The switch to IP cameras is on – and it's hard

By Anthony Caruana | 10 April, 2014 16:21

The physical security world has been in the midst of a significant change over recent years. Old security cameras, that could be connected with a coaxial cable and some power, are giving way to IP enabled devices. This has lead to a complete rethink on how security systems are designed, deployed, operated and maintained.

Unconventional crisis planning

By Anthony Caruana | 10 April, 2014 16:16

There's not a company worth its salt that hasn’t, at least, given some consideration to crisis planning. Most of our crisis planning is based upon basic risk management strategies. Come up with a bunch of potential scenarios, apply some analysis to get a handle on likelihood and impact, and then come up with mitigation and management strategies.

Gartner's vision of infosec 2019: four scenarios, all bad

By Stilgherrian | 28 August, 2013 13:38

Will it be the total surveillance society and internet licenses? A breakdown of authority, with e-militias fighting extreme anarcho-hactivists? Or one of the other two?

Preparing for an Attack: 5 Tips for Organisations

By Chris Wood | 14 August, 2013 18:00

Even the most security diligent organisations are realising that breaches are no longer a question of ‘if’ but a question of ‘when.’ Yet many organisations still do not factor the inevitability of compromises into their overall defense strategy, instead focusing on controls to keep every conceivable type of threat at bay. However, the ability to use controls to close every gap attackers can find and reduce the surface area of attack to zero is fundamentally flawed.

Security Mistakes Your Mobile Workforce Makes

By Steve Schoenfeld | 06 August, 2013 23:53

The surge in mobile computing and BYOD (bring your own device) initiatives is translating to higher productivity and job satisfaction for your workforce—but it’s also creating alluring new opportunities for cybercriminals.


Why your information security stinks & what to do

By Bill Brenner | 22 April, 2010 03:19

Amit Yoran was the Department of Homeland Security's first director of the National Cyber Security Division of the Information Analysis and Infrastructure Protection office. But by September 2004 he was frustrated by what he saw as a lack of concern and commitment to Internet security. So he quit his post.

IT Advocate: The privacy minefield

By Emma Weedon | 15 September, 2009 08:05

There are significant differences between state and federal privacy legislation. CIOs who deal with government agencies or other public sector organisations must determine the privacy laws applicable to them – and how best to accommodate them.

Survey: Despite Risks, Employees Still Holiday Shop at Work

By Joan Goodchild | 27 November, 2008 10:02

As Cyber Monday approaches, research suggests a majority of workers will use their work computer to shop this holiday season. But despite the continued growth in online shopping, employees and business still don't understand the risk.

Myth or truism? Security experts judge

By Ellen Messmer | 11 November, 2008 09:11

They are etched into the conventional wisdom of IT security, but are these 12 articles of faith (to some) actually wise, or are they essentially myths? We've assembled a panel of experts to offer their judgments.

Five mistakes security pros would make again

By Bill Brenner | 30 September, 2008 10:18

Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead.


Security versus performance: a tug of war?

By John Ellis | 11 April, 2014 13:56

As security threats have evolved over the past 10 years, online retailers have been under increasing pressure to protect digital properties without impacting performance levels, all on a budget.

Building a custom defence solution

By Sanjay Mehta | 11 April, 2014 13:43

At a time when targeted attacks continue to be the methodology of choice by cyber criminals, Sanjay Mehta, managing director at Trend Micro Australia and New Zealand, discusses how Australian businesses should look beyond standard industry security products and solutions to build custom defence strategies unique to their organisation. He outlines the best way for companies to individually detect, analyse, adapt, and respond to targeted attacks.

How secure is SSL? – the answer might surprise you

By Jonathan Andresen | 09 April, 2014 17:27

Enterprises and online businesses face mounting challenges as the use of secure web based content and applications continue to grow. Easy-to-access, highly mobile, and social are the new user mantras of today’s IT.

The cognitive era in the 'as-a-service app' paradigm – CaaS

By Gordon Makryllos | 09 April, 2014 16:59

Devices are getting smarter, faster and increasingly cognitive. All around us we see the continuing rapid evolution of electronic devices, both mobile and fixed, into the next generation of tools that will help us live our lives differently.

The big data privacy conundrum

By Puneet Kukreja | 02 April, 2014 09:14

SINTEF (Norwegian: Stiftelsen for industriell og teknisk forskning), headquartered in Trondheim, Norway, is the largest independent research organisation in Scandinavian states that found a full 90 per cent of all the data in the world has been generated over the last two years. This is attributed to the rise of social media and cloud computing. IBM further quantified this by stating that we create 2.5 quintillion bytes of data – so much that 90 per cent of the data in the world today has been created in the last two years alone.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Webroot SecureAnywhere Business

The lightest, fastest, easiest-to-manage, and most effective endpoint protection.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.