28 Feb 2022

Ukraine cyber attacks seen spiking, but no destructive cyber war yet

While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region Continue Reading
News 25 Feb 2022

University of Amsterdam teams up with MIT to use analytics for a better world

Dutch and US universities join forces with tech company to help non-government organisations and the United Nations to harness data analytics to achieve sustainable development goals Continue Reading
News 24 Feb 2022

KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021 Continue Reading
News 24 Feb 2022

Security organisations form Nonprofit Cyber coalition

Founding members of the Nonprofit Cyber coalition pledge to enhance joint action on cyber security around the world Continue Reading
Opinion 24 Feb 2022

The complementary strengths of AI and human intelligence

Kathy Peach, director at Nesta’s Centre for Collective Intelligence Design, describes projects the organisation supports that explore the interaction between artificial and human intelligence Continue Reading
News 24 Feb 2022

Russia behind dangerous Cyclops Blink malware

Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk Continue Reading
News 23 Feb 2022

Backups ‘no longer effective’ for stopping ransomware attacks

Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques Continue Reading
News 23 Feb 2022

Microsoft extends Defender umbrella to Google Cloud Platform

Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in Continue Reading
News 23 Feb 2022

No imminent cyber threat to UK from Russia

Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain Continue Reading
News 22 Feb 2022

UK organisations swift to chide phishing victims

While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated Continue Reading
Opinion 22 Feb 2022

Security Think Tank: Good training is all about context

In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
News 18 Feb 2022

UK organisations untroubled by Trickbot surge

A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected Continue Reading
News 17 Feb 2022

Red Cross cyber attack the work of nation-state actors

The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state Continue Reading
News 16 Feb 2022

2021 another record year for UK cyber investment

Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment Continue Reading
News 16 Feb 2022

Nordic countries lack a unified approach to AI

Nordic countries need to work together on a pan-regional artificial intelligence strategy Continue Reading
News 15 Feb 2022

Botched third-party configuration exposes Internet Society data to web

Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage Continue Reading
News 15 Feb 2022

China emerges as leader in vulnerability exploitation

Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs Continue Reading
News 11 Feb 2022

Why security professionals should pay attention to what Russia is doing

Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to Continue Reading
Opinion 10 Feb 2022

Phishing tests are a useful exercise, but don’t overdo it

The vast majority of cyber attacks start with a phish, so it’s not surprising that phishing tests form part of cyber training plans. But sometimes these tests go too far. Cyberis’ Gemma Moore looks at how to avoid the pitfalls Continue Reading
News 09 Feb 2022

Linux-based clouds an open door for attackers, says VMware

Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware Continue Reading
News 09 Feb 2022

Ransomware ever more sophisticated and impactful, warns NCSC

UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs Continue Reading
News 09 Feb 2022

Microsoft stomps on 48 bugs in February Patch Tuesday update

It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day Continue Reading
News 08 Feb 2022

Microsoft to start blocking macros to thwart malware

Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security Continue Reading
News 08 Feb 2022

The Security Interviews: Building the UK’s future cyber ecosystem

As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions Continue Reading
Opinion 02 Feb 2022

Security Think Tank: How to build a human firewall

In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
News 02 Feb 2022

Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite Continue Reading
Feature 02 Feb 2022

What neurodivergent people really think of working in cyber security

Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
News 02 Feb 2022

Saudi Arabia to invest billions of dollars in technology and startups

Saudi Arabia announces $6.4bn investment in its tech sector as part of plans to diversify its economy Continue Reading
News 01 Feb 2022

Check Point buys Spectral to safeguard cloud development

Check Point’s latest acquisition of Israel-based startup Spectral expands its developer-centric security toolset Continue Reading
Opinion 31 Jan 2022

Understand your cyber training ‘need’ before committing to a programme

In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service? Continue Reading
News 28 Jan 2022

Cyber skills gap affecting data privacy practice, finds ISACA

Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report Continue Reading
News 27 Jan 2022

CISOs must get out in front of Ukraine cyber crisis, says NCSC

The National Cyber Security Centre is urging UK organisations to take steps to bolster their cyber security resilience in response to the ongoing Ukraine crisis Continue Reading
News 27 Jan 2022

Novel phishing campaign highlights need for MFA, says Microsoft

Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place Continue Reading
News 27 Jan 2022

Nightmare Log4Shell scenario averted by prompt, professional action

Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared Continue Reading
Opinion 27 Jan 2022

Security Think Tank: Focus on ‘nudging’ to build effective cyber training

In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training-as-a-service? Continue Reading
News 26 Jan 2022

More intel emerges on WhisperGate malware that hit Ukraine

Security experts have been poring over the WhisperGate malware with which alleged Russia-backed entities targeted Ukrainian government websites Continue Reading
News 26 Jan 2022

PwnKit bug endangers Linux distributions worldwide

Qualys researchers share intel on a memory corruption vulnerability in a program installed by default on every major Linux distribution Continue Reading
News 25 Jan 2022

Prepare, but don’t panic, over supposed Russian cyber threat

A fresh alert from the US Department of Homeland Security may have IT security teams jumpy over the possibility that their organisations could be targeted by Russian state actors Continue Reading
Feature 24 Jan 2022

How Forensic Architecture uses tech to protect human rights

Forensic Architecture speaks to Computer Weekly about how it uses various digital technologies to investigate human rights abuses around the globe, including the pushback of migrants over the Greek border and the killing of Mark Duggan by London police Continue Reading
News 20 Jan 2022

Data of 515,000 vulnerable people stolen in Red Cross attack

The International Committee of the Red Cross is probing a cyber attack that has already seen the personal data of hundreds of thousands of the world’s most vulnerable people compromised Continue Reading
News 20 Jan 2022

MoonBounce firmware bootkit shows advances in malicious implants

MoonBounce firmware bootkit shows evident technical improvements over others, making it a more dangerous threat to organisations. It is being used by Chinese state-backed actors Continue Reading
News 19 Jan 2022

Danish digitisation partnership delivers plan to government

Public-private collaboration submits plan setting out “how Denmark can take advantage of the opportunities presented by digitisation moving forward into the future” Continue Reading