Conferences

Are you prepared? Mobility opens doors to new wave of cyber attacks

Fields marked with an * are required

Subscribe to our newsletter

James-SankarSecurity on the Move was the subject of a recent AusCert workshop. AARNet’s Director, Enterprise Services, James Sankar was there and reports on the highlights:

Bring Your Own Device (Android) and Social Media (to trawl and impersonate identities for ID theft and to spread malware by URL links) are key threats facing a more complex, diverse and mobile computing environment.

 Processes for data breach notifications

Mandatory breach legislation has been delayed until after the election but companies should prepare processes today – http://www.oaic.gov.au/privacy/privacy-resources/privacy-guides/data-breach-notification-a-guide-to-handling-personal-information-security-breaches

 Some of the latest cyber threats
  • Ransomware is on the rise – attackers gain unauthorized access, encrypt data and freeze business processes and operations until a ransom has been paid.
  • Unauthorised access can occur where key staff or key suppliers and partners are targeted.
  • Secure deal rooms are emerging as attackers want access to data that could either influence deals or seek financial gain by accessing inside information that could affect share prices.
  • Open Source bot.net kits that can find and exploit vulnerable devices are cheap and customizable. Access to a robust network and security devices alongside regular security reviews can help but may not prevent attack such as zero day attacks.

  IT Security teams need to act as educators for business
  • IT security teams should inform on security options, help identify risks and impacts and assist with solutions to help drive online business
  • security should be based on the Pareto 80/20 rule – prioritise investment in 80% of potential threat areas and attack vectors, it’s too costly to aim for 100% and better to note the risk and design with the expectation that you will incur a security breach with clear processes in how to deal with that.
Securing Domain Name Services

Nomium and Sophos announced a partnership designed to secure Domain Name Services (DNS) by adding Sophos threat detection to the DNS so that phished URLs can be detected and blocked.  This simple deployment offers a step check which involves a common query to access a website or content.

Further research into the global supply chain, from components to device manufacturers may be a next step to addressing these threats as built vulnerabilities.

AusCert is working with AARNet to develop new services to help the research and educational sector better prepare for the future, for more details please contact James Sankar at AARNet (consulting@aarnet.edu.au).

 

 


Related Stories

Conferences

Mar 28, 2017

AARNet attends Science Meets Parliament 2017

Three AARNet staff members were among around 200 members of the scientific community attending this year's annual Science Meets Parliament event (SmP2017) in Canberra on 21 and 22 March. The two-day gathering is hosted by peak body Science & Technology Australia (STA) and included a day of professional development, a...

Conferences / eResearch / GLAMs

Sep 16, 2016

Registrations are open for AARNet GLAMs workshop

Enabling Data Flow between HASS and GLAMs Workshop When: Friday 14 October Where: Pullman - Albert Park, Melbourne AARNet Presenters: Ingrid Mason. Deployment strategist (eResearch), Chris Myers. Solutions consultant (architecture and applications), Hilary Goodson. Strategic engagement (customer relations), Guido Aben. Director (eResearch) . We're holding a half-day Workshop will be held at the eResearch Australasia Conference...

Conferences / eResearch / Network

Sep 13, 2016

Registrations are now open for Science DMZ workshop

Registrations are now open for AARNet's Science DMZ workshop When: 10 October 2016, 9.30am to 4.30pm Where: Pullman - Albert Park, Melbourne Presenter: Chris Myers - Solutions consultant (architecture and applications) for AARNet. This is a pre-conference workshop for the eResearch Australasia Conference , on 10-14 October 2016. The workshop will give attendees an overview...