When chief information officers and other technology managers talk about their priorities, security is always high on the list.
It's not just age-old concerns such as corporate espionage and disruption to the business that CIOs worry about. Those issues have been around as long as corporations and governments — the use of information and communications technology has just made everything faster.
Discovering that corporate PCs are part of a botnet not only means the company's system resources are being stolen, it is also likely that the infected computers are being used by criminals for activities such as sending spam, hosting phishing websites or launching DDoS attacks.
It's commonly agreed that there is no way to guarantee the security of any large organisation's systems. Instead, the debate generally revolves around balancing risks, costs and flexibility so the business can continue to function effectively.
Keeping operating systems and applications up to date and working around potentially damaging vulnerabilities — such as the domain name system hole discovered by researcher Dan Kaminsky — ensure those tasked with security need to be up-to-date with new threats.
Then there's the need to protect every end-point device; the advent of data-rich handsets such as Research in Motion's BlackBerry and Apple's iPhone are making the job even more difficult.
ZDNet.com.au's dynamic guide to security will keep you up to date with all the current issues, debates, opinions and products in the security field.
Features and Case Studies
Antivirus software manufacturers all claim to protect us against threats, but how well do they actually perform? We put six popular business internet security packages to the test.
McAfee Total Protection 2010 is the latest in McAfee's security stable to offer all the bells, whistles and options that the company can squeeze into one security suite. This program is nothing if not extensive, as the following screenshots show.
Microsoft has launched a new free security package today dubbed Microsoft Security Essentials.
With apologies to John Clarke and Bryan Dawe, ZDNet.com.au's Ratbags team has put together its own interpretation of the Federal Government's internet filtering initiative.
More Features and Case Studies »
The apache.org website suffered an intrusion over the weekend that resulted in the site being taken down.
The footage Four Corners displayed of a suspected Melbourne fraudster's house and technology during a police raid last week hardly fits the profile of a master fraudster.
The ongoing saga of the Melbourne International Film Festival (MIFF) has taken another turn with reports today that hackers instigated a denial of service attack on the Festival's website shopping cart.
This week Symantec made beta versions of its flagship Norton Internet Security 2010 and Antivirus 2010 products available for testing. We put NIS 2010 through its paces to see how it stacks up.
Firewalls have come a long way since we last looked at them in 2005, and have now become full-blown Unified Threat Management devices. We take a look at the top players.
Australia's largest annual security conference, AusCERT, is underway for another year, and continues the tradition of bringing security gurus, vendors and members of government under one roof.
In the past week, the security environment around Adobe's Reader and Acrobat products has imploded, with yet more JavaScript vulnerabilities appearing. Adobe needs to look no further than Microsoft for a lesson in how to deal with these situations.
Mac users should heed the call and realise that root user stupidity can always subvert any security in place.
Renowned security researcher Mikko Hypponen talks to ZDNet.com.au about the pros and cons of law enforcement using hacking techniques to fight crime.
Sceptical that Australians are targeted by cybercrime? Late last year the Australian Computer Emergency Response Team (AusCERT) was asked to repatriate hundreds of Commonwealth Bank customer credentials which had been stolen via the ZeuS trojan.
I was waiting for the UAC-based security problems to occur after Windows 7's release but alas that was not to be, for problems have occurred in the beta version of Windows 7.
Scared of being swept out in a round of redundancies? Then join a security company, where your misery is the industry's opportunity to protect intellectual property.
It's always funny watching an event force a company to break old habits and this IE zero day was enough for Microsoft to do it. As Microsoft Australia's strategic security advisor Stuart Strathdee said "we pulled all stops to get this patch out".
Virtualised desktop environments, in some cases using Linux, are gaining in popularity as IT administrators realise they can deliver security advantages. We tell the story of one Australian government department and take you through the landscape.
Norton Internet Security 2009 hits all the right security notes and its superior protection technologies might even win back some jaded anti-Symantec folks. We take you on a tour.
Does anyone seriously believe that Australian businesses and government agencies manage security any better than the US or UK?
Related News
Ashley Towns, the Australian behind the ikee iPhone worm that replaced the background picture of insecure jailbroken iPhones, has reportedly been hired by Sydney company mogeneration.
Confidential personal information gathered by Victorian government agencies "can be, and has been, easily compromised", according to a report published today by the state's Auditor General.
Telstra announced today a new ASIO accredited security operations centre in Canberra to provide managed security services.
The Commonwealth Bank of Australia (CBA) has commenced a final roll-out of two-factor authentication (2FA) systems that will see 400,000 customers of its NetBank internet banking service upgraded to the secure log-in technology.
More Related News »
An Australian has released a virus for the Apple iPhone, ikee, which replaces the infected device's background picture with an image of Rick Astley.
National Australia Bank is confident that it has the tools it needs to leapfrog rivals by adopting three-factor authentication, adding an extra means of security to the normal two factors most Australian banks offer customers to secure their transactions.
The South Australian Government has locked in Dimension Data for a further three years under a managed network and security deal worth $36 million, with the government shaving off over $1 million a year from the value of the past contract.
Security experts from Defence have been called in to assist agencies that were targeted by last night's attack on the Prime Minister's and other agency websites. More attacks are expected, according to sources.
Fewer than half of all home computer users protect their systems from viruses, cyber-crime and other hacking, Australian Federal Police e-crime chief Neil Gaughan told federal parliament this week in a wide-ranging testimony.
Huawei has issued a furious denial of newspaper reports that claimed the Chinese networking vendor was being investigated by the Australian Security and Intelligence Organisation (ASIO) for links to Chinese political interests.
The Federal Government is planning a radical overhaul of telecommunications interception rules, which has some concerned it may be used to force internet service providers (ISP) to inspect customers' online activities.
The Australian Federal Police today confirmed it had not yet made any arrests from a highly publicised raid on an alleged internet fraudster in Melbourne, despite holding evidence for around a week.
Australian researchers have demonstrated a way to prove core software for mission-critical systems is safe.
Queensland Rail has gone to market for a supplier to provide a Wi-Fi service on the state's suburban trains that would offer wireless internet, security and other services.
Australian security company Internet Sheriff Technology (iSheriff) has been put up for sale following what appears to be financial problems.
The Royal Australian Air Force has confirmed that a hacker defaced its website on 13-14 July, in an attack the perpetrator described as a warning message to stop racism against Indian students in Australia.
Sydney's Macquarie University has contracted Avaya to provide it with a 6000-handset IP telephony roll-out, in what appeared to be a snub to its existing networking partner Nortel, which maintains its Australian head office on the university's campus.
Tough new laws aimed at clamping down on identity fraud are being drafted by the NSW government.
Symantec Australia's former chief David Sykes has re-emerged in the security industry at the company's arch rival McAfee.
Do Mac OS X users really need antivirus? ZDNet.com.au recently posed the question to security professionals at the AusCERT 2009 IT security conference on the Gold Coast.
Whitepapers
One topic the user really needs to understand when deploying Windows Mobile applications is security. Often, developers spend a lot of time developing and testing their applications on emulators. However, applications that are working perfectly on emulators often break mysteriously...
The presenter of this webcast shares how her organization is leveraging Sun Ray virtual clients, single sign-on and strong authentication to reduce cost and increase end-user productivity, while ensuring security. The presenter also discusses security considerations for moving to a...
When it comes to content, "one size fits all" used to be the norm and web traffic was measured in "hits". No longer. Companies that are leading the way in 2009 and beyond are incorporating geotargeting to help...
To improve the security of web applications, it starts by building software securely. IBM Rational AppScan is a suite of Web application vulnerability scanners that include dynamic and static analysis capabilities. Now you can engage more testers earlier in the...
More Whitepapers »
Security managers worldwide working for midsize or large organizations share a common goal: to better manage the risks associated with their business infrastructure. Web application security plays a significant role in achieving that goal. This session will discuss new and...
Traditionally, companies have relied on perimeter defenses to keep their networks and data secure. Unfortunately, network firewalls and network vulnerability scanners can't defend against application-level attacks. Cyber-criminals are leveraging relatively simple application exploits to gain access to sensitive information for...
Whitebox & blackbox application security testing are two approaches for detecting vulnerabilities in Web-based and network applications. Both have strengths and weaknesses, but a combination of the two provides the most comprehensive application security coverage and facilitates the extension of...
Enterprises understand the importance of securing web applications to protect critical corporate and customer data. What many don't understand, is how to implement a robust process for integrating security and risk management throughout the web application software development lifecycle.
Securing...
End downtime forever! - Organizations today are relying more and more on Web services for the implementation of mission-critical applications. With the advent of Service-Oriented Architectures (SOAs),which make extensive use of the core Hypertext Transfer Protocol (HTTP) and the Secure...
Cloud computing promises to provide vast computing power, reliable off-site data storage, wide availability, all at lower maintenance and investment costs. But recent cloud computing mishaps have underscored the need for consistent and thorough security policies implemented in the design...
"Does your organization still use FTP software? Did you know these links require 3 to 4 times more time and effort to build and maintain versus SOA-based Application Integration projects?
Read this whitepaper to find out how the IBM WebSphere®...
Learn how to boost your team's productivity and collaboration with the Microsoft® Business Productivity Online Suite (BPOS). With instant messaging, email, video conferencing, shared calendars, and one central place on the web to store and share documents, your team will...
Learn about fully hosted productivity tools in the cloud with Microsoft® Business Productivity Online Suite (BPOS). With real time communication and collaboration tools, including, instant messaging, email, video conferencing, shared calendars, and SharePoint, BPOS is one suite that gets everyone...
Watch this new program and learn why you need strong application security testing tools, what these tools need to include, and where to turn to find the right solution for your needs. Application Security Testing Tools - Is Your Security...
Join industry experts from featured analyst firm, Gartner, Inc., and opinion leaders from SonicWALL, Inc., as they help you make the right call on telecommuting. Corporate Culture, Human Capital, Interviews, Job Search, Mobile - Wireless Communications, Remote Access -...
Server virtualization is one of the most significant technology trends in IT environments today, and a key enabler of the next generation virtualized data center. Server virtualization relies on hypervisors to provide the abstraction layer between the operating systems and...
Migrating to Microsoft Windows 7 can be an intimidating task. Want to take advantage of how Windows 7 will help make users productive anywhere with enhanced security and control, but how do to implement an efficient, cost-effective migration that doesn't...
Interest in cloud computing has witnessed a significant surge in the past few years. The basic tenet of this concept entails the reduction of in-house data centers and the delegation of a portion or all of the Information Technology infrastructure...
Stork Craft Manufacturing Inc. is an industry leader in the design, manufacture and distribution of juvenile furniture products through its brands Stork Craft Furniture, Ragazzi Fine Furniture, Status Commercial Furniture and Canwood Furniture, which are sold in North America through...
Digital capture and storage make information easily retrievable and useful, but don't necessarily enable enterprise-wide efficiency. Data housed in Customer Relationship Management (CRM) software, accounting, human resources, and other applications has limited value if it's not reused efficiently everywhere it's...
More whitepapers related to 'Security' »
