Companies must be prepared to end-of-life old security investments and start anew rather than trying to endlessly patch up ponderous legacy environments, an infrastructure-security expert has warned as growing executive attention to cybersecurity empowers CISOs to execute new security mandates
David Braue |
10 Nov |
Read more
Google’s latest weapon in its war on ad injectors is to block advertisers from buying impressions the unwanted software generates.
Liam Tung |
11 Sep |
Read more
There is increased scrutiny by the Board and Management of business risks and potential impact of Cyber Security on operations. As the person who is responsible for hiring the new CISO, what are the key criteria that you ‘must’ have for the candidate?
David Gee |
04 Jun |
Read more
A $33.3m investment in large-scale identity management systems will form a cornerstone of the government's Digital Transformation Office (DTO) – an umbrella effort to securely push government service delivery online – which will be fast-tracked through a $254.7m Budget allocation over four years that will see numerous other agencies chipping in to support the transformation agenda.
David Braue |
13 May |
Read more
Providers of security training skills are working overtime to keep their curriculum relevant to new threats while teaching advanced hacking skills in a methodical and manageable way, according to the head of Australia's largest IT training provider.
David Braue |
24 Mar |
Read more
Adobe has released fixes for six security vulnerabilities in Flash, which includes one that is reportedly under attack, as well as fixes for 20 flaws in Reader and Acrobat.
Liam Tung |
10 Dec |
Read more
Although there's obviously a significant interest in privacy from a legal and compliance perspective, Vodafone's head of privacy, Stephen Deadman, told the audience at the recent IAPP Summit that there's an increasing focus on economics.
Anthony Caruana |
20 Nov |
Read more
While Australian IT security executives name Web site data breaches as their top priority, only 1 in 3 companies rates itself as 'very experienced' in fighting distributed denial of service (DDoS) attacks and nearly half have never tested their DDoS mitigation skills.
David Braue |
20 Nov |
Read more
If you want to really sit at the bleeding edge of personal privacy, spend some time thinking about storing and sharing personal health records for entire population. That's what Scotland's National Health Service embarked on and succeeded in delivering.
Anthony Caruana |
18 Nov |
Read more
What’s the most important factor of a successful security program? Technology such as endpoint protection? Making sure your change management processes and system development life cycle includes consideration of security risks? Strong policies? Not quite.
Wayne Chung |
02 Feb |
Read more
Although security issues are often top of mind for many organisations, they are often not considered as part of a disaster recovery (DR) plan.
Philip Owens |
22 Dec |
Read more
The hard sell around cloud computing is in full swing, but many potential customers are finding it hard to evaluate the security profiles of potential providers and should take a broader view of their objectives and standards, an expert in the auditing of IT security infrastructures has warned.
David Braue |
21 Oct |
Read more
Security managers must break down their walled-garden mentalities and integrate security deep into the heart of increasingly flexible, BYO computing-driven IT service management (ITSM) environments or risk data death by a thousand cuts, a systems and security consultant has warned.
David Braue |
18 Oct |
Read more
The aim of this article is to provide companies that offer outsourced services, (dealing with the management of information), some tangible, commercial benefits to go down the ISMS implementation and certification path.
Mark Jones |
13 Oct |
Read more
In the world of Info Sec we sometimes ask ourselves ‘why do people do such dumb things?’ well let me tell you, if they don’t know what is right, they don’t know it is wrong. For example, when I was about four my Dad had to smack dirt out of my hands before I ate it and say ‘don’t eat that, yuk! Look at what that dog is doing on it over there” that was a good lesson for me.
Mark Jones |
13 Oct |
Read more
Recently I was assigned to an engagement with one of the Principal Consultants. This consultant has a tremendous amount of experience and someone for whom I have great respect.
Jarrod Loidl |
11 Oct |
Read more
I have created my own interpretation of what a good pragmatic Security Operations Model (SOM) would look like. This has been adapted from a number of Security Frameworks and Industry Good Practices like ITIL, COBIT, NIST, OCTAVE, OWASP and the ever present ISO 27001/2 all of which have an input into the structure and makeup of an effective security operations framework or security operations model.
Puneet Kukreja |
13 Sep |
Read more
What a different global economy this would be if it were only a little bit more like the cloud. As the financial markets go through their bipolar mood swings with every wrenching headline, the market for cloud services has marched steadily upward and onward, seemingly unfazed by the concerns of the non-virtual world.
CIO Staff |
24 Aug |
Read more
For years, professionals of the information security industry have been advising and using risk-based approaches to securing organisations and their information assets. This has been the received wisdom for so long that this is now encompassed in industry standards, such as ISO 27001, FIPS 200, etc.
Charles Wale |
19 Aug |
Read more
More budget? Perhaps a little. More attention from senior management? Yes, a bit. Better results? That's not so clear.
Derek Slater |
18 Aug |
Read more