Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: cyber-security

How to patch a human: our cyber security influence explained

Cyber Security Business tips

Posted on March 22, 2019

1 min read

Cyber security preparedness is built on three pillars: people, processes, and technology. While technology is a critical element of an effective cyber security program, alone it is not enough to protect against modern cyber threats.

It’s not only hackers, corporate spies, or disaffected staff who present a threat to organisations; in most cases, breaches are often unintended consequences to mistakes made by non-malicious, uninformed employees.

In the Office of the Australian Information Commissioner’s 1 July — 30 September 2018 and 1 October — 31 December 2018 reports, it listed human error as a major source (37 and 33 percent respectively) of reported breaches.

While the largest source of reported breaches (57 and 64 percent) was attributed to “malicious or criminal attack”, a significant proportion of these exploited vulnerabilities involving a human factor, such as tricking employees to click on a phishing email or to disclose their passwords.

These figures illustrate the fundamental role security awareness can play in an organisation’s cyber security defences, and how a strong security culture can act as a ‘force multiplier’.

Why AI is good for us, and good for business

Tech and Innovation

Posted on March 1, 2019

3 min read

Not a day goes by without a headline about artificial intelligence, or AI. Whether it’s another breakthrough in capability, a prediction about big economic changes, or even killer robots and impending doom – we are fascinated by what this technology may hold.

I am a technology optimist, and after decades of working with technology companies in Australia, Europe and the US, I can see huge potential in AI.

There are many types of work that AI might always struggle with, particularly where instinct, experience and inference matter most.

However, there is one area in which it can clearly make a huge difference – putting our overwhelming amounts of data to good use.

Data growth, AI and IoT

Look at almost any part of our economy – healthcare, transport, logistics, agriculture, education or engineering – and you’ll see that we measure, monitor, video and track more things than ever before. The boom in Internet of Things (IoT) means sensors and other low-power gadgets are being used in huge and increasing quantities. For instance, we can monitor the location, performance and the condition of drivers and cargo in every truck on our roads. Or monitor and manage precious natural resources like fresh drinking water.

This has created a tsunami of data and the volume will increase exponentially as technologies like 5G and cloud computing become commonplace. With more data than people know what to do with, AI’s enormous analytical capacity can deliver insights and help us make good decisions.

Why AI is good for us, and good for business

AI capability on a reliable network

But before AI can help, all this data needs to travel across a network from where it is collected to where it is analysed and acted on. And the larger, safer and more reliable and more capacity a network has, the better. Luckily, this is what Telstra is famous for. Our Narrowband-IoT network provides more than 3.5 million square kilometres of coverage for NBIoT sensors and devices. Our mobile network connects around 18 million phones, tables and other services. And our international subsea cable network stretches for more than 400,000 km, carrying about one-third of all internet traffic in the Asia Pacific region.

To make sure our networks can run smoothly, we constantly monitor its performance. This generates a huge amount of data – 151 terabytes each day, or at least a terabyte of data every 10 minutes! This volume of data will grow over time as more people and devices are connected.

Our Next Gen Operations Support System already parses, enriches and analyses this ocean of data to provide actionable intelligence and insight into the current health of the entire network. Our ambition is to create an even smarter network, one that can use AI to make decisions to avoid failures before they happen, self-heal in order to keep the network stable, and present people with the data visualisation and recommendations on the most complex and critical problems.

The challenge of our digital age is that we can see plenty of problems, and we are collecting an ocean of data about them, but human capacity alone cannot deliver the solution. In short, these are the perfect challenges for AI to help us solve.

4 technology projects our teams are working on this year

Telstra Careers 5G

Posted on February 4, 2019

3 min read

From launching 5G to creating new Internet of Things (IoT) experiences for our millions of customers, we continue to be at the forefront of technological advancements that are changing our industry.

This means 2019 is going to be another big year for all of our technology teams as they’ll be at the centre of this exciting journey.

So what are the biggest projects our teams will be working on this year? Here are the top four:

2019 is the year of 5G

5G will take us from a world of connecting people to each other and the internet to a world of ultra-fast mobile speeds and IoT on a mass scale.

Our people have already made some pretty huge advancements in this space, including turning on 5G in all major Australian cities, and opening our 5G Innovation Centre on the Gold Coast.

But this is only just the beginning of what we are hoping to achieve together. See how our teams are helping to turn 5G into a reality.

Creating new IoT experiences

Our talented tech teams are creating the future of IoT and this means in 2019 we’re going to continue to deliver new experiences to Australian families and businesses, so they can be better connected, protected and empowered.

Since launching our IoT network, our people have created the Telstra Locator and helped to transform the agriculture industry.

With over 50 million connected devices expected on our network over the next five years, this is just the start of new innovations that our people will deliver.

See how our people are bringing new IoT experiences to life and the skills we’re looking to hire in.

Using AI and Machine Learning

Customers are at the heart of everything we do, so we believe it’s important they can speak with us in a way that’s easiest and convenient for them.

That is why our teams will continue to use Artificial Intelligence and Machine Learning in innovative new ways, to help create amazing digital experiences.  Get a look into the work our people are doing.

Cyber security remains top of mind

With one of the largest cyber security teams in Australia, our hundreds of information security specialists will continue to play a big role in helping to keep Australia secure in 2019.

As an organisation, we’re committed to addressing cyber security threats, and continue to invest heavily to make sure our customers are supported.

We’ll continue to do this in a number of new ways including how we keep our code secure and help our people to keep up to date with latest cyber security trends.

Want to know what else we have planned for 2019?
Hear from our tech leaders.

The True Story of a killer identity thief

Cyber Security Consumer advice

Posted on November 28, 2018

5 min read

Mexico fell for Michael Finkel. The charismatic New York Times journalist, now raconteur, was on assignment covering Mayan mysticism in 2001. He held easy court with tourists and locals; Finkel’s pursuit of the dangerous and different had thrust him on the trail of black-market organ traders, reporting the tragedies of the Gaza Strip’s dying child soldiers, and travelling in the leaky hull of a Haitian boat that almost killed him and 40 refugees.

Janina Franke, an amateur photographer, fell hardest for Finkel. After a chance meeting they travelled south where she would score a massive career break snapping photos of Mayan ruins for Finkel’s piece in the Times.


Michael Finkel at the IAPP conference. Image: Darren Pauli, Telstra Exchange

Franke made it to the Mayan port city of Tulum, 130 kilometres south of Cancun, but she never got her break. She watched as Finkel, real name Christian Longo, was pulled out of a cabana by a swarm of armed police bearing a US federal arrest warrant.

Longo had co-opted the identity of the real Michael Finkel having fled Portland, Oregan, where he was wanted for the gruesome murder of his wife and three children.

“He (Longo) chatted with tourists in Mexico about stories he said he had written, quoted from them,” the real Finkel told us while in Melbourne for the IAPP privacy conference. “They all unquestionably believed he was Michael Finkel from the New York Times.”

According to those he charmed Longo was polite and intelligent, “totally cool”, with a good sense of humour. He scrawled notes, memorised articles, and gave budding writers a fake Times email address to make his possession of Finkel’s character total.

Finkel heard of Longo’s exploits from a local journalist and soon arranged to meet the murderer then, and now, incarcerated on death row in Oregon State Penitentiary (there is a moratorium on executions in that state).

He did not, as some identity theft victims do, feel assaulted by Longo’s co-opting of his identity. Longo did not steal Finkel’s passport, drain his bank account, or hack his social media. He just studied the journalist to a level of intimacy that he could become him. The co-opting of identity made the journalist curious.

Longo first wanted to prove Finkel was the real Finkel. In a twist of irony the journalist struggled to answer Longo’s 13-question identity quiz that drew on minutia contained in Finkel’s stories filed over years. “It was this existential conundrum,” Finkel says.

Identity crisis

Longo, now 43, always wanted to be a globe-trotting journalist writing stories on the weird and wonderful. In short, he always wanted to be Finkel. Instead he married at 19 years-old, had three children, and over years turned a failing business into a web of deceit that would ultimately drown his family in debt.

His hijacking of Finkel’s identity at a time when Finkel was out of a job quickly drew the writer to Oregon State Penitentiary’s visitor’s centre.

Finkel says he would not ordinarily be drawn to speak to a murderer. He pursues curiosity and complexity, not distasteful and often unidimensional killers.

But it was the duplicitous character of Longo – a Proteus who in one instance was a witty and highly intelligent (his IQ was measured at 130) man and at another a mendacious murderer – that appears to have kept Finkel glued to what became an intensely personal story spanning years.

“If Christian Longo was sitting right here, he’d be funny, he’d be witty,” Finkel says. “You would have no idea he did something so unimaginable.”

Finkel tells the story in the nonfiction book True Story, also a major film adaption by the same name. He tells how he scrutinised Longo’s initial claims of innocence, witnessed how the murderer disassociated with his fellow death row prisoners, of whom many were also murderers, telling Finkel in a letter that he was “surrounded by so much degeneracy and perversion”, and watched and even assisted Longo’s attempts at redemption.

His latter act of redemption was a push to allow prisoners to donate their organs during their incarceration and at their point of execution. Reforms did eventuate that allowed prisoners to donate.

Finkel, himself now a father, has cut ties with Longo, and is pursuing his next story: a master art thief who stole a billion euros worth of art.

“I’m genuinely interested in these people,” he says. “More than, say, CEOs and popstars.”

3 cyber security trends to look out for in 2019

Telstra Careers Cyber Security

Posted on November 5, 2018

4 min read

Did you know that at Telstra we have one of the largest teams of cyber security professionals in Australia?

We have more than 500 people working to fiercely protect the data of our customers and organisation. These people protect our extensive network by preventing issues and solving problems when they arise.

That’s why it’s important for us to keep up to date with information security trends to make sure we’re ahead of the curve. One way we do this is by attending industry events, which some of our team recently did when they went along to the OWASP AppSec Day 2018 – Australia’s only conference dedicated to application security.

So what insights did our people get? Here are the top three things:

Security + DevOps = DevSecOps

Yaso Addanki, Senior Security Architect

Increasingly, people are learning that cyber security is something they need to consider in their work. Take DevOps for example, Yaso describes how this area of work is increasingly asking how it can be more secure.

“A significant trend at the conference was the focus on cyber security in the DevOps world and the importance of the need to embed security in the CI / CD (Continuous Integration/Continuous Delivery) pipelines,” she said.

“The security challenges with Docker containers and agile methodology, and how iterative threat models can be used to combat some of the challenges that come with them, was also a major topic.

“Telstra is working proactively here – we’re incorporating DevSecOps practices into development communities across the organisation”

Our team at the OWASP AppSec Day 2018

Code needs to be secured as quickly as it’s written

Stefan Gigliotti, Enhanced Services Trainee, Secure Code

As more and more solutions are being made digitally, cyber security principles need to be applied throughout a project’s life-cycle. Stefan learned other teams are beginning to ask questions about security and data protection which is a very promising sign.

“As a whole, I saw a big emphasis on DevSecOps – enabling organisations to deploy code quickly, and securely in an iterative manner,” he said.

“Telstra’s Cyber Security team is already following this trend, with the recent introduction of a team in Cyber Security called “DevOps Security”, which is focused on how we can deliver security services and capability to DevOps teams.

“One initiative we’ve introduced is the concept of training a ‘security champion’ embedded in each feature team, allowing security to be a shared responsibility.”

“What I learnt was very helpful to my career because I am new to the Secure Code team, and fairly new to the AppSec space. The conference provided me a great platform to start my journey, and thrive in the Secure Code team here at Telstra.”

Cyber Security is everyone’s responsibility

Ben Ellett, Security Technologist-Specialist

Cyber security isn’t just the responsibility of the specialists who work to protect it, it is something we all need to consider. Ben was amazed to learn that this year’s AppSecDay wasn’t just for security specialists.

“One of the biggest surprises at the conference was when the keynote speaker asked the crowd how many people DID NOT work in information security. Approximately 50 per cent of the audience raised their hand,” he said.

“This showed me that cyber security extends past the people who specifically work in this function.

“That’s the case here at Telstra, where the Secure Code team within Cyber Security, works with other developers in the business to establish good secure coding practices.

“In terms of the next step in my career and to keep up with industry trends, I’ll endeavour to learn more about the development stacks that full time software developers use in order to learn the security pros and cons inherent to that software.”

Want to learn what a career at Telstra could look like? Check out our careers website.