Google Cloud Platform gets PCI DSS certified
Google’s Google Cloud Platform has gained a key payments card industry certification that will make it more straightforward for developers to store and process credit card data in its cloud.
Google’s Google Cloud Platform has gained a key payments card industry certification that will make it more straightforward for developers to store and process credit card data in its cloud.
The US State Department has shut down its unclassified email system to remediate possible damage caused by hackers.
Many senior executives still fail to recognise that information security is crucial to their company's survival and less than one in ten sees poor data security as the greatest risk to their business, according to an NTT Com Security survey released this week.
David Braue | 14 Nov | Read more
Exchange admins hoping to receive Microsoft’s quarterly update for the email platform will have to wait weeks more due issues caused by a security fix that was scheduled to be released today.
It's no secret that IT managers are concerned about the security implications of mobile devices, but a new Check Point Software Technologies survey has confirmed just how bad the problem has become as the majority of local respondents say rapidly-increasing numbers of mobile devices pose a significant jump in security issues.
David Braue | 10 Nov | Read more
Consumers are more concerned about credit-card security than they are about their own health, a new survey has concluded. Take it as an indictment of our consumer culture or an indication that our overall health is good, but with California alone reporting a six-fold increase in data breaches the threat is getting bigger all the time. With cybercriminals having developed a tool to optimise their use of stolen credit cards, things are likely to get worse before they get better.
David Braue | 03 Nov | Read more
The ongoing scourge of ransomware and a persistent lack of knowledge around proper security procedures are helping drive strong growth for Dell SecureWorks in Australia and the Asia-Pacific region, according to the head of the company's regional security operations.
David Braue | 23 Oct | Read more
With Android 5.0 or Lollipop, Google has put in place a framework for improving the security of Android apps.
Some 100,000 photos taken from Snapchat users weren't the service's fault, although some observers were seizing on the leak to argue for an improvement in security by Snapchat and other online services. Ditto Dropbox, which was also denying it was to blame after hackers published what they claimed were excerpts from 7 million Dropbox credentials; the cloud-storage giant blamed a third-party service for the leak, but security experts were still using the event to push their case for users to adopt two-factor authentication – particularly given that cloud security and ubiquitous identity for cloud services is still over a year away.
David Braue | 21 Oct | Read more
Security is big business these days. With our old approach of blocking everyone at the border failing - mainly because no-one knows where the border is anymore - a risk-based approach is driving the way businesses think about their information and systems security.
Anthony Caruana | 22 Oct | Read more
Peter Allor is the Lead Security Strategist in IBM's Critical Infrastructure Group. He works at the forefront of information security, working with researchers to look at events, as they happen, to learn about new techniques that are being adopted by attackers from a protection perspective and how to deal with those in across distributed computing in the cloud. But he is on the board of directors of FIRST - the Forum of Incident Response and Security Teams and ICASI - the Industry Consortium for Advancement of Security on the Internet.
Anthony Caruana | 16 Oct | Read more
Microsoft's Azure platform-as-a-service (PaaS) offering to Australian standards has taken a big step forward in the local market with the announcement that an audit of the company's Australian facilities has confirmed they meet Australian Signals Directorate (ASD) security standards for the transmission of government information.
David Braue | 07 Oct | Read more
CSO & Enex Testlab join forces to deliver a first class IT Security event in Sydney's Four Seasons Hotel.
Abigail Swabey | 24 Sep | Read more
Tax-preparation firm H&R Block has used a digital signature-based solution to streamline the process of bringing on additional tax specialists to help it through its busiest season – the third calendar quarter of the year, when the company will process more than 750,000 tax returns.
David Braue | 19 Aug | Read more
Australians may be getting smarter about banking scams after new figures from Trend Micro saw the country fall out of list of the top 10 countries most affected by banking malware.
David Braue | 13 Aug | Read more
“We are basically aiming to do your tax return for you,” Bill Gibson, CIO of the Australian Tax Office told the Technology in Government Summit.
Stephen Withers | 07 Aug | Read more
“Severely understaffed” corporate IT security organisations need to concede that they can't do everything and undertake a realistic assessment of their capabilities before building partnerships with the companies that can, the global head of security operations with Verizon has warned.
David Braue | 23 Dec | Read more
Even in the face of costly and embarrassing corporate security breaches, one in four companies fails to conduct any IT risk assessment. And 42% say there are areas of their information technology audit plans that cannot be addressed because of a lack of resources and expertise.
Roy Harris | 06 Oct | Read more
Failing an audit sounds like the last thing any company wants to happen. But that's because audits are seen by many as the goal of a security program. In reality, audits are only the means of testing whether enforcement of security matches the policies. In the broader context, though, an audit is a means to avoid a breach by learning the lesson in a "friendly" exercise rather than in the real world. If the audit is a stress-test of your environment that helps you find the weaknesses before a real attack, you should be failing audit every now and then. After all, if you're not failing any audits there are two possible explanations:
Andreas M. Antonopoulos | 05 Oct | Read more
Imagine what would happen if all the Google engineers turned rogue and held the world’s Gmail accounts to ransom. Or if aliens attacked earth and wiped California off the map.
Georgina Swan | 22 Aug | Read more