security operations - News, Features, and Slideshows


  • What the private sector could contribute to the data retention debate

    It is impossible to discuss the recent debate around data retention in Australia without eventually coming back to information security -- encryption, the secure storage of digital records, and meta data are just some of the topics that are traditionally security issues. However, they are the same issues that have been addressed time and time again in the private sector.

    Michael Lee | 18 Mar | Read more

  • Three elements that every advanced security operations center needs

    Security operations centers (SOC) have been around for a while, stretching back to the old room full of live camera feeds. The intent of a SOC is simple: provide the business with the ability to see what is going on in order to take action if necessary. The level of SOC sophistication varied depending on the risks and infrastructure complexity. Consider the humble stretch of road and an analogy for businesses in the very early days of the internet: In low risk, low traffic areas, it was often not necessary to have a constant additional surveillance of this road. Road rules -- basic perimeter-based network security measures like firewalls -- still applied, but it was considered sufficient for any out-of-the-ordinary incidents to be handled reactively.

    Michael Lee | 20 Jan | Read more

  • Security Operations the Final Frontier – Part III

    Security Operations, as a capability, was discussed in the first article of this series: Security Operations the Final Frontier. This was a response to media coverage of a other operations in which information was compromised and data assets were stolen - Operation Shady RAT, Operation Aurora and Operation Night Dragon.

    Puneet Kukreja | 20 Dec | Read more

  • Security Operations the Final Frontier – Part II

    I have created my own interpretation of what a good pragmatic Security Operations Model (SOM) would look like. This has been adapted from a number of Security Frameworks and Industry Good Practices like ITIL, COBIT, NIST, OCTAVE, OWASP and the ever present ISO 27001/2 all of which have an input into the structure and makeup of an effective security operations framework or security operations model.

    Puneet Kukreja | 13 Sep | Read more

  • Security Operations the Final Frontier

    Operations Shady RAT, Operation Aurora, Operation Night Dragon sounds like names out of a WikiLeaks memo or even more a Hollywood action blockbuster. Sadly not, these are the three names that have done the rounds in the last 2 – 3 years where information security defenses of organizations were not only breached but data assets were stolen for sure.

    Puneet Kukreja | 31 Aug | Read more