Company Boards are becoming more cyber security savvy
AGL is transitioning its business, focusing on how it can deliver reliable, affordable energy to its customers and decarbonise its generation portfolio over time, and the digital agenda.
Security Leadership — Features
My Advice to Prime Minister Mr Turnbull
I look for passion more than anything else.
The changing role of a the CISO
Michael Sutton is the CISO of ZScaler. He has forged a long career working in information security and has seen many changes over the years. We spoke to him at AusCERT 2016 about his career, the changing role of the CISO and what he’s seeing in the world of infosec.
Anthony Caruana | 27 May | Read more
Effective management of information security risk is a classic example of the interplay between people, process and technology.
One of the great things about working for an organisation like Ramsay Health Care, is our brand promise; ‘people caring about people’ is something we live and breathe. Caring about our patients and staff means doing the right thing and protecting their privacy, be it in the clinical context or that of the digital world.
Board meetings actually become one of the meetings I look forward to
"There is little or no consideration of the underlying motivations and failures of the reported threat, which would enable them to make a more informed decision regarding their organisational risk and the value of mitigating the threats."
CISO must act as a translator between technology, security jargon and business risks.
"It is really powerful when a business executive or Board of Directors grasp the significance of this new risk area and start to drive security decisions and opportunities rather than reacting to scare stories."
CISO Leaders : Tammy Moskites, CIO & CISO, Venafi
Cyber security has transformed from what most viewed as an IT issue to a central business concern, and the CIO and CISO roles are shifting in response. If we’re to keep up the pace and adopt emerging technologies, security needs to be a priority and CIOs and CISOs need to work together to mitigate risk in organizations across industries and throughout government.
CISO Interview Series: James Nunn Price, Asia-Pacific Cyber Risk Services Leader at Deloitte
An organisation needs consumer trust to be successful in this transformation journey. Deloitte’s recent Privacy Index shows that consumer trust is key to a faster adoption of new products and services and that cyber security, together with the privacy it engenders, are key enablers in this transformation journey.
CISO Interview Series: Trevor McDougall, CIO, Open Colleges
As a business with 100% of infrastructure on cloud platforms I don’t need to worry about data centres which has enabled us to move quickly into overseas territories. We are very careful when selecting cloud partners as we rely heavily on there security practices to protect our data and IP.
Open source SOC project has been a great experience
Cyber security is not as concrete as physical asset risks and often causes businesses to understate a potential outcome.
Cyber Insurance is a crutch; the best insurance is staff education
What we are seeing across the region is that it is not one specific country being "hacked" more than another - but what we are seeing that the cyber criminals are looking for general weaknesses in our environment.
7 Questions to ask your CFO to get more Cyber Security Investment
"It is important for organisations to understand that using the cloud does not mean they have “outsourced” their risks and that someone else is taking care of it."
“At least 50% of my week goes into thinking about the future ”
I see that more and more companies across so many sectors are embracing (although perhaps not loving) the CISO role as a critical decision-maker and influencer.
“Innovation in Cyber Security is not just about thinking outside the box, it is also redefining the box.”
Everyday can be a D-Day for me and I love to celebrate success, no matter how small it is!
“Agile projects are collaborative at inception, with inclusion of Architects”
First thing I do every day is check email and LinkedIn; normally on the train. I like to get this touch base out of the way before I get into the office so I can map out a plan for my day.
“The Internet of Things & Smart devices are likely to accelerate the evolution"
The cyber threats that QBE and its customers face aren’t constrained by geographical boundaries, so unfortunately I can’t be too focused on threats from a single geographic area – even if it would make my life simpler.
“create your long, medium and short term plans and then you work on them.”
There are privacy issues related to patients data, governmental restrictions and standards required for holding and processing patients data and sovereignty issues if the organisation is multi-national where each nation has different rules and regulations.
"The most difficult part of the job is to stay on top of advanced threats, remediation and persuade other teams to remediate"
he most difficult part of the job of my team is to stay on top of advanced threats, associated remediation of vulnerabilities and persuade other teams to remediate the vulnerabilities prior someone else (hackers, enemies, or competitors) exploiting these potential vulnerabilities.
What CSOs should do on their first days
It used to be common for new chief security officers to come in with guns blazing. The security personality stereotype was a machismo type who wanted to be seen as the hero in saving the company’s network from all the villains trying to get in.
Ryan Francis | 14 Dec | Read more
"Exploring ways to build security into DevOps to ensure new digital services are ‘secure by design"
It's hard to describe an average day at IAG. So far no two days have been alike. My days are a combination of setting strategy, making various choices, engaging with my team and colleagues and making things happen.