Humans will surprise you every time: Telstra head of cyber security
The workers in Telstra’s mailroom knew something was strange when the room was clogged with workers asking for the packages they had been sent.
David Braue | 10 Aug | Read more
- Mobile Security
- Data Protection
- Identity & Access
- CSOM
- CISO Leaders
- CSO Events
- Resources/Whitepapers
- Women in Security
PCI & Compliance — News
GDPR is here, but few Australian staff know what to do about it
Eurovision may have accepted Australia as one of its own, but Australian businesses may be hoping European Union authorities forget about them for a while as survey after survey suggests that they have missed today’s deadline for compliance with the EU’s general data protection regulation (GDPR) by a country mile.
David Braue | 25 May | Read more
As automated scan unearths pen-testing gold, careless businesses must polish their DevSecOps
Concerns over the security of companies’ development cultures were validated for an Australian cybersecurity specialist after a recent global scan of GitHub projects identified more than 200,000 servers where developers had left hardcoded passwords and other sensitive information in publicly available source code.
David Braue | 27 Apr | Read more
Relatively benign, cryptomining is displacing ransomware – but that’s not necessarily a good thing
Cybercriminals’ surging interest in cryptocurrency miners has seen the quickly-evolving technique apparently displacing ransomware, a new analysis has found, as instigators work to keep ahead of enterprises’ slowly-maturing information defences.
David Braue | 28 Mar | Read more
Are infosec certifications the best way to boost your salary?
Reports that information-security and risk-expertise are attracting salary premiums have long been rife, but the extent of the gap has been quantified even as new training courses and partnerships expand the breadth of available security specialisations.
David Braue | 22 Mar | Read more
“Truly frightening” IoT security should motivate CSOs to reconsider their endpoint strategies
More than a few Israeli security researchers are reconsidering their personal purchase of home security cameras, baby monitors, doorbells and thermostats after a hackathon revealed “truly frightening” security vulnerabilities that highlight the true extent of the Internet of Things (IoT) security threat to individuals and enterprises.
David Braue | 15 Mar | Read more
Online analytics firms leak user passwords from sites
"These aren’t bugs that need to be fixed, but rather insecure practices that should be stopped entirely," say Princeton privacy researchers.
Microsoft adds Meltdown-Spectre patch device check to Windows Analytics
Microsoft releases new Windows Analytics features to help IT pros deal with the Meltdown and Spectre cleanup.
Just months out from NDB, many companies still aren’t addressing “ridiculous” privileged-account practices
Staring down a growing compliance burden, IT-security executives are warming to the clarity of the ASD Essential 8 and security audits that are helping them educate boards and pinpoint key areas for remediation in the last months before Australia’s Notifiable Data Breach (NDB) scheme comes into effect.
David Braue | 15 Nov | Read more
Users’ password problems are even worse for security than you think
End-users are juggling far more passwords than prior studies have estimated, according to a new analysis by LastPass that suggests the average employee is tracking 191 different passwords.
David Braue | 02 Nov | Read more
How Australia Post’s cybersecurity educators beat the 8-second attention span
Contextualise education campaigns to convince employees why they should care
David Braue | 31 Oct | Read more
Dishwashers on the rampage: LG IoT security bug highlights risks of home automation
Appliance giant responded quickly, but IoT is growing and most vendors don’t plan ahead nearly as well
David Braue | 30 Oct | Read more
Concerned about privacy, Australians embrace mandatory data-breach scheme
Australians are becoming more concerned about their privacy and businesses are signing on for privacy-awareness activities as a result, the government’s information commissioner has noted as figures suggest 40 percent of Australians are uncomfortable with the government using their personal details for research or policy-making purposes.
David Braue | 20 Oct | Read more
CSO Live Webinar: If you can’t control users’ cloud apps, your data is as good as lost
This interactive session will bring you and your peers up to date on the latest in credential management, and its role in containing security risks that you may not even know about.
Australian businesses should use ASD Essential Eight as a roadmap for proactive security
Any company operating a multi-storey office building would develop painstaking fire escape plans, and any hospital would develop backup plans detailing how it could operate in the event of a power failure. So, if responsible businesses are actively addressing these risks, why are so many companies still failing to lay down detailed plans for dealing with a cybersecurity incident?
David Braue | 08 Jun | Read more
'Fireball' malware infects 250 million PCs, one in five corporate networks affected
Shady practices by a Chinese digital marketing firm has left 250 million PCs at risk of being fully comprised.
Mandatory Data Breach Reporting – What you need to start doing right now
An entity that is required to comply with the Privacy Act 1988 must take reasonable steps to protect the personal information it holds from misuse, interference and loss, as well as unauthorised access, modification or disclosure. This extends to situations where an entity engages a third party to store, maintain or process personal information on its behalf.
Wayne Tufek | 28 Apr | Read more
Australian businesses failing to convince young women about ICT’s possibilities
Australian businesses need to stop talking about diversity and undertake concrete steps to remedy the chronic under-representation of women and minority groups within ICT roles, an Australian Computer Society (ACS) executive has warned as figures suggest that efforts to attract women to ICT-related roles continue to flounder.
David Braue | 24 Feb | Read more
Disclosure floodgates set to open as Australian breach notification passes Parliament after years of waiting
It took years of discussion and several revisions, but experts believe the long-awaited passage of Australia’s breach notification legislation will kick off a new era of transparency that will rapidly improve understanding of the country’s real cybersecurity threat climate.
David Braue | 15 Feb | Read more
M&A due diligence often reveals deal-breaking cybersecurity issues
Even as one-time Internet giant Yahoo is swallowed in a $6.5 billion acquisition, merger and acquisitions (M&A) experts have warned that due-diligence audits of companies targeted for acquisition often reveal cybersecurity risks that compromise compliance and could threaten the merger and acquisition activities.
David Braue | 01 Aug | Read more
Editor's Recommendations
Most Read
-
1
Cisco’s Webex recording player riddled with bugs, so best to patch now
-
2
Xbash: malware for ransoming Linux DBs and Windows crypto-mining
-
3
Newegg confirms credit card information was taken in a sophisticated attack
-
4
Fully 61 percent of ASX100 exposed as email fraud gets personal
-
5
Security, insurance providers want to help you evaluate your cyber risk
Solution Centres
Events
-
17 Oct
vFORUM 2018
-
27 Oct
digi.spark hackathon
-
28 May
World Business Forum Sydney 2019
Latest Videos
-
CSO Webinar - There is already a better way to stop email fraud - so why aren't you using it?
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
-
Cybersecurity Insights - Attack
Cybersecurity Insights - Attack
-
CSO Webinar: Plugging the gap in your IAM stack - Expert Guidance for Password Management
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
-
Cybersecurity Insights - People
Cybersecurity Insights - People
-
CSO Webinar - You may think you're secure, but are you cyber resilient?
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.
Blog Posts
Media Release
-
EdSmart and Civica to support Department for Education South Australia in freeing teacher time across 900 schools
-
Suprema to showcase GDPR-ready enterprise access at Security Essen 2018
-
Qlik Delivers Qlik Core® To Help Developers Innovate Through Analytics
-
Kleos Space signs contract with Rocket Lab to launch its first satellites
-
Videoconferencing Infrastructure Systems Market - Growing Trend Of Virtual Meetings In Real-Time
