• Big or Little brother?

    It used to be the fear of 1984 and Big Brother—watching and controlling citizens’ every move. These days the writing is on the wall, while Big Brother is watching via the CCTV networks, little brother is insidiously infiltrating our computers and smart devices to build a cache of information—and it is no longer simply making off with corporate/personal data/information. Enter the RAT.

    3 May  /  CSO Bloggers

  • Baseline Security Evaluation - SEPR

    Enex TestLab has been providing independent testing services for 24 years now. We cover 90 industry sectors with 8 separate testing divisions.

    5 Apr  /  CSO Bloggers

  • There is a reason why we do what we do, and it starts with a 'P'

    There has to be a certain level of paranoia in the security industry. It’s what we do, our job is to believe nothing and see gaping holes where others simply trust things are being looked after.

    5 Apr  /  CSO Bloggers

  • Data retention, governance and privacy

    There has been a lot of coverage in recent months over the Australian Federal Governments proposition to implement a data retention policy. The debate is polarising and highly emotive, similar to that of the shelved mandatory Internet content filtering policy.

    18 Mar  /  CSO Bloggers

  • Social media – how’s your privacy?

    One of my previous blogs touched upon the Australian Federal Government’s proposed data retention laws and the inevitable storm raised by those opposed - big brother all over again. The digital Australia card. However, some individuals are voluntarily and publicly releasing personal information of far greater value than a list of the internet sites they visit. Indeed the information released is encouraged to be used by marketing and advertisers to characterise an individual and target promotions straight to their screen.

    28 Feb  /  CSO Bloggers

  • Close the Interwebz?

    In my last CSO blog I posted about the Australian Federal Governments recent proposal that requires Internet Service Providers to retain their customers’ activity logs for a period of two years.

    6 Dec  /  CSO Bloggers

  • Whose watching you watching them?

    There has been a lot of public debate and emotive outcry over the government's proposal to enable a security agency to gain access to the historical user activity logs of Internet Service Providers. Under that provision the requirement will be for ISPs to retain such information for a period of two years and provide it if requested.

    1 Nov  /  CSO Bloggers

  • Content Filtering — the good, the bad, and the ugly!

    I was recently engaged to present a half-day workshop to a Government agency on the topic of content filtering technologies. Naturally this is a technology topic that Enex TestLab has had significant involvement with over the years, and something that I have personally had to deal with on a number of levels (and for a number of reasons).

    31 Aug  /  CSO Bloggers

  • How important is Mobile Security in a cloud enabled world?

    A vast majority of workers these days carry around mobile devices which have the capability of accessing the internet. Some of these devices are supplied by organisations, but in most cases they are the employee’s own personal devices.

    22 Jun  /  CSO Bloggers

  • How do you know when your system is hacked?

    One thing that I have been pondering recently is how a typical individual knows their system has been compromised.

    17 May  /  CSO Bloggers
Matt Tett
Matt Tett is the Managing Director of Enex TestLab, an independent testing laboratory with over 22 years history and a heritage stemming from RMIT University. Matt holds the following security certifications in good standing CISSP, CISM, CSEPS and CISA. He is a long standing committee member of the Australian Information Security Association (AISA), Melbourne branch, and is also a member of the Information Systems Audit and Control Association (ISACA). Enex TestLab can be found at http://www.testlab.com.au blog at http://enextestlab.blogspot.com and can be found on twitter as @enextestlab.
Blogs
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

NetIQ PCI DSS Compliance Suite

The pressure to satisfy compliance requirements can be overwhelming.

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »