Search
 
Results
Total: 254 results found.
Order by
  
Display
Conclusion: Bugcrowd, Hivint, Kasada, and Secure Code Warrior each has a proven capability to address an important aspect of the cyber defences of Australian organisations. The Australian Cyber Security Strategy, launched in April 2016, advocates the promotion of local capabilities where Australia can build globally competitive solutions. These four ...
Section: Content | Category: Security Leadership | Date: Sunday, 01 January 2017 | Hits: 563
Conclusion: There are two compelling information security reasons for creating a sense of purpose and ownership within an organisation. The first is that a sense of purpose and ownership will empower staff so that they move from responding to basic security hygiene matters, towards pre-empting issues. The second reason is so that organisations look ...
Section: Content | Category: Sourcing & Staffing | Date: Saturday, 03 October 2015 | Hits: 293
Conclusion: Organisations that do not treat information security risks seriously could pay a heavy price if a major incident occurs and they are unprepared to deal with it. Observations: In the last ten years the degree of interconnectedness through the Internet of organisations, their suppliers and customers and government, has increased dramatically. ...
Section: Content | Category: Security Leadership | Date: Wednesday, 28 July 2004 | Hits: 517
Conclusion:The latest Verizon Data Breach Investigation report (2011) continues many of the themes drawn out since its first publication in 2008. However, the DBIR is not a best practice guide on how to secure organisational data; it is an aggregation of cases where organisations failed to secure theirs. Consequently, the DBIR should be viewed as a ...
Section: Content | Category: Security Leadership | Date: Thursday, 26 May 2011 | Hits: 913
Conclusion: Security professionals are valuable not only for what they know, but also for how they think. However, this style of thinking can often result in them being alienated for “being too negative”. An alienated security professional is a waste of resources, so CIOs should adopt DeBono’s Six Thinking Hats, a thinking exercise based on role-play, ...
Section: Content | Category: Security Leadership | Date: Thursday, 24 June 2010 | Hits: 666
Conclusion: Despite the vendor and media hype around malware threats to the hypervisor, the biggest risk to IT departments from virtualisation is insufficient procedural controls. The risk stems from virtual machines being poorly managed, growing in number, and the consequent haemorrhage of money to support them. Virtual machines should be processed ...
Section: Content | Category: Security Leadership | Date: Thursday, 29 January 2009 | Hits: 570
Like any other sourcing transaction, relationships with Managed Security Service Providers (‘MSSPs’) that provide information security must be rationalised and planned by customers. Information security is an area of growing concern, but must be fully understood before a decision can be made regarding the approach an organisation will take to protect ...
Section: Content | Category: Sourcing & Staffing | Date: Friday, 28 November 2003 | Hits: 346
Conclusion: Non-IT executives are often reported as being concerned about the prospect of a cyber incident, but as security is not their area of expertise, responsibility for mitigation and preparation is often devolved to IT. This is a mistake, because as much as lack of any security could be devastating, applying the wrong controls to an organisation ...
Section: Content | Category: Governance & Planning | Date: Wednesday, 02 September 2015 | Hits: 505
Conclusion: Dedicated IT security people are too expensive for SMB organisations. The market trend is towards outsourcing security tasks, and the SMB market must embrace this. Large organisations (500+ people) should make internal security people the managers of internal security programs, and managers of the relationship with managed security service ...
Section: Content | Category: Security Leadership | Date: Saturday, 28 April 2007 | Hits: 504
Conclusion: Every technology trend in the financial services sector (principally BYOD, changes in cybercrime, cloud, and DLP) has an aspect of identity and access management. IBRS research on the identity management market in Australia has found that there is a very small resource pool of sufficiently skilled practitioners. This means that the financial ...
Section: Content | Category: Security Leadership | Date: Saturday, 23 June 2012 | Hits: 835