Stories by Ashwin Pal

​Security in 2020 – Data Security is Key

Gone are the days when data was confined to the data centre and we could put a virtual fence around it and protect it. Now data is everyone with multiple copies of it. This causes a massive headache for CISOs who are tasked with protecting this data from falling into the wrong hands. The question then arises, with data literally everywhere, how do we achieve this?

Ashwin Pal | 02 Aug | Read more

A Quick-fire Guide to Secure Code Development

The value that applications and databases present to attackers has seen a move from network based attacks towards web application and database attacks. We are starting to see more and more high profile web based attacks. The Ashley Maddison hack is one that is fresh in my mind. At the end of the day, our adversaries are after the data that our organisations hold for financial gain. As with anything else, our adversaries are using the easiest path to get to this data and in most cases this tends to be web applications and heir back-end databases. Why – because web applications are always available to anyone, anywhere and we have seen way too many examples of insecure code development and basic coding errors that lead to compromised web applications and subsequently databases.

Ashwin Pal | 20 Oct | Read more

Five Key Challenges Facing CSOs Today

2012 has been a tough year for IT security and the trend seems to be continuing into 2013. We have now become accustomed to groups such as Anonymous that have wreaked havoc on a number of large government and corporate organisations. A new frontier in cyber threats has opened. The driver for cyber intrusion is no longer fame, but theft of intellectual property, financial information, blueprints and other classified information for financial gain.

Ashwin Pal | 10 Jul | Read more

Big data and its security implications

There has been a significant amount of talk about big data lately in the media particularly at the RSA security conference. However, many people are still unclear as to what constitutes big data and furthermore what its implications are to us as security professionals. Within this brief article, I shall try and address both these points.

Ashwin Pal | 08 Mar | Read more

Ransomware – a brief overview

There have been a number of ransomware attacks on Australian businesses lately. Awareness of this threat is increasing, but a number of small businesses, in particular, are still in the dark around what this is and how to protect themselves against it. Within this brief article, I shall try and cover both these points.

Ashwin Pal | 08 Mar | Read more

Near field communication – the security risks

Near field communication (NFC) is a type of contactless, wireless technology used for sending information or making payments. By embedding an NFC chip inside a smartphone, a company can create a virtual wallet where users store credit card information and can pay at a store simply by waving their smartphone over a credit card reader.

Ashwin Pal | 01 Nov | Read more

Advanced Persistent Threats (APTs) — a Synopsis

A lot has been written in the media recently about APTs, but there seems to be a level of confusion out there about what this phenomenon is and how this could affect us. Within this brief article, I shall try and shed some light on the phenomenon that is APTs.

Ashwin Pal | 29 Feb | Read more