As Australia released its long awaited Cyber Security Strategy, Prime Minister Malcolm Turnbull said that modern encryption poses difficulties for law enforcement, a curious complaint for a nation that has legal access to troves of metadata.
Michael Lee | 27 Apr | Read more
In the last few years, security practitioners have become quite vocal over their belief that the perimeter is dead. You need not look very far to see the evidence of this: Breaches hit the headlines on a weekly basis, and more and more vendors are switching their tag lines from impervious defence towards faster detection and response.
Michael Lee | 11 Apr | Read more
A recent IDC FutureScape report examining the implications of IT security in AP claims Australia is the most spendthrift nation, even up against China, when it comes to spending on IT security. Most of this spend goes into security software, as one might expect as security appliances become virtualised and cloud services mature, yet Australia still had more than its fair share of high-profile attacks.
Michael Lee | 09 Feb | Read more
We've all heard the catch-phrase: "Prevention is better than cure", but it seems that some organisations have taken that advice too close to heart and forgotten how to put it into perspective.
Michael Lee | 01 Apr | Read more
It is impossible to discuss the recent debate around data retention in Australia without eventually coming back to information security -- encryption, the secure storage of digital records, and meta data are just some of the topics that are traditionally security issues. However, they are the same issues that have been addressed time and time again in the private sector.
Michael Lee | 18 Mar | Read more
We've barely begun 2015, yet some security predictions made at the end of last year are already being tested. One of those was a prediction by RSA that criminals will turn their attention to stealing personal health information, and the recent attack on US health insurer Anthem, is just one symptom that it might be happening sooner than our initial diagnosis.
Michael Lee | 12 Feb | Read more
It is easy to dismiss endpoint protection as a relic of an older time when information security only consisted of anti-virus solutions and perhaps a firewall, but as the threat landscape has changed, so too has endpoint protection. It has a troubled history, but this it not at all the end of endpoint protection today.
Michael Lee | 03 Feb | Read more
Security operations centers (SOC) have been around for a while, stretching back to the old room full of live camera feeds. The intent of a SOC is simple: provide the business with the ability to see what is going on in order to take action if necessary. The level of SOC sophistication varied depending on the risks and infrastructure complexity. Consider the humble stretch of road and an analogy for businesses in the very early days of the internet: In low risk, low traffic areas, it was often not necessary to have a constant additional surveillance of this road. Road rules -- basic perimeter-based network security measures like firewalls -- still applied, but it was considered sufficient for any out-of-the-ordinary incidents to be handled reactively.
Michael Lee | 20 Jan | Read more