Recriminations were flying as security vendor Trustwave Holdings was named in a lawsuit related to the penetration of US retailer Target, in a suit related to Target's obligations under the PCI DSS credit-card industry standard. The move was termed a wake up call for companies looking to hire PCI DSS auditors, while others in the credit-card industry were seizing on the Target hack to further their arguments for PIN vs chip-based card security.
Given the billions of dollars that have been invested in security over the last decade or so, you'd expect that malware distributors and data thieves to be scurrying away with their tails between their legs. But that's simply not the case.
March 31 is World Backup Day; do you know where your data is?
HP's annual Pwn2Own contest has been run and won. Critical flaws in every major browser, which allowed remote code execution, were found as well as issues with Adobe's Flash and Reader products. Pwn2Own is a hacker contest that runs within the CanSecWest event in Vancouver. Hackers are offered cash prizes as incentives as well as donations of computer hardware and other prizes given to the security researchers.
The Privacy Amendment Act 2012 (No. 197, 2012), has passed through the Australian Parliament and took effect on 12 March 2014.
In perhaps the most comprehensive roundup on the net, we take a look at cloud storage services for personal and business use from the perspective of the CIO: what they offer, what's important and what to look for.
With data becoming more valuable, the need for security also gets greater. Today’s technology and working behaviours both facilitate data being easily transported. Information is far less static due to home working, multiple office sites, low cost USB storage devices and DVDs. With all these portable devices and data being moved from place to place we must be mindful of data backup.
Trend Micro's SafeSync is an Internet-based storage solution that allows you to upload files and access them from any computer or smartphone (iPhone or Android). It's a very similar service to DropBox, but it offers better value for money.
A marathon hack event held over a June weekend in Melbourne attracted more than 50 developers and designers, and a dozen subject matter and technical experts to ‘hack for humanity’. They volunteered their time to create open source solutions for communities impacted by natural disasters and climate change. These prototypes are available to assist in disaster relief planning, emergency management and community recovery.
Some things are meant to go together. Coffee and laptops isn’t one of them. Spilling a drink on a keyboard is just one of many ways people lose vital business data. Other hazards include hardware and software failure, viruses, accidentally deleting a file, fire and theft. Yet more than one in three Australian businesses (36%) do not have an offsite backup strategy to protect their data, according to a survey* by backup specialist Acronis.
This is not just what is stolen; but also the loss of business or credibility that comes from informing customers that their data has been compromised. How would your customers react if you told them that their financial data or personal information had been taken by persons unknown?
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.