Triple-A ratings are normally associated with Chief Financial Officers (CFOs) keeping a tab on John Moody’s bond credit rating. In the world of IT, it can be a platform for businesses to rate the efficiency of their IT security implementation.
Florian Malecki | 03 Mar | Read more
We live in an application world. From shopping to communicating with friends, reading the news, following our favourite sports teams to listening to music – we do it through apps. With so many interactions and transactions now taking place via apps, maintaining security is becoming a big concern.
Matt Miller | 20 Feb | Read more
There is no shortage of conversation around enterprise security. In light of some recent, high-profile hacking incidents, everyone’s talking about the importance of securing networks, data and devices in avoiding a worst case scenario of confidential customer or organisational information or IP being compromised. Interestingly, these conversations often neglect one vital component- the applications that operate on these systems and how their own vulnerabilities can bring down an organisations’ entire security strategy.
Mav Turner | 20 Feb | Read more
With security breaches set to become more commonplace, enterprise IT teams have to be more vigilant and find new ways of combating these attacks. Cyberattacks on Australian companies, such as the recent hacking on major travel insurance company Aussie Travel Cover, have left many organisations feeling vulnerable.
Travis Greene | 18 Feb | Read more
Today’s security landscape is constantly changing. Attackers are becoming more sophisticated and nimble, leading to new threats and attacks evolving every day. Tailor-made, stealthy threats now routinely evade traditional, point-in-time security defences by using multiple attack vectors. Further, advanced attacks use whatever unprotected paths exist - often blending paths - to compromise targets. Cyber criminals continue to go to great lengths to remain undetected, using technologies and methods that result in nearly imperceptible Indications of Compromise (IoCs). At the same time, the attack surface is increasing because modern networks are evolving, extending beyond traditional walls to include public and private data centres, endpoints, virtual machines, mobile devices, and the cloud.
Anthony Stitt | 18 Feb | Read more
As organizations try to rein in technology budgets, IT staff members are constantly tasked with doing more and providing better services, all the while keeping costs and staff to a minimum. Couple this with increased usage of applications in the cloud, and the security issues entailed therein and you have a perfect combination for delays and disgruntled users.
Dean Wiech | 16 Feb | Read more
In the security industry I work with business of different types and sizes, and deal with managers ranging from system administrators to CISOs. The common thread I see when management discussions on security inevitably reach beyond the IT department; is that security is not understood by the business, it is a magical geeky theme that belongs to IT to manage. Business only sees it as a cost centre:;a necessary evil.
Louay Ghashash | 11 Feb | Read more
Every business holds at least some sensitive data. This may be sensitive personal information belonging to clients or employees, or confidential data relating to business operations. Keeping this secret information secret should be a concern to every business, no matter what industry or size.
James Billingsley | 30 Jan | Read more
While most people today have a basic awareness of what augmented reality (AR) is, there’s a number of misconceptions about how widely the technology can be used
Michelle Goldsmith | 22 Jan | Read more
For years, passwords have been the dominant means by which organisations authenticate customer access to online services. Password-based authentication is easy and familiar for customers, and is initially inexpensive for organizations to deploy at scale. But, while password-based authentication may be appropriate in some instances, it is no longer suitable for the wide range of services where it is currently being used.
Steve Durbin | 13 Jan | Read more
Mobile technology has redefined the way businesses operate, unleashing unprecedented levels of flexibility, collaboration and communication.
David Balazsy | 13 Jan | Read more
In 2014, large retailers, franchises and small businesses alike were affected by new vulnerabilities and malware targeting point-of-sale (POS) devices, systems and vendors. One recent vulnerability affecting POS devices and systems was detailed by the US-CERT in its Vulnerability Notes Database.
With the major financial card breaches at global retailers, as well as a number of SSL/TLS vulnerabilities, it’s possible you may have missed a few other under-reported security issues that provided valuable lessons to the general technology community in 2014.
The cloud is a major presence in technology news and a trending topic that seems to pop up everywhere these days. The cloud certainly has the potential to transform computing across the spectrum, from individuals to SMBs to multinational corporations, and is rapidly becoming an essential part of the way companies do business.
John Hawkins | 10 Dec | Read more
New technologies like bring your own identity (BYOI) provide the agility that organisations need to compete in the digital economy, as Jan Zeilinga demonstrated in last month’s blog. But let’s not forget that getting the house in order is an important prerequisite to going “digital”. Employees and contractors need access to the right information to do their jobs, and organisations need to ensure that digital assets are used appropriately.
John Havers | 10 Dec | Read more
Last year, news that US retailer Target’s point-of-sale systems were compromised resulting in the theft of more than 40 million payment card numbers hit Australian headlines. A steady stream of breach stories throughout the year further raised awareness of the issue in this part of the world. But given there are no mandatory breach disclosure laws in this country, you may be wondering ‘If my details were stolen, how would I even know?’ Practically speaking, you’re probably thinking ‘What can I do to protect myself this festive season?’
Chris Pogue | 10 Dec | Read more
The rise and rise of the as-a-Service (XaaS) model continues. The various models based around the XaaS approach are all forecast to continue growing rapidly as organizations go on taking advantage of the increased flexibility, lower CAPEX (Capital Expenditure) and on-demand nature of the service. Gartner predicts that Infrastructure-as-a-Service (IaaS) will grow at a CAGR (Compound annual Growth Rate of 41.3 per cent through 2016, while Platform-as-a-Service (PaaS) will hit 27.7 per cent CAGR in the same period. The Software-as-a-Service (SaaS) market will grow at 19.5 per cent CAGR in that time too, demonstrating how significant the cloud delivery of IT services has become.
Gordon Makryllos | 01 Dec | Read more
Are our investments in ‘information security’ aligned with today’s reality? It seems that every day there is a new security incident making headlines. Dictionary.com has nominated the word ‘exposure’ as word of the year. The word exposure has been popularised by events such as Ebola, but more relevant to us in the world of ‘infosec’, data breaches and other related security incidents.
John Ellis | 01 Dec | Read more
Five years ago we knew changes in technology and the ways in which we do business would present enormous challenges for how IT manages identity, what we didn’t know, was just how fast these changes would take place. By 2015 Gartner forecasts Identity as a Service (IDaaS) will make up 25 per cent of the Identity and Access Management (IAM) market, up from just four per cent in 2011.
Graham Pearson | 28 Nov | Read more
Most organisations are unaware of the need to bring darknet expertise in-house to ensure that there will be no surprises bubbling out of the darkness. The darknet does not have a pretty face, but it is not entirely evil either; so what is it that your organisation should know about the darknet, and why?
Mark Gregory, RMIT | 24 Nov | Read more