Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: cyber-security

Goodbye, wallet: why your phone is the cashless future

Cyber Security

Posted on February 1, 2018

3 min read

Telstra security operations specialist Darren Pauli has spent nearly a year with his smartphone replacing a wallet – securely making payments for everyday items and services. There are some guidelines you should keep in mind if you’re considering doing the same.

My wallet is history. I carry my phone instead.

How often do you use your Medicare card? How often do you pull out your driver’s licence? If you’re like me, the answer is rarely.

It was some time in March of last year that I acted on this realisation and threw my wallet in the bin – opting instead to carry only my phone.

That digital device – these days much more of a computer than just a phone – is my credit card, driver’s licence, and the link to my entire digital life.

With it, I can buy coffee by tapping it at point-of-sale machines (using Android Pay or Apple Pay), and I can securely access all of my important data and essential digital services with a few taps of apps.

The reason behind my switch from wallet to phone was simple: modern mobiles are faster and more user-friendly than ever, and security technology is now both reliable and easy to use.

This confluence of technology meant that, for me, the wallet’s 400-year reign as a mandatory hip accessory was over.

Replacing your wallet with your phone isn’t without risks. Keeping a scan of my driver’s licence and other documents in the cloud may be not be enough to keep some security pros happy, but the checks I employ are a big improvement on those the average person uses.

The two essentials

Firstly, your mobile and your bank must support near field communication (NFC) payments. This is required to make contactless payments.

Almost all Android phones include NFC, and most modern Apple devices have technology for Apple Pay built in (a full list can be found here).

Secondly, you must acquaint yourself with a security-driven mindset. Sometimes called operational security, this mindset is used to safely navigate technology through competence and confidence, not fear.

You can start now by setting a unique password for your bank account. Change your email account password next week.

Think of operational security (opsec) as the measure of your security awareness in the world of technology. You win points for knowing how to spot phishing, and for making up a fake birthday and home address for Facebook and other websites.

In short, you become more security-savvy the more you think like an attacker and build roadblocks to frustrate your opponent.

In 2018 this is a necessary skill: You cannot force your favourite online chat forum to use better security that’s harder to hack, but you can change your forum password to something unique or disposable. You can keep your real information out of your forum profile.

And doing this means hackers who break into that forum will not be able to use your password to get into your emails, or use your real name, birthdate, and address to help open a bank account.

In bite-sized chunks, strong, painless mobile security is possible. And maybe even a future of lighter pockets.

This is part one of a two-part series on smartphone and password cyber security. The second part will cover in-depth security tips for using your phone as a mobile wallet.

New TAFE cyber security training courses will grow high-tech skills

Cyber Security

Posted on January 25, 2018

2 min read

People are a critical part of the cyber security equation, and today marks the launch of new training options for individuals looking to train or upskill in cyber security.

We’re proud to support Australia’s first national skills-based cyber security Certificate and Diploma level qualifications to be delivered by TAFEs across the country.

As Australia’s leading telecommunications and technology company, we understand that the internet and connectivity are fundamental to the lives of all Australians and the ongoing prosperity of our economy – and strong cyber security capabilities to protect this connectivity are critical.

These new training options are a welcome step in upskilling professionals and broadening the base of cyber security-skilled individuals, so organisations large and small can harness the potential the internet provides and help organisations manage the business critical risk of cyber security.

We have been a proud contributor to the development of the cyber security Certificate and Diploma-level qualifications offered by TAFE institutions around Australia. We recognise the need to upskill professionals, and equip a larger number of individuals across organisations both large and small with cyber security knowledge.

We’ll also actively recruit graduates from these qualifications into our Cyber Security team, whose mission is to protect the privacy and security of our customer and corporate data and network. We’re always on the lookout for curious people who love security, and these new training options grow the pipeline of skilled and educated cyber security professionals.

The Certificate IV in Cyber Security 22334VIC and Advanced Diploma of Cyber Security 22445VIC courses are practical, non-degree courses. They are available for enrolment at Box Hill Institute (VIC), Canberra Institute of Technology (ACT), TAFE NSW, TAFE QLD, TAFE WA (SMT & NMT), and TAFE SA from 2018.

TasTAFE and Charles Darwin University (NT) are committed to providing cyber security training, and will work closely with industry in their respective jurisdictions to plan implementation of these programs in 2018, in line with other states and territories.

Find out more about the courses here.

Opening our new Security Operations Centres – 360 video

Cyber Security

Posted on August 24, 2017

2 min read

Today, we officially open the doors to our newest Security Operation Centre in Sydney, where we will offer our Enterprise and Government customers with a more agile, intelligent and collaborative approach to cyber security. This is essential. At a time when we are seeing an unprecedented rate of cyber-crime in business, it has never been more important to understand and manage cyber risk, for ourselves, and for our customers.

Our state of the art Security Operations Centres provide 24/7, 365 priority access to our highly-skilled cyber security specialists. Our customers can not only see what we see, they can come in and work with us, learn with us, and influence how we develop our security products. Underpinning all of these activities is a powerful open source Managed Security Services platform that lets us tap into global innovation.

As Australia’s largest telecommunications provider, we have an obligation to deliver these kinds of services to market. But, we know we cannot do this alone. In the wake of recent ransomware attacks globally, we believe that no one organisation can tackle the cyber conversation.  Cyber security is a team sport and requires the collaboration of government, regulators, businesses and the community to develop solutions that help build resilience, cyber security and cyber safety for our people.

The Government has set the agenda with a cyber security strategy which we fully support. Now, our role is to help turn this intent into action by providing our customers with the products and services that will deliver a more secure operating environment for all Australians.

We’re excited to open the doors to our Sydney SOC, with Melbourne opening later this month, and an intention to launch globally in 2018.

Below you can watch a 360 tour of the SOC.

If you are having problems viewing this video watch it directly on Facebook here.

Fraudulent porting of mobile numbers

Tech and Innovation Cyber Security

Posted on June 21, 2017

2 min read

You may have seen reports in the media about consumers having their mobile phone numbers ported to other mobile providers by fraudsters.

We take customer privacy seriously and we are continually reviewing our processes to ensure we are doing all we can to protect customers from this type of malicious activity.

When a customer contacts us to ask for their number to be ported to our network, we require a number of key pieces of account and personal information in order to submit the port request to their current network provider in compliance with industry standards. When a customer wishes to port to another provider, that new provider likewise needs to obtain the same information to send through the request.

Steps you can take to protect your personal information

The rapid uptake of new technologies and increased connectivity provides society many advantages, but also opens new avenues for crime and fraud.

For this reason we strongly recommend customers protect their personal information by:

  1. Contacting us right away if they receive information about their account that doesn’t seem right so we can investigate.
  2. Using strong privacy settings on social media sites to limit the information they share.
  3. Using a spam filter to help block unsolicited and unwanted email.
  4. Ensuring they have a strong password online and separate passwords for every account.
  5. If they’re not sure that the person on the other end of the phone is legitimate, then they should hang up and call the organisation by using their official contact details.
  6. Refraining from sharing personal, credit card or banking details over the phone, unless they have made the call and the phone number came from a trusted source.
  7. Making sure their computer is protected with regularly updated anti-virus software.
  8. Being wary of unsolicited requests for sensitive information
  9. Never responding to requests for personal information in an unexpected email or pop-up window.
  10. If in doubt, always contact the company that claims to be the sender of the email or pop-up window, using their official contact details.

Further information on staying safe online can be found here:

Let’s bring it back to basics with Cyber Security

Tech and Innovation Cyber Security

Posted on June 5, 2017

3 min read

The recent cybercrimes that have affected more than 230,000 businesses in 150 countries has been a wake-up call to the gravity and impact of cyber-crime on an international scale, with banks, hospitals and government agencies grinding to a halt.

One of the biggest reminders that came through in the wake of these events is that the most effective protection against cyber-crime is basic IT hygiene. Everyone from big to small business, to government, and individuals on their PCs at home need to be aware of the simple steps they can take to protect themselves against the attempts that threaten our cyber security.

Our recent Telstra Cyber Security whitepaper shows that more than half of Australian organisations surveyed detect a security breach on a monthly basis, twice as much as detected in 2015. We are a likely cyber-criminal target due to our economic growth combined with high adoption of technology compared to other countries in the region.

While the threat of cyber-crime continues to increase, education and awareness of cyber security remains low. As the report indicates, organisations believe that the main threat is cloud based services, however phishing via email and threats from malware have a higher threat level. What’s even more alarming is that less than half of companies report that they are not ready to handle these threats.

Raising awareness about cyber security is a critical first step, and organisations need to audit their internal systems and train teams to prepare and manage appropriately for any potential cyber-crime. The fundamental steps organisations can take to tackle this issue is through patching and network hardening. Together, patching and network hardening can help to monitor and update IT systems that are not running the latest operating system, and work to reduce security weaknesses that may be exploited by internal or external attackers.

On an educational front, organisations should invest time to run cyber security awareness training. This ensures that cyber security becomes a key focus for all employees and not just the IT team. The good news is that C-suite involvement in cyber security has steadily increased. As the report suggests, two out of three senior executives have a high or very high involvement in their cyber security initiatives in Australia and Asia.

The fight against cyber-crime is bigger than any organisation. We have to look at it like a team sport, which relies on governments, businesses, and communities, working together to ensure our consumers are protected, and our organisations are built to manage cyber-crime. If we want to mitigate the unknown threats facing us in the future IT environment and create a safer cyber world, then we need to work collectively to improve cyber security through basic IT hygiene, and increasing awareness for employees and consumers.