December 18th, 2014
As 2014 draws to a close, many in the InfoSec community are looking back on what has been an eventful past 12 months.
In both scale and sophistication, 2014 has been a game changer. In the first nine months alone there were as many as 1,922 confirmed incidents with criminals managing to compromise 904 million records*. Household names, from Sony and Home Depot to JP Morgan and Kmart, have been compromised and new, ever more potent forms of malware have risen to the surface.
- June 15th, 2015
Cyber attackers are savvy, their methods are sophisticated, and we in the InfoSec community need to get over it.
At the Check Point Cyber Security Symposium in Sydney last week, Telstra CIO, Mike Burgess criticized those organizations that overly focus on attributing cyber attacks, or blaming ‘sophisticated’ attackers for their networks being compromised.
- June 9th, 2015
Learnings from the keynote at Gartner’s Security & Risk Management Summit, Washington
Every business is becoming a digital business. By 2017, 50% of IT spend will fall outside of the IT department’s control. So what does this mean for organizational security?
- June 5th, 2015
The biggest security threat of 2015?
Microsoft’s support programme for Windows Server 2003 (WS2003) is currently in the extended support phase, which is scheduled to cease on 14 July 2015. After that date, if a new security vulnerability is discovered, there is no commitment that a fix will be produced and released by Microsoft, nor will it address non-security defects or assist customers that encounter problems.
- May 1st, 2015
Last week I was talking to a customer about whitelisting policies. Having rolled out least privilege, application control and sandboxing to their estate they had gone from hundreds of security incidents per week to virtually none. This has caused the security team to become more proactive by shifting from constant firefighting and reacting to incidents to thinking strategically and planning ahead.
- April 27th, 2015
Last week saw the start of RSA 2015, the annual gathering of security professionals and vendors from across the world in San Francisco. In the opening session, Amit Yoran, president of RSA, declared that InfoSec needed to escape the dark ages.