Securus Global about to get an ACS Member…no joke. :)
February 2, 2010

Amazingly, one of our own…a Securus Global person is about to become a member, (we hope…..) of the Australian Computer Society.

“We hope”..because that is the only way he can work as an IT person in Australia and get his visa approved. (I hope this post does not delay him). With all the posts here regarding the ACS, I never clicked that a new “Australian” IT person, MUST ALSO, become a member of the ACS, as part of visa acceptance. (My fault…I just did not assume that that stupidity would extend to mandatory “membership”).

So now, we will have a member of the ACS as part of Securus Global……if they accept his credentials to be good enough to work here with us. Who knows, we may learn some things. :)

Phil Argy, who I find a good bloke to chat with and who, to his credit, will respond here, will probably/hopefully present a case as to why all new Australians must become a member of the ACS….but I cannot see it ACS myself and you know me Phil.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Comments (118)
Posted in: Uncategorized


"The Great Australian Internet Blackout" Information
January 29, 2010

Run by Electronic Frontiers Australia (EFA), “The Great Australian Internet Blackout” is on.

Some background on this from our perspective can be found here. This is important.

We’ve been against this Government “initiative” from the outset. It is flawed on so many levels, so please, have a read and pass this information onto your colleagues, family and friends, if you haven’t already.

We need critical thinkers to push this information out into the broader community who may not understand the real issues outside of the Government spin on it. We need to wake up our fellow Australians!

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Comments (2)
Posted in: Uncategorized


Wrapping it up for another year….
December 24, 2009

Hey All,

Wrapping another year. No special 2010 predictions or year round-up. You can probably skip to the ones I did for previous years and just change the date to 2009/2010. Should be pretty accurate. :)

A few new Aussie Bloggers added to the mix in 2009: http://beastorbuddha.com/blog-directory/ and there’s quite a few guest bloggers lined up for 2010 for Beast or Buddha. Let me know if you are keen to submit something for publication here also – we’re always looking for new content.

Some big things happening with Securus Global also in 2010. Stay tuned for our press releases. Thanks to all our customers and business partners who have supported us this year.

Thanks to everyone who stops by here to read my rants, to check out the job postings in Beast Hot Jobs or posts in the Forums. I hope you all have a great 2010.

All the Best
DD

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Comments (0)
Posted in: Uncategorized


Internet "Filtering" Trial and Report – Flawed
December 15, 2009

Reading through the ISP Filtering Live Report(s) – still wondering what this proves. Is anyone surprised by the findings? I’d have been surprised if it was much different. Now to base a full blown strategy (flawed in concept according to many from the outset) on a test/trial whose scope is ridiculously inadequate to represent real-life implementation. It would laughable if the impacts upon us of this progressing weren’t potentially so serious. Where to start? What hasn’t been said before? Refer here:
http://beastorbuddha.com/category/internet-filtering/

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Comments (8)
Posted in: Bad Stuff, Dumb Security, Internet Filtering, Uncategorized, WTF


Wondering why this post gets the most hits….
October 29, 2009

It’s interested me for a while, why this particular post “Journalising, Journalism and Blogging…Restrictions on Posting” continually gets the most hits regardless of new posts. If you’re hitting this post for a reason, I’d be keen to know.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Comments (2)
Posted in: Uncategorized


Drowning in Information Security Conferences……
October 20, 2009

I remember years ago (many I suppose), the Information Security conference calendar was quite empty. You’d struggle to get anything at times and options were to wait a long time or head off overseas on a junket.

How things have changed. It seems there’s some sort of conference or seminar held daily or at least weekly. Most aren’t worth the time and effort. They’re either a vendor driven marketing day, (hey, if you’re into that vendor and a free lunch, go for it), or a conference created by non-industry people to make a buck (riding on the coat tails of hot topics of the day). The latter really gets my goat most times. They’re nothing more than random topics within the larger “hot” topic, random speakers (whether of any note or not), in and out, and pay your 3K. You know the ones – the marketing looks great, they look like they are doing the industry a service, but you walk out of there deflated and thinking you’ve been stung.

On the flip side, we are blessed with some great events and people should really get behind these and support them. They’re the ones usually run by industry people for the industry.

I’d be keen to hear about some conferences you’ve been to, and your thoughts on them. I am sure others would appreciate the tips also.

Comments (5)
Posted in: Uncategorized


Random Links and Rants…….
September 23, 2009

- I know this is an old one and has also been covered here in the Forums, but gees it’s worth another look and laugh; “Queensland Police plans wardriving mission“. ROFL at; “Detective Superintendent Brian Hay of the Queensland Police, who today was honoured by security vendor McAfee with an “International Cybercrime Fighter Award”. I need to get one of those. How do I apply McAfee? Gees, what can you say? ICFA for short? :)

- Thanks to Matthew Hackling for highlighting this link to APRA’s site and discussion paper on “Management of IT Security Risk“. Now this is interesting. Firstly, it seems to be pretty closely based on the Monetary Authority of Singapore (MAS) “Internet Banking and Technology Risk Management Guidelines“. Not a bad thing! Just 8 or 9 years behind the game in terms of Asia Pacific regulators APRA. (But hey, we already knew that). Wondering how they plan to enforce any of this or is it just a project to make them look like they’re on top of their game? Did I mention 8 or 9 years behind other regulators in Asia? Ah yes, I did. Who needs regulation in the Banking sector anyway?

- I’ve got an article posted at Tek-Tips; “Overcomplicating Information Security and Risk Management“. Keen on your thoughts and thanks to the guys on Twitter who’ve already sent through their comments.

- I’ll be reviewing the CFP responses for the Lightning Presentation session for the upcoming AISA National Annual Seminar Day on the 3rd of December, 2009. If you’ve done some really cool stuff or want to share some really interesting information about something in our industry (but don’t want to talk for 40 minutes), please send through your presentation overview.

Comments (10)
Posted in: Uncategorized


Decision Making Processes – Selective Formulas and Approaches…..Not Really?!
September 1, 2009

Lets cut to the chase and get rid of the waffle and sales talk, and the plethora of client marketing and sales methodologies. (And, I have seen a heap of them). Remove technical superiority, cost-effectiveness and best ROI (whether that be financial and/or business improvements)….oh and I forgot, “security” itself. In the majority of cases, these are irrelevant in most sales opportunities. i.e; The best does not win out in the majority of cases.

Final decisions in most cases are not based on deep analysis to determine the best solution, service or product. They’re not in most cases based upon expert advice/opinion, and certainly less so in a democratic way…..though we know the latter also doesn’t produce the best outcome. (Critical thinking within more than 50% of the population involved aside).

Business in the majority of cases is won 2 ways: (1) Sell the easiest option that provides the decision maker with backside coverage in the event of solution, service or product not working. ie; the old IBM story, Big 4, Cisco etc; (2) Through relationships and friendships – looking after your mates. Forget comparing “apples with apples”…… don’t blame a lack of technical expertise of the decision maker on why you didn’t win the business. Look to (1) and (2) and position yourself there if you want to be competitive.

The best solutions, services and products overall if not falling within either of these categories battle for the crumbs left. It’s a large reason that the Information Security industry hasn’t really progressed far in the last 10 years.

I know this is not new to many but keen on your thoughts, flames and war stories (but leave the names out). Just brain dumping. :)

Comments (9)
Posted in: Uncategorized


Memories of 2005……not an IT Security topic…..
August 16, 2009

My Rugby League team, the West Tigers, had been having a pretty ordinary year until about 6 weeks ago. They’re now 6-0 in the last 6 weeks. I had no expectations before I went overseas….(not in the running for the finals), but it was great to come back and see they had won every game while I was away! (Yes, I am superstitious enough to believe that it was me being away….but today they won 56-10 so that’s BS!) :)

Now the point of this post:

(more…)

Comments (5)
Posted in: Too cool, Uncategorized


Random Links and Rants…….
May 8, 2009

- Great to see Qualys release a new “Laws of Vulnerabilities“. Waiting for a more detailed release which they tell me is coming that will have some context for those people who could not attend the presentation. I know full context is based upon just those that run VA to an extent but the data does makes for interesting analysis regardless.

- The Internet censorship video production by Donal and Wade, www.nodecity.com went global soon after the Beast or Buddha scoop (thanks guys). Check it out if you haven’t already.

- Small victory for iiNet in it’s current legal battle – reported here at ZDNet. Related posts here. Still wondering why iiNet is getting so little support from it’s fellow industry players. Weak!

- In Melbourne next week for business but also to do first round of interviews for Securus Global role. Penetration Testing expertise is key but just part of the criteria (yeah, for the benefit of Google that link….need to knock off a few in the order…LOL). More here.

- Nice to see a couple of our competitors merging. All the best with it guys. Awesome….one less competitor now! :) You’ll read about it…..

- Following @AISA_National, @Perth_AISA and @Melbourne_AISA now on Twitter.

- Seems to be award season at the moment with a few organisations running various industry awards. Good luck to those people and organisations nominated. Some truly deserve their awards and others, well…..somewhat related post here. Yeah, typical me. Have a great weekend all.

Comments (0)
Posted in: Uncategorized


« Newer PostsOlder Posts »