Our thoughts, industry views and technology trends

Featured

Contributor:
James.Maude
June 5th, 2015

Surviving WS2003 end-of-life

The biggest security threat of 2015?

Microsoft’s support programme for Windows Server 2003 (WS2003) is currently in the extended support phase, which is scheduled to cease on 14 July 2015. After that date, if a new security vulnerability is discovered, there is no commitment that a fix will be produced and released by Microsoft, nor will it address non-security defects or assist customers that encounter problems.

 

Continue Reading

Hacking Team – Zero Day Any Day

In InfoSec these past few weeks it has been impossible to miss the news that the secretive spyware company known as Hacking Team has been breached and their files posted online. This compromise has resulted in 400GB of confidential data being released online and caused widespread embarrassment for the company and clients alike.

Continue Reading


Don’t blame cyber attackers for data breaches, blame a lack of preparation

Cyber attackers are savvy, their methods are sophisticated, and we in the InfoSec community need to get over it.

At the Check Point Cyber Security Symposium in Sydney last week, Telstra CIO, Mike Burgess criticized those organizations that overly focus on attributing cyber attacks, or blaming ‘sophisticated’ attackers for their networks being compromised.

Continue Reading


Let the bird fly

Learnings from the keynote at Gartner’s Security & Risk Management Summit, Washington

Every business is becoming a digital business. By 2017, 50% of IT spend will fall outside of the IT department’s control. So what does this mean for organizational security?

The first temptation is to take back control and lock everything down. But that would be the wrong thing to do, and here’s why.

Continue Reading


Surviving WS2003 end-of-life

The biggest security threat of 2015?

Microsoft’s support programme for Windows Server 2003 (WS2003) is currently in the extended support phase, which is scheduled to cease on 14 July 2015. After that date, if a new security vulnerability is discovered, there is no commitment that a fix will be produced and released by Microsoft, nor will it address non-security defects or assist customers that encounter problems.

Continue Reading


File less fears

Last week I was talking to a customer about whitelisting policies. Having rolled out least privilege, application control and sandboxing to their estate they had gone from hundreds of security incidents per week to virtually none. This has caused the security team to become more proactive by shifting from constant firefighting and reacting to incidents to thinking strategically and planning ahead.

Continue Reading