Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
In cyber security and online privacy, user awareness, education and training have long passed their used-by dates.
We have technological problems around identity security and mutual authentication that need technological fixes, yet governments and businesses are averse to investing in security and the long-standing policy fad is to educate users out of trouble. It’s a massive policy failure.
We see a policy fixation everywhere. The dominant philosophy in security is process-based. The international information security standard ISO 27001 is a management-system standard; it has almost nothing to say about security technology. Its focus is on documentation and audit box ticking. It’s intellectually a carbon copy of the ISO 9001 quality management standard, and we all know the limitations of that.
Registered users may log in here.
Login or Register now and get unlimited access.