Industries
News
If governments clarify security expectations, vendors will follow: Huawei
Governments concerned about increasingly high-profile cyber-attacks must look past individual suppliers and work with vendors to consider risk in the context of an increasingly global security supply chain, the head of IT security with network supplier Huawei has advised.
AusCERT 2013: Deploying BYOD in a government environment
Strong executive desire to use iPhones led the Department of Sustainability, Environment, Water, Population and Communities to start looking for solutions that would separate government from personal information.
AusCERT 2013: Interview with Dr Lizzie Coles-Kemp
Dr Lizzie Coles-Kemp is a senior lecturer in the Information Security Group, Royal Holloway University of London. She is keenly interested in how social behaviours influence our attitudes to security. For example, in communities where Internet accounts need to be shared between family members, the security professional's assumption that one account and password identifies one person is undermined. CSO spoke to Dr Coles-Kemp about the nexus between social behaviours and information security.
AusCERT organisation celebrates 20 years
Fireworks lit up the sky as the AusCERT organisation kicked off its 20th birthday to coincide with the annual awards night.
AusCERT 2013: Police urge banks to install ATM chip technology
Australians will continue to be ripped off by international crime syndicates unless banks fast track the rollout of ATM chip technology, according to Queensland Police Detective Superintendent Brian Hay.
Slideshows
In pictures: PM launches cyber safety program
Prime Minister Julia Gillard was on hand in Sydney this week to launch a new cyber education module called bCyberwise. Developed by Life Education and McAfee, the program is designed to teach primary school students about online dangers such as becoming `friends' with strangers and cyber bullying. The program will be rolled out to Australian schools from 4 February.
AISA National Conference: In pictures
- Amazon, Apple and Google know more about you than your doctor or lawyer - and Commbank is jealous as hell. - Don’t trust an organisation that doesn’t have a face - because then you can’t punch it in when they screw up, said Marcus Ranum. - 78 percent of the world’s population doesn’t have access to a computer or the internet and therefore avoid all IT security problems.
Lulzsec: the rise and fall of a hacking collective
The curtain has fallen on the 50 day performance by hacker group LulzSec. Its campaign of mayhem and destruction, peppered with witty commentary captivated the world. In an alternate universe where Lulzcats reign and anti-security is the norm, it might have even earned a spot on its first target, The X-Factor. But on this earth its members may still be captured by its later targets: the CIA, US law enforcement and the FBI.
Opinions
The Ins and Outs of Cloud and Outsourcing
The speed at which IT is developing and the general nature of modern business means that many enterprises rely on specialists to manage our systems and applications. Economic and competitive pressures have made it imperative for organisations of all sizes to focus on their core competencies and turn to third-parties to assume responsibility for key corporate functions. The most common form of outsourcing is the cloud. The cloud simplifies many aspects of IT and the business services world.
SCADA security and understanding the risk impacts
Cyber security threats are on the rise. As a result, there is a focus on systems managing the critical infrastructure that everyone depends upon. Critical infrastructure is loosely defined as assets essential for the economy and overall society to function.
Cyber Security and the CIO Challenge
Cyber security is the double edged sword of modern business. Because the Internet is an evolving technology that carries enormous potential and vulnerability, cyber security embraces questions of internet freedom, network architecture and the economic potential of cyberspace
Establishing a Cloud Broker Model – Part 1
Information Security, IT Security, Technology Security, IT Risk and Security and IT Risk Services are all names that organisations use to define a functional unit within their enterprise that is responsible for the security, integrity and operational assurance of their information assets and operating environment.
Horses for Courses – how to find the right kind of ISO 27001 help
The NSW Government Digital Information Security Policy (version 1.0, dated November 2012) requires that all NSW Government Departments, Statutory Bodies and Shared Service Providers must have an Information Security Management System (ISMS) based on a comprehensive assessment of the risk to digital information and digital information systems.
-
A10 Networks’ new Thunder Series receives two awards at Interop Tokyo for Performance Optimisation and DDoS Mitigation
-
Silver Peak names founder David Hughes as CEO
-
Next-Gen Point of Sale Package Now Available for Australian Stores
-
Like it or not, IPv6 is coming – so here’s how to migrate
-
Splunk Wins Top Awards in Asia Pacific Market
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.







