IDG Security Day united security experts around the world in a common effort to share experiences and best practices around information-security strategies. This led to a surfeit of security goodness at the Sydney event and elsewhere.
When actioning this information, one place to start is by developing a successful security awareness program – which needs to include 7 key elements including and beyond education around ever-changing social-media scams – while other strategies include engaging the business to boost BYOD security, and tightening virtual-machine security practices with an eye on business values like compliance, trust, and brand strength.
There were signs that improving security practice may be finally gaining traction, with breach costs down even though many companies were still suffering from a slow forensics response. This and other factors led some to suggest that information security is best managed outside the IT shop in order to facilitate effective cloud adoption.
If you’re looking for a new infosec-related position, it helps to have a sense of what hirers are looking for in their candidates.
Meanwhile, yet another Internet of Things (IoT) security breach hit after revelations that Foscam’s C1 has a hardcoded password that can give remote access to stored video and audio. Such persistent bugs are related to the reason Microsoft raised the time limit on its $US15,000 ($A19,900) Edge bug bounty program
Microsoft was also fighting allegations it was using sneaky tactics to push Windows 10 users to adopt its Windows Defender antivirus system, and taking on claims that Fireball malware had infected 250 million PCs; the number was a fraction of that, Microsoft argued.