What’s in Issue 4, March/April 2018?
In Issue 4 and now into our second year, we are naturally stepping it up a notch with an increased blend of technical and assurance related articles . Starting with Elliot Dellys, Senior Security Adviser with HiVint, we’ll look at the details of the Meltdown and Spectre bugs, which in themselves serve as case studies in how to balance user experience with security.
Mark Jones of Dimension Data will look at how readers get the most out of the threat intelligence they are consuming, while Jason Magic at Missing Link digs into the details of Shockwave file analysis to show readers how to locate and eradicate SWF vulnerabilities. Security managers and consultants need to be versed in the details of these kinds of technical vulnerabilities, so they know how to put testing frameworks in place to locate ad eradicate these issues, so we’ll cover some of that to assist you in planning.
We will also hear from Annu Singh, returning to ACSM to look at Ethereum’s blockchain, while Wayne Tufek runs through ideas of how to protect your reputation following a data breach.
As we prepare for the security challenges of 2018, it is interesting to look back and consider what was collectively achieved in the past twelve months. The use of weaponised NSA exploits within WannaCry and NotPetya foreshadows a dark future, especially in the world of whistle-blowers and leaked government protected zero-days. These multifaceted, blended exploits now allow attackers with simple ransomware to jump inside organisations and move laterally, exponentially boosting their profits and catastrophically increasing the harm they can cause. The significant issue security teams face is that all microchips powering our computers are vulnerable to a number of inherent vulnerabilities.
The coming year promises a rollercoaster ride, with Mandatory Data Breach Notification impacting Australian business and then GDPR causing waves across the EU. Compliance will dominate discussions in the early part of the year, but the reality is we’ll have a variety of unknown, uncharted territory to cover by mid-year and by the end of 2018 we’ll look back and think whoa, what a ride. So stick with ACSM and we’ll remain contemporary, relevant and keep you informed on what’s important and what’s emerging in cyber.