Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The Defence Signals Directorate (DSD) has won a security award for setting security standards that are cheaper and more effective than those in place at US Government agencies.
It won the US National Cybersecurity Innovation Award from the SANS Institute for “ground-breaking innovation” in naming four basic security controls and 35 others that help mitigate breaches.
The four controls – application updating and patching; operating system patching; whitelisting, and strict account control – were derived from research into security intrusions in military and civilian IT systems.
While the controls were simple, the SANS Institute claimed they were more effective and cost a “tiny fraction” of those deployed in US cyber security programs.
Innovation by the Australian agencies "changes the game”, the institute said.
Vulnerability researchers Steve Mcleod and Chris Brookes led the DSD team initiative. They published a further 35 controls that would assist in breach mitigation.
The award for effective security management particularly acknowledged Defence secretary Dr Ian Watt for “extraordinary leadership” in advocating that all cabinet agencies implement the four “sweet spot” controls.
Low-to-medium intrusions were “no longer a significant problem” in agencies that had implemented the four controls.
The DSD beat 50 nominated and 14 shortlisted organisations.
The award recognises processes or technologies that have not previously been deployed effectively, significantly reduce IT security risk, could be scaled quickly and should be adopted widely.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.