IT governance

IT governance provides the core workflows and processes that help IT managers to oversee the successful functioning of the IT department, and to prove the value of IT to the business. Regulations and compliance are just as important as technological and management skills, and we highlight the best practice in IT governance and the example of successful IT leaders.

Feature 11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI

Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
News 24 Apr 2023
Finland and Estonia deepen cross-border digital partnerships

Finland and Estonia, two global tech pioneers, are increasingly sharing their expertise Continue Reading

Feature 15 Jan 2024

British Library cyber attack explained: What you need to know

In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
News 15 Jan 2024

How legal disclosure failures disrupted the Post Office Horizon inquiry

From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry Continue Reading
News 12 Jan 2024

UK government seeks public views on impacts of AI-generated porn

The government’s Pornography Review will look in part at the use of AI throughout the industry to generate sexually explicit content without people’s consent Continue Reading
Opinion 11 Jan 2024

Redefining the cyber domain to tackle the challenges of tomorrow

Emerging technologies have brought about a new age of cyber – and we need a 360-degree collaborative approach more than ever to succeed Continue Reading
News 10 Jan 2024

Davos 2024: AI-generated disinformation poses threat to elections, says World Economic Forum

Disinformation and misinformation are the top risks facing businesses, governments and the public over the next two years Continue Reading
News 10 Jan 2024

SEC social media hack highlights value of MFA

The US SEC briefly appeared to approve new bitcoin trading rules after a social media account was targeted by troublemakers, proving the value of MFA once again Continue Reading
News 10 Jan 2024

How Fujitsu became a central part of the Post Office scandal

As a TV drama brings the Post Office scandal to a wider audience, many are wondering how and why a Japanese IT company became embroiled in the story – we examine the troubled history behind Fujitsu’s role Continue Reading
News 10 Jan 2024

Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill

The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK Continue Reading
News 09 Jan 2024

Babuk Tortilla ransomware decryptor made available

A joint effort between Cisco Talos, Avast and the Dutch police will bring relief to many victims of a variant of the Babuk ransomware known as Tortilla Continue Reading
Opinion 09 Jan 2024

Inadequate cloud logs are proving a headache for CISOs

The mass adoption of cloud environments is pushing strained CISOs to the brink and a lack of attention to logging isn't helping. Vectra's Mark Wojtasiak calls for organisations to do more to improve visibility in their clouds in 2024 Continue Reading
News 09 Jan 2024

Study reveals cyber risks to US elections

With the 2024 US presidential election cycle beginning, a study produced by Arctic Wolf has highlighted big gaps in preparedness and resourcing at government bodies across the US Continue Reading
Opinion 09 Jan 2024

Designing an IT department for a world defined by change

Traditional functional organisational models cannot adapt adequately to the demands of a 21st century digital business - especially not in the IT department. How can a service-based structure help? Continue Reading
News 08 Jan 2024

British Library ransomware attack could cost up to £7m

The cost of recovering the British Library’s ransomware-stricken IT systems could be up to £7m, it has emerged Continue Reading
News 07 Jan 2024

India firms warm to responsible AI

Almost two-thirds of organisations said their responsible AI practices and policies were mature or they had taken steps towards responsible AI adoption, according to a Nasscom study Continue Reading
News 05 Jan 2024

Information Commissioner questions DWP plan to monitor bank accounts of benefit claimants

The Information Commissioner has warned that legislation to give new powers to the Department of Work and Pensions to check bank accounts of benefit claimants for indications of fraud lacks appropriate safeguards Continue Reading
News 02 Jan 2024

China’s UNC4841 pivots to new Barracuda ESG zero-day

The Chinese state threat actor behind a series of cyber attacks on Barracuda Networks customers embarked on a campaign targeting the supplier’s email security products in the run-up to Christmas Continue Reading
News 29 Dec 2023

Top 10 AI regulation stories of 2023

From the UK government’s publication of its long-awaited AI whitepaper to its convening of the world’s first AI Safety Summit, here are Computer Weekly’s top 10 AI regulation stories of 2023 Continue Reading
News 28 Dec 2023

Top 10 technology and ethics stories of 2023

Here are Computer Weekly’s top 10 technology and ethics stories of 2023 Continue Reading
News 27 Dec 2023

Top 10 police technology stories of 2023

Here are Computer Weekly’s top 10 police technology stories of 2023 Continue Reading
News 21 Dec 2023

Top 10 cyber crime stories of 2023

Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
News 21 Dec 2023

Top 10 storage supplier strategy stories of 2023

In 2023, we looked at the top storage suppliers, their market share and how they set themselves for a future of hybrid cloud, containerisation and consumption models of purchasing Continue Reading
Opinion 20 Dec 2023

Beyond the office walls: Safeguarding remote workers from attack

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
Opinion 20 Dec 2023

Zero-trust principles: Your gateway to securing remote workers

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
Opinion 20 Dec 2023

What we learned in cyber in 2023, and what to look out for

PA Consulting's Rasika Somasiri looks back at a busy 12 months in the cyber security world, and highlights some key learnings from 2023 Continue Reading
Opinion 20 Dec 2023

Evolving best practice: What next for securing remote work?

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
News 20 Dec 2023

'No hiding place' for those responsible for Post Office Horizon scandal

MPs want individuals to be held to account for their roles in causing the Post Office Horizon scandal, which destroyed thousands of lives Continue Reading
News 20 Dec 2023

ALPHV/BlackCat operation down, but maybe not out

Multinational law enforcement has targeted the operations of the notorious ALPHV/BlackCat cyber extortion gang, but the group’s members appear to remain defiant Continue Reading
Opinion 19 Dec 2023

Security Think Tank: Testing to improve remote worker security

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
News 19 Dec 2023

Top 10 cyber security stories of 2023

The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides, but it was the chaotic state of global geopolitics that really made an impact Continue Reading
News 19 Dec 2023

Top 10 information management stories of 2023

Generative AI was inescapable as the leading theme of the information management stories of 2023 gathered here. But also selected are pieces about data and healthcare, and the inexorable rise of the CDO Continue Reading
Opinion 19 Dec 2023

Security Think Tank: Anytime, anywhere access is achievable

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
News 15 Dec 2023

Police defend facial recognition target selection to Lords

Senior police officers confirm to Lords committee that facial recognition watchlist image selection is based on crime categories attached to people’s photos, rather than a context-specific assessment of the threat presented by a given individual Continue Reading
Opinion 14 Dec 2023

Governance best practices for citizen developers

The rise of citizen developers is revolutionising the way organisations approach software development. Here is a guide to supporting them Continue Reading
News 14 Dec 2023

Government plans to regulate to tackle datacentre threats

DSIT outlines a range of proposals designed to protect data storage facilities from cyber attacks, as well as physical threats and the effects of climate breakdown Continue Reading
News 14 Dec 2023

The Security Interviews: Talking identity with Microsoft’s Joy Chik

Microsoft’s president of identity and network access, Joy Chik, joins Computer Weekly to discuss the evolving threat landscape in identity security, using innovations in artificial intelligence to stay ahead, and advocating for the coming passwordless future Continue Reading
News 14 Dec 2023

NCSC CEO Lindy Cameron to step down in 2024

NCSC chief exec Lindy Cameron, who helped lead and elevate the national dialogue on cyber security through major events such as Covid-19, SolarWinds Sunburst and Colonial Pipeline, is to step down in the New Year Continue Reading
Blog Post 14 Dec 2023

Tesla and the risk of technological complacency

The recall of the Tesla Autopilot software is an illustration of the risks of human complacency that can occur as more and more of the tasks we’re used to become automated. Years ago, people ... Continue Reading
News 14 Dec 2023

Current Post Office executive in denial of Horizon cover-up

Executives at the Post Office today are still in denial of the part they played in destroying the lives of thousands of people Continue Reading
News 13 Dec 2023

No UK AI legislation until timing is right, says Donelan

The UK government will not legislate on artificial intelligence until it has a better understanding of the technology, so is instead focusing on building up regulatory capacity and conducting safety-focused research, says digital secretary Continue Reading
News 13 Dec 2023

How ransomware gangs use the tech media against their victims

Ransomware gangs are increasingly media-savvy operators, and this means incident response plans now need to account for communications and PR strategies too Continue Reading
News 13 Dec 2023

Microsoft’s Christmas present for cyber teams: no zero-days

Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023 Continue Reading
News 13 Dec 2023

Critical UK infrastructure a ‘hostage of fortune’ to ransomware

A lack of ransomware planning and preparedness at the highest levels of government is leaving UK operators or critical national infrastructure dangerously exposed, according to a Joint Committee report Continue Reading
News 12 Dec 2023

MoD fined after breach of Afghan staffers’ data put lives at risk

The MoD has been fined £350,000 by the ICO after an email blunder exposed data on Afghan nationals who had worked with British forces and were at risk of Taliban reprisals Continue Reading
News 12 Dec 2023

Outdated data protection practice key factor in PSNI data breach

The August 2023 data breach at the Police Service of Northern Ireland arose chiefly from an outdated approach to data protection and compliance at the force, according to an independent review Continue Reading
News 11 Dec 2023

Competition and Markets Authority looks into Microsoft/OpenAI after Altman fiasco

The firing and rehiring of OpenAI’s CEO, and the fallout, which could have seen Microsoft hire all its staff, has the regulator spooked Continue Reading
News 08 Dec 2023

Fancy Bear targets Nato entities via critical Outlook flaw

A vulnerability patched in March has likely been exploited by the Russian state actor Fancy Bear, for over two years, according to the latest intelligence Continue Reading
News 07 Dec 2023

UK names Russian FSB agents behind political hacking campaign

Russian hacking group, Star Blizzard, was part of a Russian intelligence operation aimed at interfering with UK politics and the democratic process, says government. Continue Reading
News 07 Dec 2023

NCSC exposes Russian cyber attacks on UK political processes

The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard Continue Reading
News 07 Dec 2023

2023 may have seen highest ransomware ‘body count’ yet

Ransomware, or cyber extortion as it is increasingly being termed, remained the most prominent security threat in 2023 – and thanks to large-scale supply chain attacks, the past 12 months may have seen the most victims ever Continue Reading
Opinion 07 Dec 2023

Considerations for the security of evolving workspaces

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
News 06 Dec 2023

NHS whistleblower Peter Duffy threatens trust with legal action in row over alleged email tampering

NHS whistleblower warns his former employer of potential litigation over a dispute concerning allegations of email tampering Continue Reading
Feature 05 Dec 2023

How to recover systems in the event of a cyber attack

Recovering compromised systems after a cyber attack isn’t easy, but understanding industry best practice offers a template for the key processes to follow Continue Reading
News 05 Dec 2023

Operator of Sellafield nuclear facility denies hacking claims

The operator of the Sellafield nuclear site has denied allegations that senior managers covered up a series of cyber security lapses that enabled Chinese and Russian threat actors to compromise its networks Continue Reading
News 05 Dec 2023

Undisclosed document could reveal pressure on Fujitsu expert witness in Post Office prosecution

Details of Post Office prosecutor’s meeting with Fujitsu IT expert witness, used in subpostmaster prosecution, not yet disclosed to public inquiry Continue Reading
News 04 Dec 2023

Rhysida ransomware gang hits hospital holding royal family’s data

Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital Continue Reading
Opinion 04 Dec 2023

Cyber and remote working: How Covid moved the cursor

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
News 01 Dec 2023

Human augmentation tech requires dual use oversight

Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO Drone Wars UK Continue Reading
News 01 Dec 2023

Report reveals sorry state of cyber security at UK football clubs

Football clubs up and down the country are putting staff, players and fans alike at risk through outdated attitudes to cyber security, according to a report Continue Reading
News 01 Dec 2023

Lords committee urges caution on UK use of autonomous weapons

UK government must ensure proper democratic oversight of its development and use of AI-powered weapon systems, says Lords committee Continue Reading
News 01 Dec 2023

The Security Interviews: Mark McClain, SailPoint Technologies

SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come Continue Reading
Opinion 01 Dec 2023

Security Think Tank: Four steps to secure remote workers

Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
Opinion 30 Nov 2023

Prepare for your worst day: How to create a cyber incident response plan

What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
News 30 Nov 2023

Government’s Online Fraud Charter welcomed

The government has corralled 11 of the largest tech platforms in the world to commit to its Online Fraud Charter, designed to tackle online scams, fake adverts, and more Continue Reading
News 30 Nov 2023

Rhysida gang stole hundreds of gigabytes of British Library data

The Rhysida ransomware gang behind the cyber attack on the British Library has published almost 600GB of stolen data to its dark web leak site Continue Reading
News 30 Nov 2023

Slow government response to Post Office scandal compensation forces new legislation

Subpostmasters who exposed widest miscarriage of justice in UK history still waiting for compensation after decades of fighting Continue Reading
News 29 Nov 2023

Scope of Okta helpdesk breach widens to impact all users

Okta has widened the scope of the October breach of its systems to include every customer that has used its helpdesk service, after new information came to light Continue Reading
News 28 Nov 2023

CCRC refers two posthumous subpostmaster appeals to Crown Court

CCRC refers posthumous appeals against convictions to Crown Court for first time Continue Reading
News 28 Nov 2023

Scope of British Library data breach widens

Personal data on British Library users has appeared for sale on the dark web following a Rhysida ransomware attack, as the scope of the still-developing incident widens again Continue Reading
News 28 Nov 2023

Volume of unique malware samples threatens to overwhelm defenders

A massive increase in malware volumes could cause problems for security teams tasked with adapting their defences against them Continue Reading
News 27 Nov 2023

The Security Interviews: Zeki Turedi, field CTO Europe, CrowdStrike

Organisations are racing to keep their security up to date against the latest threats. CrowdStrike’s Zeki Turedi explains how to protect against novel and innovative cyber attacks Continue Reading
News 27 Nov 2023

NCSC publishes landmark guidelines on AI cyber security

The NCSC and its US counterpart CISA have brought together tech companies and governments to countersign a new set of guidelines aimed at promoting a secure-by-design culture in AI development Continue Reading
Opinion 24 Nov 2023

DORA raises the stakes for cloud use in financial services

The EU's DORA regulations will raise the stakes for cloud in financial services but resilience is more than just a tech issue, says NetApp's Steve Rackham Continue Reading
News 24 Nov 2023

UK police plan national roll-out of facial-recognition phone app

UK police chiefs plan to expand use of facial-recognition technology through a nationwide roll-out of mobile-based tools and increases in retrospective facial-recognition, but oversight problems persist Continue Reading
News 23 Nov 2023

DWP to surveil bank accounts of benefit claimants for fraud

The UK government has outlined how it plans to tackle benefit fraud by giving the Department for Work and Pensions new powers compelling banks to collect and share data on claimants’ bank accounts Continue Reading
News 23 Nov 2023

MOVEit incident spurred UK decision makers to spend big on cyber

The MOVEit cyber attacks that unfolded in the spring and summer of 2023 seem to have driven an increase in both ransomware awareness and spend, according to a report Continue Reading
Opinion 23 Nov 2023

Navigating the DPDI Bill: A transformative shift ahead

The Data Protection and Digital Information (No. 2) Bill, or DPDI, is set to reshape the UK’s data protection framework. Louise Brooks of DQM GRC considers the implications Continue Reading
News 23 Nov 2023

North Korean APTs go all in on supply chain attacks, warns NCSC

Threat actors linked to the North Korean regime are becoming more adept at targeting software supply chains in the service of their cyber attacks Continue Reading
News 22 Nov 2023

An inside look at a Scattered Spider cyber attack

Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated Continue Reading
News 22 Nov 2023

Palantir awarded NHS FDP data contract

NHS England has awarded a £330m, seven-year contract to US data specialist Palantir, prompting concerns from data privacy practitioners Continue Reading
News 22 Nov 2023

CISA reveals how LockBit hacked Boeing via Citrix Bleed

As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew Continue Reading
News 21 Nov 2023

Over half of SME cyber incidents now ‘malware-free’

The age of malware-driven cyber attacks may have peaked, at least when it comes to incidents affecting small and medium sized enterprises Continue Reading
News 21 Nov 2023

Canada’s Mounties among government employees hit by LockBit

A LockBit attack on a specialist supplier of relocation services has engulfed multiple government agencies in Canada Continue Reading
Opinion 21 Nov 2023

Why transparency and accountability are important in cyber security

If we accept that the humans who build technology and systems are naturally fallible and mistakes inevitable, and then deal with that with good grace, we could do much to improve cyber standards, writes Bugcrowd's Casey Ellis Continue Reading
News 20 Nov 2023

Kingfisher develops AI-agnostic platform to power DIY assistant

The platform provides a framework for security and compliance and enables developers to test different large language models Continue Reading
News 20 Nov 2023

JPMorgan Chase tops bank AI ranking

Report reveals that JPMorgan Chase is the world's top bank for AI, along with Capital One and Royal Bank of Canada, but Europeans are lagging behind Continue Reading
Feature 20 Nov 2023

Elected officials' lack of digital skills affects public services

A lack of digital skills and tech expertise among elected officials encourages government to contract out IT work instead of building up internal capacity, making the public sector increasingly reliant on outside knowledge to get things done Continue Reading
News 20 Nov 2023

IT not ready for AI, Pure Storage survey finds

Storage, compute and networking hardware won’t cope without upgrades, and that often means total IT infrastructure overhaul Continue Reading
News 17 Nov 2023

Does third-party support make sense?

We speak to a Rimini Street customer about their experience of managing an Oracle ERP Continue Reading
News 16 Nov 2023

Royal Mail spent £10m on cyber measures after LockBit attack

Royal Mail has spent approximately £10m on recovery and improved cyber resilience measures in the wake of the January 2023 LockBit ransomware attack Continue Reading
News 16 Nov 2023

Outgoing police tech watchdog warns of declining oversight

The outgoing biometrics and surveillance camera commissioner for England and Wales discusses police deployment of powerful new surveillance technologies, and the declining state of oversight in this area Continue Reading
News 16 Nov 2023

Interview: Dan Huddart, CTO, Homeprotect

After building up experience in the insurance sector, Homeprotect’s chief technology officer sought the freedom to innovate being offered at the rapidly scaling company Continue Reading
News 16 Nov 2023

Ransomware gang grasses up uncooperative victim to US regulator

The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off Continue Reading
News 16 Nov 2023

British Library’s Halloween cyber scare was ransomware

The British Library has provided an update on an ongoing cyber incident affecting its systems, confirming it to be the result of a ransomware attack Continue Reading
News 15 Nov 2023

BlackCat affiliate seen using malvertising to spread ransomware

Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker Continue Reading
News 15 Nov 2023

November Patch Tuesday heralds five new MS zero-days

Microsoft pushes fixes for five new zero-days in its latest monthly update Continue Reading
News 15 Nov 2023

US government reinforces ICBC hack link to Citrix Bleed

US Treasury adds weight to reports that a ransomware gang gained access to the systems of Chinese bank ICBC by exploiting a critical Citrix flaw Continue Reading
News 14 Nov 2023

Fast-acting cyber gangs increasingly disabling telemetry logs

Sophos guidance for security practitioners and defenders highlights a growing trend for threat actors to disable or wipe telemetry logs to cover their tracks Continue Reading
News 14 Nov 2023

Francis Maude calls for GDS and CDDO to merge

Review into the civil service by the former Cabinet Office minister says the two organisations should become one entity to avoid sending mixed signals around accountability and leadership Continue Reading
Opinion 14 Nov 2023

What’s the smart way of moving forward with artificial intelligence?

Don’t try to use AI to solve everything at once – be clear about what specific use cases you want Continue Reading
News 13 Nov 2023

Rogue state-aligned actors are most critical cyber threat to UK

The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night Continue Reading