Top Stories
News
Schnucks wants federal court to handle data breach lawsuit
Layered defenses largely fail to block exploits, says NSS
Researchers warn of increased Zeus malware activity this year
AusCERT 2013: Four dissenters to spur next year's security debates
AusCERT 2013: Kill the password, says Mozilla
AusCERT 2013: Unmanaged, unknown privileged logins opening the door for APTs: Cyber-Ark
AusCERT 2013: Companies unaware of IPv6 security risk even if they’re not using it
Researchers find unusual malware targeting Tibetan users in cyberespionage operation
Google's latest Penguin update lets you squeal on spammy websites -- as well as anyone else
In pictures: AusCERT 2013 roundup
In pictures: AusCERT 2013 gala awards night
AusCERT 2013: International cyberwar response more complex than geopolitical treaties: NATO CCD COE analyst
Industries
AusCERT 2013: Deploying BYOD in a government environment
AusCERT 2013: Interview with Dr Lizzie Coles-Kemp
AusCERT organisation celebrates 20 years
AusCERT 2013: Police urge banks to install ATM chip technology
AusCERT 2013: Big data skills help beat the bad guys, says HP
The Ins and Outs of Cloud and Outsourcing
Australian Information Security Association issues blunt warning as National Cyber Security Awareness Week begins
Despite $1.46b furphy, 2013-14 Budget offers slim pickings for cyber security
SCADA security and understanding the risk impacts
Cyber Security and the CIO Challenge
Trend Micro's new paradigm: old (but good) advice in a new bottle
Westpac email scam detected
Data Protection
AusCERT 2013: Unmanaged, unknown privileged logins opening the door for APTs: Cyber-Ark
AusCERT 2013: International cyberwar response more complex than geopolitical treaties: NATO CCD COE analyst
AusCERT 2013: 'Hacktivism' may have passed its prime, but it still left its mark
AusCERT 2013: Visibility critical when selling IT security to execs, says Foxtel CSO
AusCERT 2013: Interview with Dr Lizzie Coles-Kemp
AusCERT 2013:Packetloop looks at the half-life of security information
Auscert 2013: Perimeter protection has failed, encryption needs its day in the sun
AusCERT 2013: Low-level analysis can find, map data deleted from Android phones
Cybercrime Survey: Almost half of small business victims
AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry
AusCERT 2013: Ashley Deuble: Network Security Monitoring with Security Onion
AusCERT 2013: World needs debate about “hack-back” rules of engagement
Identity & Access
AusCERT 2013: Kill the password, says Mozilla
The week in security: Government puts its cybersecurity money where its mouth is
The week in security: Govt targets cybercrims; cybercrims target banks, unis
Business banking: Liable for trojan fraud and flying blind
The week in security: Was it the FBI's Apple data, or not?
Win8 SmartScreen nudges software sellers to buy code signing certs
Understanding identity underpins BYOD security
Standards could turn social networks into trusted ID brokers: NetIQ
Five steps to mastering identity and access management
Auscert 2012: Day 2 Roundup - Roll your sleeves up its Gala Day
AusCERT 2012 Day 1 : IDS too noisy, too demanding: Stratsec
Adobe learns that security is a numbers game
Business Continuity
AusCERT 2013: Interview with Dr Lizzie Coles-Kemp
AusCERT 2013: Home-electronics gear’s UPnP as insecure in Australia as rest of world: Metasploit
Symantec targets mid to large businesses with Backup Exec 3600
The week in security: Huawei, ZTE, Galaxy Tab deemed unacceptable for business use
The week in security: Govt targets cybercrims; cybercrims target banks, unis
The week in security: Was it the FBI's Apple data, or not?
Part 3 Business Continuity and implementation
How CIO's meet growing security threats
Backup, DR part of security processes: Telsyte
Storing in the cloud securely: 30 services compared
Auscert 2012: Day 2 Roundup - Roll your sleeves up its Gala Day
The in-depth guide to data destruction
Physical Security
Auscert 2013: Perimeter protection has failed, encryption needs its day in the sun
CS-Cart v3.0.4 has PayPal ‘buy without paying’ glitch
Oz watchdog eyes whitelisting as “reasonable” privacy measure
Week in security: FreeBSD hacked as Facebook, Adobe redouble security efforts
Exposing insider threats
Social engineer whiz kid Cosmo gets six-year Internet ban
Aussie drug prescriptions sit pretty for health fraud
Security surveillance gets smarter
Exactly what is Homeland Security watching for on Facebook, Twitter, YouTube?
Researchers crack satellite encryption
Security Manager's Journal: Should physical security belong to us?
Carrier IQ security risks overblown?
Security Leadership
AusCERT 2013: Unmanaged, unknown privileged logins opening the door for APTs: Cyber-Ark
AusCERT 2013: Companies unaware of IPv6 security risk even if they’re not using it
AusCERT 2013: Visibility critical when selling IT security to execs, says Foxtel CSO
AusCERT 2013: NBN users need security professionals’ help, says Google
Australian Information Security Association issues blunt warning as National Cyber Security Awareness Week begins
AFP takes cyber safety to the people
Dimension Data focuses on enterprise mobility, security in 2013
Nasty Ruby on Rails vulnerabilities highlight small websites' risk to us all
IN PICTURES: Symantec revs it up at Telstra 500 (67 photos)
AISA National Conference 2012 set to repeat last year’s success
How CIO's meet growing security threats
Six tips for developing a security culture
Career Training
IT grads ambitious, but lack the security skills companies need: panel
IT security skills shortage demands training, hiring rethink: Earthwave
Trend Micro A/NZ hires new managing director from global ranks
Telstra seeks CISO to work with the Dept of Defence
Security Manager's Journal: A rush to judgment on DLP deployment
Techie seeks job by using malware, blackmail
Bruce Schneier awarded honorary degree from Westminster University
The CFO's role in the data breach war
Ethical hacking course offered by Coventry University
The Security Industry All-Stars
Where's the Steve Jobs of IT security?
ISMS Certification for Outsourced Service Providers
Risk Management
Nasty Ruby on Rails vulnerabilities highlight small websites' risk to us all
The week in security: Attacks continue; are you ready for 2013?
DSD confirms: application whitelisting is the go
Six tips for developing a security culture
Week in security: The future of security is agile
Embedding risk culture
The six pillars of security operations
Apple Security
AusCERT 2013: Low-level analysis can find, map data deleted from Android phones
Oracle updates Java 7 after Apple’s browser plugin block
Review: Mobile Security
Could 2013 be the year we finally sort out security?
The week in security: Attacks continue; are you ready for 2013?
The week in security: Govt targets cybercrims; cybercrims target banks, unis
Apple patches more than 160 Windows iTunes flaws
The week in security: Was it the FBI's Apple data, or not?
CSO: the art of catching the board's ear
2012: Next-generation threats need next-generation firewalls
Auscert 2012: Day 2 Roundup - Roll your sleeves up its Gala Day
Kaspersky kills flawed FlashBack removal tool
Open Source Security
Review : Clearswift SECURE Web Gateway 2.5
Google to auto probe Android Market for malware
Cnet de-trojans Nmap, but outrage continues
WatchGuard launches iOS-friendly security appliance
Hackers launch millions of Java exploits, says Microsoft
OpenPGP JavaScript implementation allows webmail encryption
Linuxfoundation.org, Linux.com down after security breach
Hack brings down Linux websites
Hack or no hack, the Linux kernel is well-protected
Security rundown for week ending Aug. 12
Super Glue website comes unstuck after Javascript attack
Mozilla retires Firefox 4 from security support
Opinions
The Ins and Outs of Cloud and Outsourcing
Protecting your organisation against DDoS attacks
Stuxnet, Ethics and the Law
Login to the real world with your Facebook account
What you should know about the Red October virus
SCADA security and understanding the risk impacts
Cyber Security and the CIO Challenge
Microsoft's Melbourne tests confirm: counterfeit software a security risk
Why acknowledging the cyber war and embracing cyber resiliency must be priority one
Establishing a Cloud Broker Model – Part 1
Big data and its security implications
Ransomware – a brief overview
IPv6
SANS: Closeted IPv6 causing “angst” amongst security pros
The week in security: New threats drive cloud-security evolution
IP voice security: are you susceptible or strong?
DDoS attackers start targeting IPv6 networks
IPv6 deployment starts at the network edge
IPv6: Dual-stack strategy starts at the perimeter
Hackers target IPv6
Boost in IPv6 use is only one step to solution
IPv6: Click, Clack, Front and Back
Will the sky fall if you don't deploy IPv6?
IPv6 boosts schools' on-net security
Companies shun, hide IPv6 rollouts due to security fears
Meet the CSO Journos
Featured Resources
Twitter Feed
-
hrgresearch AusCERT 2013: Unmanaged, unknown privileged logins opening the door for APTs: http://t.co/bgMyB71QDa via @CSO_Australia -
CR_NIC AusCERT 2013: Companies unaware of #IPv6 security risk even if they’re not using it http://t.co/fbpPTWuv6o vía @CSO_Australia -
CR_NIC AusCERT 2013: 'Hacktivism' may have passed its prime, but it still left its mark http://t.co/rOlD9X9zzm vía @CSO_Australia
-
jworrall AusCERT 2013:Unmanaged privileged logins opening the door for APTs: Cyber-Ark -APTs @CSO_Australia http://t.co/l8Lf4i1Gth via @CSO_Australia -
whablett RT @CSO_Australia: AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry #auscert2013 http://t.co/nfAjXW2jJV
Training
-
Cloud Computing Security Knowledge (CCSK) Plus
When: 17/05/2012 - 08/10/2012
The CCSK Plus training course enables the proactive management of the threats associates with Cloud Computing adoption
Whitepapers
-
The Big Data Security Analytics Era is Here
Large organisations can no longer rely on preventive security systems, point security tools, manual processes, and ...
-
Endpoint Security and Virtualisation
Besides form factor, virtual systems are not really that different than physical systems. They both use ...
-
Getting Real About Security Management and Big Data – A Roadmap for Big Data in Security Analytics
It’s an exciting yet daunting time to be a security professional. Security threats are becoming more ...
Galleries
Latest Blog Posts
Top IT Security Bloggers
Videos & Podcasts
-
Play video
AusCERT 2013: Introduction to Network Security Monitoring with Security Onion - AusCERT Presentation
-
Play video
Hackers around the world hack NASA data for good
-
Play video
Mobile Malware Development Continues To Rise, Android Leads the Way. Part Three
-
Play video
Mobile Malware Development Continues To Rise, Android Leads the Way. Part Two
CSO Corporate Partners
Get exclusive access to CSO, invitation only events, reports & analysis. Most Read
- 1
Dell targets ANZ security opportunities as SecureWorks debuts locally
- 2
AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry
- 3
AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave
- 4
ACMA database keeps finger on Australia’s malware pulse
- 5
Lethal medical device hack taken to next level
CSO Directory
Media Releases
Latest Jobs
Solution Centres
Security Awareness Tip
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Security ABC Guides
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
