- +
Your World. . . Hacked 02/10/2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network - +
How to Save the Internet 12/05/2005 10:59:59
Imagine labels on software like those on cigarettes - Infosecurity General's Warning: The use of software and hardware that is not certified secure can harm your system and other people's systems, and you may be held liable for those damages.Computing on the Net is heading for a fall because security is a joke. So we summoned the best minds to see if we could put Humpty back together again. - +
Critical Threats 04/04/2005 15:40:10
Too few CIOs have taken the time to investigate and fully understand the operational networks now interconnected with IT - specifically, EMS and SCADA systems.Few, if any, of the industrial control systems used today were designed with cybersecurity in mind. Meanwhile, Australia's critical information infrastructure has never been more vulnerable . . . - +
Don't Export Security 22/06/2005 12:18:53
It is up to CIOs and CSOs in the companies sending work offshore to define what's an acceptable risk, outline security measures (in the contract wherever possible) and monitor their enforcement with the cooperation and support of the offshore provider.Sure, you can save money by working with an outsourcing vendor in a faraway land. But don't trust the outsourcer to install the right security protections. Follow these best practices to verify that your relationship is cost-effective and safe. - +
Stuck on ROI 07/03/2005 09:23:32
Executives and senior managers have learned to greet ROI claims with a generous sprinkle of scepticism, doubting claimed benefits can be realized and that identified costs will fall in lineWhat's a good CIO to do when facing a clamour from executives, boards and shareholders to present a compelling business case, while knowing almost no one will believe that business case when presented?
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Employees of private and government organizations working with highly sensitive information are still failing to adequately secure laptops containing highly sensitive information, with a spate of recent robberies prompting a stiff warning from a former Australian intelligence chief.
Over the last month in a series of brazen thefts at least four laptops have been allegedly stolen from sensitive security consultancies. In Victoria one alleged laptop theft triggered a police manhunt resulting in at least one arrest and subsequent charges being laid.
Computerworld is unable to publish details surrounding the alleged Victorian theft, including the name of the organization from which the laptop was allegedly stolen, as the matter is currently before Victorian courts.
The other three alleged thefts are understood to have occurred in Canberra over the Labor day long weekend and relate to an electronic security consultancy known to have government information security contracts. Computerworld understands the incident is currently being assessed for its security implications.
Former director of security intelligence for the Department of Defence, Clive Williams, who now lectures in terrorism studies at the Australian National University's Strategic and Defence Studies Centre, said laptop theft remained a serious security threat not least because government victims routinely downplayed the sensitivity of information held on stolen laptops to save their own careers.
"The commonwealth loses several hundred laptops a year. [Victims] invariably say that there is less sensitive information on them than there is [to try and protect themselves]," Williams said.
Williams said part of the problem was that many secure organizations such as Defence remained hostile to portable technologies such as secure thumb-drives because they created as many internal information security issues as they solved outside - but that laptops still remained highly vulnerable.
Williams said well-honed techniques to separate users from their machines were still routinely used.
"Sometimes if you are travelling overseas your hosts will organize an occasion where it's inappropriate for you to have your laptop with you so they can gain access to it," Williams said. Properly secured removable media, which can be more discretely carried by its custodian, offered some advantages in the field, he added.
Rick Draper, managing director of security and crime prevention consultancy Amtac Professional Services, said the fact that laptops now held huge amounts of data which, if left unencrypted, created a potential goldmine for thieves.
"When the information held on [a stolen machine] becomes compromised it is unforgivable - you always have to encrypt the data and have physical protection because of the profitability of a laptop," Draper said.
To mitigate enterprise data loss, Draper advocates a similar loss prevention methodology to that of the retail sector.
"In retail, the term 'stock shrinkage' is used for an acceptable form of loss and normally a result of three actions - incompetence, straight out dishonesty or damaged goods, which in retail can be easily tracked. In a corporate environment with regards to information, the same rules apply," Draper said.
Computerworld Member Login
Beyond Virtualisation - The Roadmap to 2012
CIO Breakfast Briefing
8:30am - 10:30am
Brisbane | 22 July | Sofitel Brisbane
Sydney | 23 July | Four Seasons Hotel
Canberra | 24 July | The Hyatt
Attend and discover:
- What happens after virtualisation
- The benefits automation drives
- When automated infrastructures will emerge
- What the roadmap to 2012 looks like
- How to deliver an automated architecture
- How to maximise your investment in virtualisation
- +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future. - +
Data Management Edition #9: Data centre makeover 24/04/2008 07:43:06
This week CW Live looks at the death of the old style data centre which is undergoing its first makeover in more than 30 years.
Ballarat Grammar Improves Student Access to Computer Based Learning with HP ProCurve 2008-07-04 16:49:00+10
Media release: 40 Per Cent of Australian Businesses Do Not Validate Their Data 2008-07-04 10:29:00+10
Kaseya helps turbo charge BlueFire’s service delivery model 2008-07-03 17:23:00+10
Computershare Selects Symantec for Data Loss Prevention Globally 2008-07-03 14:52:00+10
DST International moves to new Shanghai office 2008-07-03 13:21:00+10
HP customer perspective white paper: best practices for implementing HP Quality Center software
Discover a structured approach to planning and implementing an integrated, web-based suite of tools. Read on to get practical advice, tools and processes for delivering high-quality applications.
