Cybersecurity

  • 📺 Prime Target ★★½ (and the real threat that's never mentioned)

    Prime Target is criticised for its implausible premise regarding the NSA and mathematicians, while ignoring the real threat posed by quantum computing. read more

  • I'm a GCFE. But Will I Use It?

    I’m now a GIAC Certified Forensic Examiner (GCFE). Honest! I’ve got a certificate and everything. It even came framed: According to the blurb: The GCFE certifies that candidates have the knowledge, skills, and ability to conduct typical incident investigations including e-Discovery, forensic … read more

  • One of Those Weeks

    Something is seriously wrong with my brain this week. Two incidents give cause for concern that I may have Frank Spencer syndrome: Incident 1 - over the weekend Rach asked me to have a look at the car because it wouldn't start. I got in it, turned the key and I got absolutely nothing from the … read more

  • Monster Password Issues

    This week, the massive online job site Monster.com released a security notice that their database had been hacked, potentially releasing the personal details of millions of registered users. This isn't the first time this has happened, and I'm sure it won't be the last.Leave aside the fact that … read more

  • I've Got Brain Ache

    I'm very busy on the work front at the moment, both in my day job and with the internet business. In my day job I'm involved in a major, very complex, government PKI project. PKI stands for Public Key Infrastructure and is basically a set of systems that can be used for issuing and signing digital … read more

  • UK National Risk Register

    The UK Cabinet Office has now made public information from the previously classified UK National Risk Register. This is available at [www.cabinetoffice.gov.uk/reports/n...](http://www.cabinetoffice.gov.uk/reports/national_risk_register.aspx.) This seems to backup what many scientists have been … read more

  • Home for a Short Weekend

    I'm currently sat in the departure lounge at Canberra airport with a 3 hour wait for my flight. Luckily I'm sat at a table that's near a bar, and also has a power socket I can use, so the combination of my laptop and Crown Lager should see me through. It feels weird travelling home on a Saturday … read more

  • Hacking in Canberra

    This week I've made my first visit to our nation's capital - Canberra - for a 6-day course in Hacker Techniques, Exploits and Incident Handling. Canberra is a strange little city. It seems to me to be a cross-between Washington and Milton Keynes, in that it's clearly a Government town; the Federal … read more

  • PCI QSA

    This week I've been in Sydney on a training course to become a Qualified Security Assessor (QSA) for the Payment Cards Industry Data Security Standard (PCI-DSS). The PCI-DSS is a standard jointly devised by VISA, Mastercard, American Express, JCB and Discover that details the security controls that … read more

  • AusCERT 2008

    On Wednesday I attended AusCERT 2008. AusCERT is an annual conference for the IT Security industry organised by the Australian Computer Emergency Response Team. Held at the plush surroundings of the Crown Plaza Royal Pines Resort on the Gold Coast, the event is a chance for vendors such as Check … read more

  • Reported UK Data Losses - It's Worse Than You Think

    It comes as no surprise to me that we're seeing a lot of news reports lately regarding lost or stolen government laptops and removable media containing personal information. In the last week alone we've seen records of 600,00 people have been lost by the Royal Navy, as well as the loss of 4000 … read more

  • My First Day

    Today was my first day in a new job - what will hopefully be my last working for someone else. The role and work I've been given is much more like what I'm familiar with - security compliance. The first project I've been given is to help a client - a subsidiary of a well-known Japanese car … read more

  • Work and play

    Lauren visited The Gabba today while some of us had to work. The Gabba is Brisbane's cricket ground and home to the Brisbane Lions AFL (Aussie Rules) team. We're into the school Winter Holidays now and as we're both working we've had to put Lauren into Vacation Care with her school. It costs money … read more

  • Am I speaking a different language?

    Here's an example of the kind of battle I have on a daily basis trying to get people into a security mindset: Me to Relationship Manager (RM): Can you please ask the client to complete the attached Business Impact Analysis (BIA) template so we can understand how valuable their data is in order to … read more

  • Update Checker

    I really like the new Filehippo Update Checker. It scans your installed applications and checks to see if you have the latest versions installed. This is important because it's not just your operating system that can contain security vulnerabilities that need patching - applications need patching … read more

  • TK Maxx security breach comes as no suprise

    The security breach at TJX, owners of TK Maxx, which has led to the disclosure of 45 million customer's credit and debit card information comes as no surprise to us in the IT Security community. Unlike banks, insurance companies and they're like who are regulated by the Financial Services Authority … read more

  • Security features in the new £20

    It may have the feel of monopoly money but apparently the security features built into the new £20 note are quite good. Here's a handy guide for checking for forgeries: http://news.bbc.co.uk/1/hi/business/6444003.stm#graphic read more