Our thoughts, industry views and technology trends

Don’t blame cyber attackers for data breaches, blame a lack of preparation

Cyber attackers are savvy, their methods are sophisticated, and we in the InfoSec community need to get over it.

At the Check Point Cyber Security Symposium in Sydney last week, Telstra CIO, Mike Burgess criticized those organizations that overly focus on attributing cyber attacks, or blaming ‘sophisticated’ attackers for their networks being compromised.

Continue Reading


Let the bird fly

Learnings from the keynote at Gartner’s Security & Risk Management Summit, Washington

Every business is becoming a digital business. By 2017, 50% of IT spend will fall outside of the IT department’s control. So what does this mean for organizational security?

The first temptation is to take back control and lock everything down. But that would be the wrong thing to do, and here’s why.

Continue Reading


Surviving WS2003 end-of-life

The biggest security threat of 2015?

Microsoft’s support programme for Windows Server 2003 (WS2003) is currently in the extended support phase, which is scheduled to cease on 14 July 2015. After that date, if a new security vulnerability is discovered, there is no commitment that a fix will be produced and released by Microsoft, nor will it address non-security defects or assist customers that encounter problems.

Continue Reading


File less fears

Last week I was talking to a customer about whitelisting policies. Having rolled out least privilege, application control and sandboxing to their estate they had gone from hundreds of security incidents per week to virtually none. This has caused the security team to become more proactive by shifting from constant firefighting and reacting to incidents to thinking strategically and planning ahead.

Continue Reading


Is InfoSec languishing in the dark ages?

Last week saw the start of RSA 2015, the annual gathering of security professionals and vendors from across the world in San Francisco. In the opening session, Amit Yoran, president of RSA, declared that InfoSec needed to escape the dark ages.

Continue Reading