Ongoing growth in security breaches have customers demanding better information about their security exposure, but most will struggle to get it without tapping into intelligent analytics platforms capable of scouring different kinds of log data for trends across cloud, mobile, and other enterprise environments, a security analytics expert has warned.
With a background that started at computer store back in the 1990's, Symantec's COO Stephen Gillett has climbed the corporate ladder rapidly. After being spotted by the Chairman of the largest hospital chain in the Pacific northwest of the USA while working at Office Depot, he was appointed as the IT manager of a new hospital. After moving from that to his own start up, he became the CIO of Starbucks at the age of 31. He's now the COO of Symantec.
The Australian government increased its use of data requests to source information on Google by 29 per cent from 2012 to 2013, the company's latest Transparency Report has shown, while figures indicated that Australian authorities are proving more effective than most governments at getting most of the information they request.
We've all heard the same story recently – malware developers and distributors are becoming far smarter and commercially minded than ever before. The days of disgruntled teenagers hacking from their dimly lit bedrooms are behind us with corporatised criminal gangs now working as organized syndicates intent on stealing identities and extorting money.
The Privacy Amendment (Privacy Alerts) Bill is back on the government agenda after it had a first reading in the Senate this week.
Just a few short years ago, all a PC needed for protection was a basic antivirus program to guard against any malware that arrived via an e-mail attachment, embedded in a shareware application or piggy-backed on a floppy disk.
These days barely a day goes by where there isn’t some sort of network security breach or hack or malfunction of some sort. This year too we had the rise of groups such as Anonymous and Lulz that sought out attention for their activities. Here we take a look at the year in pictures of some of the key security problems that grabbed our attention.
- Amazon, Apple and Google know more about you than your doctor or lawyer - and Commbank is jealous as hell. - Don’t trust an organisation that doesn’t have a face - because then you can’t punch it in when they screw up, said Marcus Ranum. - 78 percent of the world’s population doesn’t have access to a computer or the internet and therefore avoid all IT security problems.
Destroying data to protect against fraud.
The complexity of encryption schemes has been increased dramatically in an attempt to outpace the development of computational tools designed to crack them. Now it's important to devise algorithms that can't be brute forced for trillions of years in the hopes that they will remain secure long enough to be useful before they, too, are broken. Here's a quiz about encryption to see how well you are versed in one of security's most important components. Keep track of your score and check at the end to see how well you stack up.
3 steps to total compromise – why Google’s 86,000 indexed printers should have your IT team jumping.
There’s been bit of coverage in the technology press about Google’s “Indexing” of tens of thousands of publicly available printers connected directly to the Internet.
Over the last 2-3 years cloud computing has promised, and in many instances delivered, a lower total cost of ownership. This has helped organisations return the focus of operation to their core activities—reducing the effort spent on managing IT infrastructure and applications.
Insider threats — for example, data theft, intellectual property loss, privacy breaches and financial fraud — can be the most challenging IT risks for an organisation to address because they may or may not be happening. But if an insider threat occurs, it could no doubt hurt financially and/or publically. So how do you implement early detection to discover and expose these threats?
This is not just what is stolen; but also the loss of business or credibility that comes from informing customers that their data has been compromised. How would your customers react if you told them that their financial data or personal information had been taken by persons unknown?
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.