Tag Archive for: boss

Former ASIO boss warns on energy sector cyber


Energy experts and a former ASIO chief have warned that Australia’s critical energy infrastructure was growing in complexity and vulnerability to cyber-attacks, but a commensurate uplift in resilience has not occurred.

Former ASIO director general and current chair of the Foreign Investment Review Board David Irvine said energy was one of many Australian sectors lacking sufficient cyber resilience, and that most local organisations are not “caring enough” about the new “tool of warfare”.

Progress is being made but not quickly enough, and Australia is vulnerable to sophisticated cyber attacks, Mr Irvine told an Australia Israel Chamber of Commerce Business lunch on Friday.

“Nation states are busily working on what we call hybrid warfare; the ability, without actually shooting people, to bring opposing states to their knees.”

Former ASIO director general and current chair of the Foreign Investment Review Board David Irvine

Russia has already deployed hybrid warfare against several countries in Europe, and the tactic now poses a serious threat to Australia, according to the former ASIO boss.

“This is now a threat that is on our horizon, and we really need to work hard because, as I keep saying, the wars of the 21st century are going to be fought in cyberspace before a kinetic shot is fired.”

Those same cyber warfare tools are also increasingly popular weapons for criminal attackers, Mr Irvine said, but Australian industry and governments have been slow to prepare for attacks and how they will respond.

“As a nation, we have to have responses,” he said.  “And we have been, as a nation, very slow to come to the understanding of those needs for responses.”

Mr Irvine said boards now understand the threat of cyber-attacks, much more than they did in 2009 when he worked as ASIO chief, but most are still “grappling” with how to handle an attack.

Governments, too, have improved their cyber posture but more needs to be done, according to Mr Irvine, who is also a non-executive director of the Cyber Security Cooperative Research Centre.

He said the Department of Home Affairs’ Critical Infrastructure Centre had asked the Foreign Investment…

Source…

Do app sec like a boss: The top 25 pros to follow


Attacks on the application layer can be the hardest to defend against. User input scenarios for your apps can be difficult to identify with intrusion detection signatures. On top of that, the layer is the most accessible and exposed to the Internet. It’s a recipe for trouble.

That’s why application security soldiers need to stay on top of what’s happening in their field. Here’s our updated list of 25 top pros whose Twitter feeds can help anyone who is interested in keeping their applications safe and their company more resilient.

Katy Anton

Lead security architect, JPMorgan Chase & Co.

@KatyAnton

Anton works with software architects, software developers, and security teams around the world and advises them about securing their software. She’s also one of the leaders on the OWASP Top Ten Proactive Controls Project and an international speaker on topics related to application security at both developer and security conferences.

Kurt Baumgartner

Principal security researcher, Kaspersky Lab’s Global Research and Analysis Team

@k_sec

Baumgartner monitors malware across the Americas. His specialties include reversing and analyzing known and unknown malware and identifying unique behaviors and static characteristics. In addition to tweeting, he blogs.

Michael Coates

Co-founder and CEO, Altitude Networks

@_mwc

In addition to his day job, Coates is an advisory board member of the Millennium Alliance, a networking and education group made up of industry leaders and visionaries. He is also the former head of security at Mozilla and Twitter, as well as a past chairman of the global board of directors at OWASP.

Josh Corman

Senior adviser and visiting researcher, the Cybersecurity and Infrastructure Security Agency

@joshcorman

Corman co-founded I Am The Cavalry, a global grass-roots organization. It’s focused on the intersection of computer security, public safety, and human life, concentrating on medical devices, automobiles, home electronics, and public infrastructure.

Dan Cornell

CTO, the Denim Group

@danielcornell

Cornell is a globally recognized expert in application security. He leads the team at the Denim Group that helps Fortune…

Source…

When your every keystroke, mouse click, and website visit is monitored by your boss…

Shibu Philip has done a great service. Now everyone knows to steer well clear of working for him or his company Transcend.
Graham Cluley