With a background that started at computer store back in the 1990's, Symantec's COO Stephen Gillett has climbed the corporate ladder rapidly. After being spotted by the Chairman of the largest hospital chain in the Pacific northwest of the USA while working at Office Depot, he was appointed as the IT manager of a new hospital. After moving from that to his own start up, he became the CIO of Starbucks at the age of 31. He's now the COO of Symantec.
While security vendors weigh their product ranges for vulnerability to the recently discovered 'Heartbleed' bug, Symantec's massive digital certificate infrastructure remains secure – but the company is advising customers to update the vulnerable OpenSSL code and then regenerate their public key infrastructure (PKI) private keys, according to its Melbourne-based senior principal systems engineer Nick Savvides.
Researchers have proven the Heartbleed OpenSSL bug can be used to extract private keys from a vulnerable web server, giving affected services concrete evidence they do need to revoke and reissue private SSL certificates.
Microsoft’s next major release of Internet Explorer (IE) will support an internet standard that allows web servers to force browsers to make a secured connection when the site supports encryption.
Specialist recruitment giant Peoplebank is seeing significant time savings after implementing a digital signature system that has significantly improved its everyday work processes.
Trend Micro's SafeSync is an Internet-based storage solution that allows you to upload files and access them from any computer or smartphone (iPhone or Android). It's a very similar service to DropBox, but it offers better value for money.
Canberra's EVOLVE.Cloud hit the streets with topline speakers
Evolve.Cloud event hosted by Trend Micro including thought leaders from , VMware, Cloud Security Alliance, Government Leaders and Cloud Independent Rob Livingstone at The Sheraton on the Park.
Symantec Vision 2011 Sydney in pictures
Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.
To use Cloud computing securely requires companies to know where their data is stored and who has access to it. Ironically, the reason Cloud is so popular is because organisations don't want to worry about these details.
So can the issue be solved by adhering to standards? Increasing legislation? Maybe we need a global technical disaster to ‘sober up’ an industry drunk on the power of Moore's Law.
With cloud computing continuing its journey as arguably the dominant technology of the current era, so too the way we use it and manage its capabilities continue to evolve. The cloud has given us new ways to think about lots of traditional IT habits and practices, and as more and more data finds its way into the cloud, this extends to subjects like business continuity, disaster recovery and general data security.
The attractiveness of adopting cloud services continues to grow. Who can argue against access to the latest technologies, a pay as you go model, rapid provisioning/de-provisioning and on demand scaling? All of these benefits lead to improved agility, faster time to market and a business focus on the business (not managing IT). Many of the risks of cloud computing have become less frightening as organisations have become more comfortable with data sovereignty and availability issues.
In the age of cloud, internal IT departments are being continuously challenged to demonstrate value and alignment to business requirements and business needs.
How does your organisation cope when your data has left the building — or the country? Data sovereignty can be a vital legal issue, because data becomes subject to the laws of the country it's stored in — and that changes the risk profile.
In 1973 Peter Drucker in his book “Management Tasks and Responsibilities” defined strategic planning as: “The continuous process of making present entrepreneurial (risk-taking) decisions systematically and with the greatest knowledge of their futurity..."
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.