Security Industry
News
Australian Information Security Association issues blunt warning as National Cyber Security Awareness Week begins
Australian Information Security Association (AISA) has today, on the first day of National Cyber Security Awareness Week, taken the opportunity to flag research from its members, releasing an advisory note to the community at large.
AISA National Conference 2012 set to repeat last year’s success
“Show me the money” has become the mantra for talking less and doing more. This year’s speakers include Dr Whitfield Diffie, VP for Information Security and Cryptography ICANN; Dr Alastair MacWillson, Accenture’s Global Managing Partner Security Practice; Eran Feigenbaum, Google’s Director of Security; Gene Kim, former CTO Tripwire; Mary Ann Davidson, Chief Security Officer, Oracle.
Security spend grows but reactive, not agile security dominates: Telsyte
Many Australian companies continue to throw money at their existing security platforms despite the need for deeper policy change driven by an onslaught of new technologies and the threats they introduce, new survey data has revealed.
Kaspersky Lab CEO backs out of IPO plans
Kaspersky Lab founder Eugene Kaspersky has cancelled plans for the firm to go public, announcing his intention to buy back a 20 percent stake sold to a private equity investor a year ago.
Black Swans for 2012 (and a good read)
Over the summer break I read. Among some excellent books was one by Nicholas Carr, The Shallows - What the Internet Is Doing to Our Brains. We used to worry that television would give us square-eyes, but consider what the Internet is actually doing to us now?
Slideshows
Barack Obama’s security circus arrives in Oz: In Pictures
After jumping through countless hoops to get the required set of security clearances and approval by the US Embassy to photograph the President’s visit CSO can see why these steps were justified.
Our photojournalist Neerav Bhatt was less than 5 metres away from the world’s most heavily secured individual - the President of the United States of America, Barack Obama.
The Security Industry All-Stars
Welcome to the Security All-Stars! Here we have assembled our list of top players in information security who year after year demonstrate the specialized skills that make them worth listening to.
In pictures: The first 24 hours of Focus11
After a day of keynotes including insights from Virgin founder, Sir Richard Branson, and break out sessions with McAfee staff, delegates were keen to let their hair down in sunny Las Vegas.
With music and humour from a Rat Pack tribute act (Frank Sinatra, Sammy Davis Junior and Dean Martin), and the lure of the tables at the Palazzo hotel/ casino, there was plenty to keep staff and customers entertained well into the night.
2011 State of the CSO
More budget? Perhaps a little. More attention from senior management? Yes, a bit. Better results? That's not so clear.
Features
Opinion:Random Hacks of Kindness (RHoK) Melbourne – an extraordinary collaboration for good
A marathon hack event held over a June weekend in Melbourne attracted more than 50 developers and designers, and a dozen subject matter and technical experts to ‘hack for humanity’. They volunteered their time to create open source solutions for communities impacted by natural disasters and climate change. These prototypes are available to assist in disaster relief planning, emergency management and community recovery.
Information security in 2011
C-level executives are more aware than ever about threats to information security.
Cloud security: how to protect your data
To use Cloud computing securely requires companies to know where their data is stored and who has access to it. Ironically, the reason Cloud is so popular is because organisations don't want to worry about these details.
So can the issue be solved by adhering to standards? Increasing legislation? Maybe we need a global technical disaster to ‘sober up’ an industry drunk on the power of Moore's Law.
Opinions
Information Security Awareness — why isn’t it working?
It’s not a secret, public and private sector organisations know the current approach to Information Security Awareness isn’t working because User Awareness jumped to 8th place, up from 31st on the 2011 Defence* Signals Directorate, Top 35 Strategies to Mitigate Targeted Intrusions.
Opinion: Fighting the botnet threat
ISPs in Australia have for some time been notifying users about the likelihood that their computers have been compromised by malware. Now under the icode, the system has been formalised. Education and remediation tools are being made available to suspected victims.
Opinion: Cyber-Security – Stay Smart Online
Australians are increasingly relying on the internet in their everyday lives, from banking and shopping, through to using emails, social networking and blogs to keep in touch with family and friends. They are using a range of devices such as smart phones, tablets, computer game consoles and other devices to go online.
Opinion: How safe is your customer identity data?
Some of the world’s largest corporations have recently fallen victim to hacking attacks and identify data theft, while other online businesses have been compromised and sidelined for days or weeks, losing millions of dollars in revenue and suffering significant reputational damage. It’s never been more important for companies to act in order to avoid becoming the next victim of identity data theft.
Opinion: SMS mobile phone authentication under threat
While the recent attack against RSA has caused many to question the RSA two factor solution, most people have ignored the more practical and more likely threats facing two factor authentication today.
Get exclusive access to CSO, invitation only events, reports & analysis. - 1
Dell targets ANZ security opportunities as SecureWorks debuts locally
- 2
AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry
- 3
AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave
- 4
ACMA database keeps finger on Australia’s malware pulse
- 5
Lethal medical device hack taken to next level
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
