Companies concerned about their exposure to cyber-security intrusions need to look beyond conventional insurance policies to ensure they are protected against the additional threats of online business, a new report from the Centre for Internet Safety (CIS) has warned.
Security tools from eight different vendors are struggling to detect modern malware threats, according to eThreatz testing by Enex Testlab that has shown big-name security tools are failing to detect up to 65 per cent of malware presented to them.
Businesses concerned about the security of cloud-computing systems should appoint a 'cloud purchasing czar' whose sole responsibility is to evaluate cloud service providers (CSPs) and manage their interactions between business and IT executives, a leading security consultant has advised.
Well-established cloud customers may have a reasonably good understanding of the risks and procedures necessary to make the most of the model, but new entrants will face a steep learning curve that requires ongoing involvement with the business organisation to resolve, the University of Melbourne's IT security and risk management head has warned.
The escalating need for integrated network and endpoint protection means CSOs need to make sure they don't overcommit to any specific vendor's security vision, the CEO of security firm Sophos has warned.
When we tested next-generation firewalls last May, at least one important security vendor wasn't there: Cisco, because they weren't ready to be tested. Now that the ASA CX next-generation firewall has had a year to mature, we put the product through its paces, using the same methodology as our last NGFW test.
LANDesk’s foray into system, asset and user management is the latest version of its Total User Management suite, which we’ll affectionately call TUM.
In perhaps the most comprehensive roundup on the net, we take a look at cloud storage services for personal and business use from the perspective of the CIO: what they offer, what's important and what to look for.
What is big, flexible, red and costs more than your average mid-range family sedan? Not a HSV—not quite that much—but this top of the range unified threat management (UTM) device (or in this case, XTM– the X presumably being a variable) is definitely in a high performance category. The XTM2050 from WatchGuard is one of a new breed of security devices that packs punch.
When it comes retiring PCs at the office or at home, regardless of whether their final destination is a tip or to be sold to recover an investment, it goes without saying that a computer's drives need to be wiped. For the corporate environment, you're going to want to make sure no sensitive data is left behind however benign, and for the home you don't want leave any trace of personal details or credit card transactions that could be picked up and used in identify theft.
CSO Trend Micro Workshop
What a time to be in the IT industry - right now technology is changing almost every aspect of our lives, and as IT professional we have front row tickets!
The decisions we make today will be felt for years to come by the organisations we work for, their owners, their customers, and their partners. (Sanjay Mehta)
Presentation by Russell Clarke and Mark Jones - Directors of RMSEC.
Prime Minister Julia Gillard was on hand in Sydney this week to launch a new cyber education module called bCyberwise. Developed by Life Education and McAfee, the program is designed to teach primary school students about online dangers such as becoming `friends' with strangers and cyber bullying. The program will be rolled out to Australian schools from 4 February.
Canberra's EVOLVE.Cloud hit the streets with topline speakers
Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.
'Tis the season to begin ramping up online shopping activity, and for retailers that means doing all they can to ensure their websites are up, highly available and able to handle peak capacity. Looming in many IT managers' minds is the cautionary tale of Target, whose website crashed twice after it was inundated by an unprecedented number of online shoppers when the retailer began selling clothing and accessories from high-end Italian fashion company Missoni.
No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.
Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.
Balancing security priorities with business flexibility and agility is a tough challenge. But it’s a challenge every executive management team faces as it strives to drive business growth, achieve competitive advantage and maximise operational efficiency.
It used to be easy enough to spot a bank robber. With their balaclavas and weapons of choice, the criminals would simply storm in demanding money and everyone knew exactly what was happening. While criminals still occasionally resort to traditional methods, it’s rare to see the dramatic Bonnie and Clyde-style bank heists of the 20th century.
Each day, as the speedy evolution of technology emerges, newer, more complex and increasingly dangerous cyber threats come onto the battlefield, thus presenting an ever-thriving danger to organisations, governments and enterprises everywhere.
"How do you teach a person to duck a punch? You punch them in the face until they get it," said freelance information security consultant Dan Tentler, who designed Twitter's internal anti-phishing training program, at last week's Breakpoint security conference in Melbourne.
The attractiveness of adopting cloud services continues to grow. Who can argue against access to the latest technologies, a pay as you go model, rapid provisioning/de-provisioning and on demand scaling? All of these benefits lead to improved agility, faster time to market and a business focus on the business (not managing IT). Many of the risks of cloud computing have become less frightening as organisations have become more comfortable with data sovereignty and availability issues.
Sign up now »
Enforce compliance consistently and cost-effectively across your organization.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.