Securus Global Update

Posted on September 5th, 2008 by Drazen Drazic

Well it’s been a while since I talked about Securus Global. I thought I would take a bit of time to post an update on what we’ve been up too.

Aside from the usual consulting work which has seen us have our biggest year to date – big thank you to all of our clients, we’ve continued on with the projects that we believe deliver the indirect benefits to our clients, help promote the industry in general and try to build awareness of Information Security.

- We’re about to start our Breakfast Brief sessions again. We’re planning the topics for the first few events at the moment, and hoping to fit in 3 sessions in Sydney and a couple in Melbourne (if possible) before the year ends….and depending upon demand, possibly elsewhere. In addition, this will kickstart again the Qualys User Group meetings that will take place after the presentations. I know many of you have been keen for this to restart. If you want to be added to the Qualys User Group mailing list, let me know through the contact form here.

Read on…..

- The security appliance/product evaluation testing which I alluded to here as becoming a core part of our business has been taking off quite well. Benefit for the vendors I suppose is no disclosure and more secure systems hopefully being put out into the market. On the other side, if you’re looking at deploying “security” systems, as I mentioned, don’t assume they’re secure – test them like you would anything else before putting them into your environment. Don’t take the risk of assuming that security devices are secure themselves!

- On the research front, we continue to be relatively active though we haven’t published much this year but that’ll change soon as we start writing up things. Aside from the stuff we’re doing with the security appliance and product vendors, we’re planning a few talks shortly to present the results of some of our work. Hopefully some of this will be ready for Ruxcon and most certainly for many of our Breakfast Briefs. Stay tuned. In addition, we’re hoping to formally announce a collaborative research project soon with a couple of Australian universities looking at the security implications for business in 3G and mobile networks in general. We’ve been in the planning stages of this one for a while.

- On universities, I’ve very much enjoyed being part of the Information Security course at the University of Southern Queensland. I was invited this semester to “sit-in” on the course and get involved directly with the program and students. It’s been good to be able to help and provide advise, guidance and assistance to students new to our industry. I hope they’ll have me back for the next semester also. One of the more enjoyable parts of my work lately!

- We’re waiting to hear feedback on our submission to the Australian Government e-Security Strategy program. Thank you to all the people who submitted their feedback on our paper to us. I believe our approach and scope of recommendations to be in-line with what the key issues are that we face in Australia.

- PCI DSS is still the biggest single issue across many of our clients. With release 1.2 of the standard, we’re already seeing quite a bit of activity though it’s still slower than what is happening in the US. I’ve covered a good deal of PCI stuff in the blog already.

- A big congratulations to Fatemah Beydoun who last night was elected into the role of Vice Chair of the Australian Information Security Association, (AISA).

It’s been a busy year. We’re opening up our North Queensland office soon and hoping to announce our plans for Melbourne later in the year. For more on Securus Global, visit our website and contact us if we can be of any assistance to you.