Security analysts must be getting tired of repeating themselves: one analysis lashed out at “negligent and unqualified” executives that are continually threatening consumer privacy with inadequate security and governance practices. Few have seen the problem from both sides – as ANZ CISO Lynwen Connick shared the insights she has gathered during the transition.
Research firm Forrester joined the ranks of the compromised, with reports that an outside attacker stole the company’s core intellectual property – its massive base of industry reports.
All could learn a few things from the winners of the CSO50 2018 awards, which recognise the most innovative security players and those that have turned security strategies into real business value.
Authorities around the world were joining the call for better security during Stay Smart Online Week 2017 – although few users will warm to Victoria Police’s suggestion that secure passwords must be at least 16 characters long.
Hacking of cars at a distance remains one area of concern but passwords and other issues were forefront at AISA 2017, where a range of security experts explored questions including whether bug-bounty programs involved ethical compromise, whether changing our security mindset can improve information-security success, and whether industry players should be allowed to hack their hackers in an “active defence” strategy.
The scramble for better security is increasingly turning towards face recognition – which raised eyebrows when the Turnbull government recently announced it would combine driver’s-license photos from around the country but is, one expert believes, accurate and fast enough to be used in mainstream applications including verification of financial transactions and authentication by IoT devices.
Yet artificial intelligence is also gaining currency as a tool to improve security, particularly as the ongoing skills shortage pushes companies to explore new ways of gaining key security capabilities.
Microsoft was patching a compromised Office flaw amidst revelations that Outlook 2016 has been sending plaintext copies of encrypted content for the past 6 months.