APRA releases “guidance on the management of security risk in information and information technology “

Posted on February 5th, 2010 by Drazen Drazic

APRA has released what they dub as a “prudential practice guide” – “on the management of security risk in information and information technology (IT) by institutions supervised by APRA”. Press release and document here.

It will be interesting to see how the “guideline” adoption will go. Similar to the Monetary Authority of Singapore’s “Internet Banking and Technology Risk Management Guidelines“, but a decade behind, and packing what seems to be no real regulatory push nor enforcement like that in Singapore.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Risk Management, governance | 2 Comments »

Big Best Congrats to iiNet……..

Posted on February 4th, 2010 by Drazen Drazic

Made my day when I heard iiNet won their case against the Film Industry! Here reported by itnews. Awesome. Hoping some common sense will prevail and workable collaborative efforts can happen now. Well done iiNet.

Some of our previous posts on this topic…worth a read:
http://beastorbuddha.com/?s=iinet

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Dumb Security, Internet Filtering, WTF | No Comments »

Securus Global about to get an ACS Member…no joke. :)

Posted on February 2nd, 2010 by Drazen Drazic

Amazingly, one of our own…a Securus Global person is about to become a member, (we hope…..) of the Australian Computer Society.

“We hope”..because that is the only way he can work as an IT person in Australia and get his visa approved. (I hope this post does not delay him). With all the posts here regarding the ACS, I never clicked that a new “Australian” IT person, MUST ALSO, become a member of the ACS, as part of visa acceptance. (My fault…I just did not assume that that stupidity would extend to mandatory “membership”).

So now, we will have a member of the ACS as part of Securus Global……if they accept his credentials to be good enough to work here with us. Who knows, we may learn some things.

Phil Argy, who I find a good bloke to chat with and who, to his credit, will respond here, will probably/hopefully present a case as to why all new Australians must become a member of the ACS….but I cannot see it ACS myself and you know me Phil.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Uncategorized | 47 Comments »

Internet Censorship – Taking the Power Back (REPOST)

Posted on January 30th, 2010 by Drazen Drazic

This video was put together by Donal and Wade at the recent RSA Conference in San Francisco (April 2009).

Dan Kaminsky, Pete Lindstrom and Marcus Ranum put forward their thoughts on Australia’s plan to censor the Internet. Dan talks about many of the issues that Securus Global’s Matthew Strahan talked about in his interview with ban.this.url. Surprising that these concerns have barely rated a mention here. Marcus certainly adds some interesting analogies and angles to the whole debate.

Related Posts on Internet Filtering. Thanks to Donal and Wade for representing BorB at the Blogger Meetup at the conference.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 1 Comment »