In the shadow of Ashley Madison where personal profiles have been breached and there have been examples of public servants using their work email addresses for extra curricular activities.
In most organisations we are using a combination of waterfall or agile development to deliver new business functionality. Unfortunately it is also true that security is not the first consideration, in fact it is often an after thought.
As the boundaries between work and leisure blur, it becomes an increasingly problematic question to answer. No longer it is the case the all files remain physically within the building; in truth corporate data is accessed from many locations and devices.
As humans have always used a physical signature as a method to provide a verification of identity. Hence we sign contracts and in the past we used our (John Hancock) signature to access our bank accounts. If I have a signed document, then it is attributed a degree of trust.
For any CSO or CIO, you are charged with protecting the enterprise. That’s a significant responsibility and you know darn well that your reputation indeed your role depends on how well you can manage through the issues that will arise.
This week at a Big 4 Bank there was a presentation on Cyber Security. The presenter who was an ethical hacker started by saying that he would introduce himself and he rarely does that. In the spirit of that I will leave him unnamed.
Most organisations have embraced mobility as strategy to fully enable their mobile workforces. In essence, this has meant that we have striven to provide for the remote worker access to all the tools that we have in the Headquarters.
I’m a person who has had a keen interest in trying to stay across developments in Cyber Security, but a recent Symposium at Sydney’s Luna Park has been an eye opener on many fronts.
In a recent AustCert conference it was expressed to the CSO Editor that many struggled with "How to actually affect change in IT security behavior”. And not just "raise" awareness.
There is increased scrutiny by the Board and Management of business risks and potential impact of Cyber Security on operations. As the person who is responsible for hiring the new CISO, what are the key criteria that you ‘must’ have for the candidate?
If you're like most, you face a conflicting challenge around security: while there is increased focus on digitalisation of the business, at the same time the threats to the business have not been fully addressed – or even planned for.
Recently I started to use alternative search tools such as Duck, Duck Go and my old old favorite Yahoo. Why? Well I just was wary about all the information that is being collected by Google, and just wanted to see what it was like to revert to another tool.