With security breaches set to become more commonplace, enterprise IT teams have to be more vigilant and find new ways of combating these attacks. Cyberattacks on Australian companies, such as the recent hacking on major travel insurance company Aussie Travel Cover, have left many organisations feeling vulnerable.
Travis Greene | 18 Feb | Read more
Today’s security landscape is constantly changing. Attackers are becoming more sophisticated and nimble, leading to new threats and attacks evolving every day. Tailor-made, stealthy threats now routinely evade traditional, point-in-time security defences by using multiple attack vectors. Further, advanced attacks use whatever unprotected paths exist - often blending paths - to compromise targets. Cyber criminals continue to go to great lengths to remain undetected, using technologies and methods that result in nearly imperceptible Indications of Compromise (IoCs). At the same time, the attack surface is increasing because modern networks are evolving, extending beyond traditional walls to include public and private data centres, endpoints, virtual machines, mobile devices, and the cloud.
Anthony Stitt | 18 Feb | Read more
As organizations try to rein in technology budgets, IT staff members are constantly tasked with doing more and providing better services, all the while keeping costs and staff to a minimum. Couple this with increased usage of applications in the cloud, and the security issues entailed therein and you have a perfect combination for delays and disgruntled users.
Dean Wiech | 16 Feb | Read more
In the security industry I work with business of different types and sizes, and deal with managers ranging from system administrators to CISOs. The common thread I see when management discussions on security inevitably reach beyond the IT department; is that security is not understood by the business, it is a magical geeky theme that belongs to IT to manage. Business only sees it as a cost centre:;a necessary evil.
Louay Ghashash | 11 Feb | Read more
Every business holds at least some sensitive data. This may be sensitive personal information belonging to clients or employees, or confidential data relating to business operations. Keeping this secret information secret should be a concern to every business, no matter what industry or size.
James Billingsley | 30 Jan | Read more
While most people today have a basic awareness of what augmented reality (AR) is, there’s a number of misconceptions about how widely the technology can be used
Michelle Goldsmith | 22 Jan | Read more
For years, passwords have been the dominant means by which organisations authenticate customer access to online services. Password-based authentication is easy and familiar for customers, and is initially inexpensive for organizations to deploy at scale. But, while password-based authentication may be appropriate in some instances, it is no longer suitable for the wide range of services where it is currently being used.
Steve Durbin | 13 Jan | Read more
Recently there has been an almost constant feed of news around distributed denial of service (DDoS) attacks, with banks, gaming organisations, governments, educational establishments and e-commerce vendors all being attacked. The DDoS threat has evolved considerably over recent years, with significant changes in the frequency and scale of attacks, and the motivations of cyber criminals. And, over a similar period, many organisations have become highly dependent on the availability of Internet services for their business continuity.
Cybersecurity chiefs aren’t the only ones worrying about hackers these days. Anyone who uses a credit card or stores family photos in the cloud has nagging concerns about data security. Small business owners are worried, too.
Paul Lipman | 12 Jan | Read more
The cyber-attack on Sony Pictures Entertainment in late November is not the first time that the Sony Corporation has been a target for cyber-criminals and if anything can be learned from the attacks, it is that corporations are not taking cyber-security seriously.
Mark Gregory, RMIT | 12 Jan | Read more
In 2014, large retailers, franchises and small businesses alike were affected by new vulnerabilities and malware targeting point-of-sale (POS) devices, systems and vendors. One recent vulnerability affecting POS devices and systems was detailed by the US-CERT in its Vulnerability Notes Database.
There’s been a lot of coverage recently around Sony Pictures and the hack attack which has placed Sony in the headlines for all the wrong reasons, with high volumes of sensitive company data stolen and posted online.
David Baker | 22 Dec | Read more
Over the centuries, humans have built walls to keep intruders at bay. The Romans and Chinese were particularly adept at constructing extensive barricades: the Romans built Hadrian’s Wall in northern England and the Antonine Wall across what is now the Central Belt of Scotland, while the Chinese first started construction of would become the Great Wall of China in the 7th century BC.
Puneet Kukreja | 11 Dec | Read more
With the major financial card breaches at global retailers, as well as a number of SSL/TLS vulnerabilities, it’s possible you may have missed a few other under-reported security issues that provided valuable lessons to the general technology community in 2014.
The cloud is a major presence in technology news and a trending topic that seems to pop up everywhere these days. The cloud certainly has the potential to transform computing across the spectrum, from individuals to SMBs to multinational corporations, and is rapidly becoming an essential part of the way companies do business.
John Hawkins | 10 Dec | Read more
‘Once more unto the breach’…When Henry V uttered those immortalised words in Shakespeare’s play; most enemy attacks were fought on the battlefield. Yet in modern times, many ambushes come in the form of cyber attacks that wreak havoc in the shadows. These data breaches affect all organisations, not just governments, and also more commonly small and mid-sized businesses.
Brett Moorgas | 10 Dec | Read more
New technologies like bring your own identity (BYOI) provide the agility that organisations need to compete in the digital economy, as Jan Zeilinga demonstrated in last month’s blog. But let’s not forget that getting the house in order is an important prerequisite to going “digital”. Employees and contractors need access to the right information to do their jobs, and organisations need to ensure that digital assets are used appropriately.
John Havers | 10 Dec | Read more
Last year, news that US retailer Target’s point-of-sale systems were compromised resulting in the theft of more than 40 million payment card numbers hit Australian headlines. A steady stream of breach stories throughout the year further raised awareness of the issue in this part of the world. But given there are no mandatory breach disclosure laws in this country, you may be wondering ‘If my details were stolen, how would I even know?’ Practically speaking, you’re probably thinking ‘What can I do to protect myself this festive season?’
Chris Pogue | 10 Dec | Read more
As we wrap up another busy year in high tech, many IT leaders have cloud technology top of mind. The cloud is profoundly transformative, standing out even in a tech landscape crowded with big ideas and disruptive developments. Despite initial hesitation, cloud adoption has grown rapidly and doesn’t show any signs of slowing.
Paul Lipman | 02 Dec | Read more
Are our investments in ‘information security’ aligned with today’s reality? It seems that every day there is a new security incident making headlines. Dictionary.com has nominated the word ‘exposure’ as word of the year. The word exposure has been popularised by events such as Ebola, but more relevant to us in the world of ‘infosec’, data breaches and other related security incidents.
John Ellis | 01 Dec | Read more