Data Protection News, Features, and Interviews

News

After celeb hack, Apple patches password guessing weakness in iCloud

By Liam Tung | 02 September, 2014 09:44

On Monday Apple fixed a serious flaw in its iCloud service that could have been used by hackers to nab private celebrity pics leaked this week.

Drupal offers bounty for breaking its new two-factor authentication

By Liam Tung | 28 August, 2014 23:43 | 4 Comments

Developers behind the popular open source content management system, Drupal, want hackers to break its two-factor authentication system for drupal.org before it goes live.

Callas Responds to Green's Criticisms

By David Heath | 27 August, 2014 15:23

A few days ago, Matthew Green, the widely respected cryptographer and research professor at Johns Hopkins University launched a broadside against PGP. In summary, Green said, “The problem with this is that, for all the good PGP has done in the past, its a model of email encryption thats fundamentally brokenrdquo; Further Green said PGP keys suck, PGP key management sucks and that that there is no forward secrecy. His blog post adds more criticisms and also attempts to find some solutions.

IT Risk Management :The Evolving Nature

By Anthony Caruana | 27 August, 2014 15:08

Peter Cooper, Group Information Security Manager, Woolworths says the value IT can bring "is to do what we do faster. The best value we can bring to our important business colleagues is help business processes. But doing things faster brings new risk".

From IT Security to Information Security — How Technology Is Not The Greatest Challenge in Protecting Your Information Online

By Anthony Caruana | 27 August, 2014 14:54

Michael Rothery, First Assistance Secretary for National Security Resilience Policy at Department of the Attorney General says that in order to deliver effective security and risk management the key question is "Who owns the risk?".

Reviews

Cisco impresses with first crack at next-gen firewall

By Joel Snyder | 17 June, 2013 11:23

When we tested next-generation firewalls last May, at least one important security vendor wasn't there: Cisco, because they weren't ready to be tested. Now that the ASA CX next-generation firewall has had a year to mature, we put the product through its paces, using the same methodology as our last NGFW test.

LANDesk Total User Management 9.5 Review

By Ashton Mills | 29 May, 2013 20:59 | 1 Comment

LANDesk’s foray into system, asset and user management is the latest version of its Total User Management suite, which we’ll affectionately call TUM.

Storing in the cloud securely: 30 services compared

By Ashton Mills | 20 June, 2012 14:04 | 10 Comments

In perhaps the most comprehensive roundup on the net, we take a look at cloud storage services for personal and business use from the perspective of the CIO: what they offer, what's important and what to look for.

Review: WatchGuard XTM2050

By Matt Tett | 22 May, 2012 16:09

What is big, flexible, red and costs more than your average mid-range family sedan? Not a HSV—not quite that much—but this top of the range unified threat management (UTM) device (or in this case, XTM– the X presumably being a variable) is definitely in a high performance category. The XTM2050 from WatchGuard is one of a new breed of security devices that packs punch.

Wipe it free: secure wiping software

By Ashton Mills | 03 April, 2012 10:24 | 2 Comments

When it comes retiring PCs at the office or at home, regardless of whether their final destination is a tip or to be sold to recover an investment, it goes without saying that a computer's drives need to be wiped. For the corporate environment, you're going to want to make sure no sensitive data is left behind however benign, and for the home you don't want leave any trace of personal details or credit card transactions that could be picked up and used in identify theft.

Slideshows

In pictures: Inside the CSC Sydney cyber security centre

By Hamish Barwick | 03 June, 2014 14:01

CSC opened the doors to its new security operations centre (SOC) in Macquarie Park, Sydney this week. The SOC is one of five that the vendor operates globally as part of a 24/7 strategy to identify cyber threats in real time.

Custom defence in the age of an inevitable breach

By CSO staff | 30 August, 2013 10:06

CSO Trend Micro Workshop

Evolve Security Conference 2013 rolling coverage

By CSO staff | 14 May, 2013 14:31

What a time to be in the IT industry - right now technology is changing almost every aspect of our lives, and as IT professional we have front row tickets!

The decisions we make today will be felt for years to come by the organisations we work for, their owners, their customers, and their partners. (Sanjay Mehta)

Overview of an ISMS implementation across SCADA and IT networks

By Russell Clarke and Mark Jones | 31 January, 2013 09:36

Presentation by Russell Clarke and Mark Jones - Directors of RMSEC.

In pictures: PM launches cyber safety program

By Hamish Barwick | 17 January, 2013 09:07

Prime Minister Julia Gillard was on hand in Sydney this week to launch a new cyber education module called bCyberwise. Developed by Life Education and McAfee, the program is designed to teach primary school students about online dangers such as becoming `friends' with strangers and cyber bullying. The program will be rolled out to Australian schools from 4 February.

Features

2011's biggest security snafus

By Ellen Messmer | 02 December, 2011 06:27

Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.

Guide: How to bulletproof your website

By Esther Shein | 29 November, 2011 03:32

'Tis the season to begin ramping up online shopping activity, and for retailers that means doing all they can to ensure their websites are up, highly available and able to handle peak capacity. Looming in many IT managers' minds is the cautionary tale of Target, whose website crashed twice after it was inundated by an unprecedented number of online shoppers when the retailer began selling clothing and accessories from high-end Italian fashion company Missoni.

Security breach

By Matt Rodgers | 22 September, 2011 09:00

No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.

NEWS FOCUS: Cyber-espionage attacks threaten corporate data in new unrelenting ways

By Ellen Messmer | 08 August, 2011 20:26

Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.

NEWS FEATURE: Debate rages over how to manage personal mobile devices used for work

By Ellen Messmer | 28 July, 2011 06:47

Increasingly, businesses accept the idea that employees should be able to use their personal mobile devices, such as smartphones and tablets, for work. But debate is raging as to whether these employee-owned devices should be managed and secured exactly as corporate-owned devices might be.

Opinions

It’s All About the Threat: Five Questions to Ask to Make Sure you Stay Focused

By Ammar Hindi | 27 June, 2014 08:13

Lack of cybersecurity talent coupled with the increasing complexity of threats and networks, a heightened regulatory environment, and an accelerating pace of innovation is driving many organisations to look outside their walls for cybersecurity protection.

Under attack, how banks can fight back

By Geoff Webb | 02 June, 2014 10:50

In March 2013, the Reserve Bank of Australia confirmed that hackers had penetrated its computers but failed to steal sensitive data or corrupt networks, amid growing alarm that sophisticated cyber attacks may leave banks and other organisations unaware they have been compromised.

How secure is SSL? – the answer might surprise you

By Jonathan Andresen | 09 April, 2014 17:27

Enterprises and online businesses face mounting challenges as the use of secure web based content and applications continue to grow. Easy-to-access, highly mobile, and social are the new user mantras of today’s IT.

Data storage and security in the cloud

By Gordon Makryllos | 03 March, 2014 13:37

With cloud computing continuing its journey as arguably the dominant technology of the current era, so too the way we use it and manage its capabilities continue to evolve. The cloud has given us new ways to think about lots of traditional IT habits and practices, and as more and more data finds its way into the cloud, this extends to subjects like business continuity, disaster recovery and general data security.

You already have a secret weapon against cyber crime – want to know what it is?

By Andrew Bycroft | 11 February, 2014 17:01

Many casualties resulted from the many wars that were fought during the last century. A high percentage of those soldiers were engaged in combat because there was no ability to opt out. Most of us would not want to go to war, but unfortunately war has a way of finding us.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Security and Compliance Solutions

Manage and visualize the security and compliance of VMware, physical, and hybrid-cloud infrastructure from the RSA Archer eGRC Platform.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.