Talking cybersecurity on ABC Radio National Breakfast

Actually, this message about cybersecurity being a serious emerging theme for 2012 seems to be getting more mainstream coverage than I thought it would. I was part of a cybersecurity panel discussion that was broadcast on ABC Radio National’s Breakfast this morning.

Also taking part were Richard Stiennon, chief research analyst at IT-Harvest in Detroit (I spoke with him about Anonymous and Stratfor on this week’s Patch Monday podcast), and Sean Kopelke, director of security and compliance solutions at Symantec Australia. The host was Jonathan Green, who is usually editor of ABC The Drum.

Over at the ABC’s website you can find the program audio and (perhaps, eventually) transcript. But I’m also including the audio below, just in case their systems fail.

This audio is ©2012 Australian Broadcasting Corporation, of course. Even though we don’t get paid.

Weekly Wrap 69: Teeth and little productivity

A weekly summary of what I’ve been doing elsewhere on the internets — and a remarkably unproductive week it was. I’m even posting this summary late!

In part that’s because the Tooth and Shoulder Situation lingered, but also because I reacted poorly to some negative comments on some of my writing. I’ll write more about that soon.

Podcasts

  • Patch Monday episode 107, “Cyberwar: back to basics”. A conversation with Nigel Phair, a director of the Centre for Internet Safety at the University of Canberra.

Articles

Media Appearances

Corporate Largesse

  • On Tuesday I had lunch at Wildfire Restaurant, Circular Quay, courtesy of Bass PR. The event was a security roundtable presented by some of their clients, including Websense, WatchGuard and VMinformer, and analysts Frost & Sullivan. I’ll write something about this in due course.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.

[Photo: My first beer after nearly three weeks of illness and heavy-duty antibiotics. Much deserved. It’s a Coopers Pale Ale at The Grand View Hotel, Wentworth Falls. This event actually happened the previous week, but I’m slow.]

No Canberra for cyberwar after all

As it happens, I didn’t end up going to the 2nd National Cyber Warfare Conference in Canberra this week. The conference sessions weren’t open to the media, and I decided that it wasn’t worth the trip if we’d have to rely on second-hand information.

That said, we did manage to get a recording of the over-dinner speech by David Irvine, the director-general of Australian Security Intelligence Organisation, which Liam Tung turned into the story “Insidious” cyber chaos too fast for ASIO. It also served as part of the inspiration for my story Yet another free pass for Aussie spooks.

Who wants to go to Canberra anyway?

However SC Magazine did send Darren Pauli and John Hilvert, and their stories were:

Covering the 2nd National Cyber Warfare Conference

As soon as I arrive back from my trip to Kuala Lumpur on 13 September, I’m off to Canberra for the 2nd National Cyber Warfare Conference on 14 and 15 September. No I won’t be. See the comments.

I’m covering it for CSO Online, and for the moment I’m assuming that’ll be in the form of written material. I’d also like to cover it for the Patch Monday podcast, but I don’t think that’ll be possible due to the contractual arrangements.

The event itself runs for a day and a half. An afternoon of presentations followed by a day of roundtable discussions. I’m looking forward to it.

If there’s anything else happening in Canberra either side of this event, please let me know so I can plan to attend,

Patch Monday: Cybersecurity: past, present and future

Last week I had the very great pleasure of interviewing Dr Paul Nielsen, director and chief executive officer of the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU) in Pittsburg. This week’s Patch Monday podcast is that entire interview.

SEI is the parent organisation of CERT, the original computer emergency response team set up with US Department of Defense funding after the Morris Worm scared the bejesus out of everyone.

Before joining SEI, Dr Nielsen had a 32-year career in the military, reaching the rank of Major General. For a time he commanded the US Air Force Research Laboratory at Wright-Patterson Air Force Base, where he managed an annual research and development budget of more than US$3 billion. We got on rather well.

For Patch Monday we talked about everything from worms and hacking to password management, the problems that local police face when prosecuting online crime, why Apple has so far had a better security experience than Android and dealing with security issues when the internet is populated with so many different kinds of devices.

We even talked about the evolution of hacking, and I’ve pulled out that part of the conversation for a story at CSO Online, LulzSec, WikiLeaks, Murdoch: hacking’s fourth wave.

You can listen below. But it’s probably better for my stats if you listen at ZDNet Australia or subscribe to the RSS feed or subscribe in iTunes.

Please let me know what you think. Comments below. We accept audio comments too. Either Skype to stilgherrian or phone Sydney +61 2 8011 3733.

Wanted: Your infosec war stories, anonymity preserved

Information security has an image problem, I reckon. No-one apart from the infosec geeks themselves know what’s really involved in hacking or fighting hackers. So the public thinks it’s all like the bullshit in movies.

Like Hugh Jackman creating a virus in Swordfish, pictured.

Does anyone remember the episode of Spooks where the office lights went out when the hacker breached the firewall?

Let’s fix that.

Let’s hear more about the real war stories. OK, everything has always gotta be so goddam SEKRIT! No-one wants to admit to an embarrassing problem. But I reckon we can tell some of these stories while leaving out the identifying details.

We don’t need to reveal which bank nearly had its data centre pwned by a 14-year-old Ukrainian, nor which vendor’s product provided the bloody great hole he came through. But we can certainly talk about the processes, the time pressures and the paranoia.

This week I’ve started writing for a certain as-yet-undisclosed masthead. I reckon we could do regular stories from the front line of cybersecurity. I’ve been told to go for it. And I reckon it’d be fun to write in a stronger narrative style for a change.

If you are, or know of, someone that I should meet for a few drinks in a quiet place while I take notes, please contact me.