Security » Features »

Resources CIOs in Australia

In a fast growing sector, the bottom line is everything

2011's biggest security snafus

Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.

Hackers target IPv6

If your IPv6 strategy is to delay implementation as long as you can, you still must address IPv6 security concerns right now.

Bad new world - Cyber risk and the future of the US

In September 2007, in a remote laboratory in Idaho, researchers began to show that that picture had begun to change, dramatically and irreversibly. Dubbed "Aurora," the researchers' project demonstrated the ability of a cyber hacker to destroy physical equipment--in this case a generator used to create electricity for the power grid.

Security breach

No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.

Cloud security: how to protect your data

To use Cloud computing securely requires companies to know where their data is stored and who has access to it. Ironically, the reason Cloud is so popular is because organisations don't want to worry about these details.

So can the issue be solved by adhering to standards? Increasing legislation? Maybe we need a global technical disaster to ‘sober up’ an industry drunk on the power of Moore's Law.

Top 10 hacking movies

2011 so far has been filled with news of high-profile hacking - the Epsilon data breach, Microsoft and the various attempts of the nefarious Anonymous. Even the Australian Government copped a little unwanted interest. With this in mind, we thought it was time to track down the top ten Hollywood movies about hacking.

Apple iOS: Why it's the most secure OS, period

In June 2007, Apple released the iPhone, and the device quickly took off to become a major brand in the smartphone market. Yet when the iPhone shipped, security on the mobile operating system was nearly nonexistent. Missing from the initial iOS (then called iPhone OS) were many of the security features that modern-day desktop software has as a matter of course, such as data-execution protection (DEP) and address-space layout randomization (ASLR). Apple's cachet lured security researchers to test the platform, and in less than a month, a trio had released details on the first vulnerability: an exploitable flaw in the mobile Safari browser.

Smart grids set to revolutionise energy companies - Part 3

Adding new layers for both improved communications and business-focused data analysis may add pressure to already pressured CIOs, but information executives aren’t the only ones staring down organisational change as a result of the industry’s new information-driven dynamics.

Smart grids set to revolutionise energy companies - Part 2

Smart meters have a way to go. The recent 2010 Australian Smart Grid Study, a survey of 13 Australian utilities by sector consultancy Logica, showed an average self-reported maturity rating of just 2.14 on a scale of 1 to 5, and communications networks to support them rated 2.80.

Smart grids set to revolutionise energy companies - Part 1

Like any entrepreneur, Andrew Dyer is excited about the possibilities for his clean-energy venture, BrightSource Energy. The company, of which he is a director, is this year partnering with energy giant Chevron to cover 1000 acres of the US desert with 4000 mirrors that reflect sunlight onto three boilers mounted atop each of three 100 metre towers.

Internal security top of mind for AusCERT

When a delegate list includes people from the US Naval Criminal Investigation Service (NCIS), AusCERT 2011 organisers know all too well that their security may be tested.

Legal issues in the Cloud - Part 4

One of the remaining key issues Cloud users need to consider relates to the notion of being locked-in to certain applications or systems — and if a user wants to transfer data or applications from the Cloud, whether the data is portable between service providers. In these circumstances, a user will need to consider its requirements to access data some years into the future for a plethora of regulatory reasons.

Legal issues in the Cloud - Part 3

Proper due diligence focuses on identifying the players in the Cloud relationship. That is, who is actually involved in providing the services and are they the same entity (or entities) that are processing or storing data? In the case of aggregators, for example, a Cloud user could be dealing with a single entity which itself is provided services by various third parties.

Legal issues in the Cloud - Part 2

Unlike a fixed server in your office or at a data centre in Australia, data in the Cloud can potentially be located anywhere in the world — even in multiple data centres in multiple copies worldwide. A Cloud service provider may not even know where the data resides at any one time. The Cloud may not be tied to any particular location but this is clearly not the case with the laws of each country. Any ‘global’ technology solution will be impacted by the laws of a large number of nation states. As a result, sending and processing data around the globe could, in the process, fail to comply with data protection and privacy laws in various countries.

Legal issues in the Cloud - Part 1

The Cloud can be cheaper, more flexible, easier to manage and efficient. But users and providers of Cloud services have to weigh these advantages against the risks or perceived risks — such as regulatory compliance, security, performance, availability of service, and liabilities and remedies under the governing contracts.

Home Wi-Fi networks the next target for cyber crime: Layer 10

Wi-Fi may be the networking method of choice among apartment blocks cropping up in increased numbers in Australia’s major cities, however increased reliance on wireless internet is resulting in more security risks, according to Layer 10 Consulting.

Steps to secure your smartphone against data theft

You may already know the basics of Internet security and keeping your personal data private while browsing the Web: Use a firewall, don't open attachments you aren't expecting, and never follow links from strangers. But what about your smartphone? The ease with which security researcher Georgia Weidman was able to infect Android phones with her custom botnet during the 2011 ShmooCon security conference suggests that anyone concerned about the privacy of the personal data stored on their smartphone should think twice before downloading dubious or otherwise untrustworthy apps.

Business continuity planning - more than just disaster recovery

As a nation, we have certainly faced our fair share of disasters lately; flooding in Queensland and Victoria, cyclones in Queensland and massive bush fires in Western Australia — just months after devastating earthquakes in Christchurch. Our hearts certainly goes out to all of the people affected by these disasters but I personally feel the pain of all the IT professionals who are, or will be, working tirelessly to bring IT systems back on-line in order to maintain some form of business continuity in these affected areas.

How DRM could ensure cloud security

Yet another survey is indicating that security is a big issue for those intending to take up cloud computing.