Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: trends

3 cyber security trends to look out for in 2019

Telstra Careers Cyber Security

Posted on November 5, 2018

4 min read

Did you know that at Telstra we have one of the largest teams of cyber security professionals in Australia?

We have more than 500 people working to fiercely protect the data of our customers and organisation. These people protect our extensive network by preventing issues and solving problems when they arise.

That’s why it’s important for us to keep up to date with information security trends to make sure we’re ahead of the curve. One way we do this is by attending industry events, which some of our team recently did when they went along to the OWASP AppSec Day 2018 – Australia’s only conference dedicated to application security.

So what insights did our people get? Here are the top three things:

Security + DevOps = DevSecOps

Yaso Addanki, Senior Security Architect

Increasingly, people are learning that cyber security is something they need to consider in their work. Take DevOps for example, Yaso describes how this area of work is increasingly asking how it can be more secure.

“A significant trend at the conference was the focus on cyber security in the DevOps world and the importance of the need to embed security in the CI / CD (Continuous Integration/Continuous Delivery) pipelines,” she said.

“The security challenges with Docker containers and agile methodology, and how iterative threat models can be used to combat some of the challenges that come with them, was also a major topic.

“Telstra is working proactively here – we’re incorporating DevSecOps practices into development communities across the organisation”

Our team at the OWASP AppSec Day 2018

Code needs to be secured as quickly as it’s written

Stefan Gigliotti, Enhanced Services Trainee, Secure Code

As more and more solutions are being made digitally, cyber security principles need to be applied throughout a project’s life-cycle. Stefan learned other teams are beginning to ask questions about security and data protection which is a very promising sign.

“As a whole, I saw a big emphasis on DevSecOps – enabling organisations to deploy code quickly, and securely in an iterative manner,” he said.

“Telstra’s Cyber Security team is already following this trend, with the recent introduction of a team in Cyber Security called “DevOps Security”, which is focused on how we can deliver security services and capability to DevOps teams.

“One initiative we’ve introduced is the concept of training a ‘security champion’ embedded in each feature team, allowing security to be a shared responsibility.”

“What I learnt was very helpful to my career because I am new to the Secure Code team, and fairly new to the AppSec space. The conference provided me a great platform to start my journey, and thrive in the Secure Code team here at Telstra.”

Cyber Security is everyone’s responsibility

Ben Ellett, Security Technologist-Specialist

Cyber security isn’t just the responsibility of the specialists who work to protect it, it is something we all need to consider. Ben was amazed to learn that this year’s AppSecDay wasn’t just for security specialists.

“One of the biggest surprises at the conference was when the keynote speaker asked the crowd how many people DID NOT work in information security. Approximately 50 per cent of the audience raised their hand,” he said.

“This showed me that cyber security extends past the people who specifically work in this function.

“That’s the case here at Telstra, where the Secure Code team within Cyber Security, works with other developers in the business to establish good secure coding practices.

“In terms of the next step in my career and to keep up with industry trends, I’ll endeavour to learn more about the development stacks that full time software developers use in order to learn the security pros and cons inherent to that software.”

Want to learn what a career at Telstra could look like? Check out our careers website.

Security tips to use your phone as your wallet

Cyber Security Consumer advice

Posted on March 9, 2018

3 min read

Telstra security operations specialist Darren Pauli has spent nearly a year with his smartphone replacing a wallet – securely making payments for everyday items and services. There are some guidelines you should keep in mind if you’re considering doing the same.

Apple and Google have invested billions of dollars into information security, with the goal of making their phones harder to hack. The iPhone – with its closed iOS operating system – is the toughest of all, but Google’s Android platform has come leaps and bounds from its anarchic past.

Google had no choice: over 80 percent of all phones sold in the last quarter of 2016 were powered by its Android platform.

Google’s effort means attacks that may have compromised thousands of users in recent years no longer work on updated phones, and it is now much harder and more expensive for attackers to get their malicious apps into official app stores.

Apple and Google, along with Microsoft, have also boosted security investment for services like Google Drive, iCloud, and OneDrive – making those more sensible choices for storing personal data, although there is still much work to be done.

Yet crucially, all of those billions of dollars in investment can be undone if a wallet-free maverick is reckless in their operational security practice.

The security mindset

Think of operational security (or ‘opsec’) as the measure of your security awareness in the world of technology. You win points for knowing how to spot phishing, and for making up a fake birthday and home address for Facebook and other websites.

In short, you become more security-savvy the more you think like an attacker and build roadblocks to frustrate your opponent.

In 2018 this is a necessary skill: You cannot force your favourite online chat forum to use better security that’s harder to hack, but you can change your forum password to something unique or disposable. You can keep your real information out of your forum profile.

And doing this means hackers who break into that forum will not be able to use your password to get into your emails, or use your real name, birthdate, and address to help open a bank account.

Bringing it together: a checklist

You cannot force your favourite sites to be more secure, but you can choose sites which are. You can also use tools that boost the security of the data you control while minimising or even reversing inconvenience.

These are some operational security guides I use to protect my data – see below. Many informational security experts would use much more severe controls, but the vast number of people use far weaker.

Virtual reality: the future of content

Tech and Innovation

Posted on January 18, 2018

4 min read

The blend between our virtual existence and the physical world has become a normal part of our lives. We are living life through a screen already, so the jump into virtual reality (VR) is not as large a leap as one would expect.

With all of the big tech players pushing hard in the VR race, it’s only a matter of years until we see people sitting next to us on the train with their headsets on. Technology is moving at such a rapid pace in the VR industry, product releases are coming thick and fast, and everyone is trying to be the first past the post to bring a full VR experience into a simple, comfortable, standalone device.

The future of VR

The future of the headset will be one where augmented reality (AR) is the minimum and one can transition into VR or “full immersion” with ease. Microsoft has termed this mixed reality (MR), and with the advent of inside-out tracking has lead the way in making standalone headsets that enable not only looking around the virtual world, but also walking around too.

The ‘full’ VR experience will continue to expand with the release of haptic clothing and gloves, allowing for virtual touch to be included into the development of the VR experience. As VR developers start to utilise these haptic touch devices, the beauty of MR will come into its own and the physical-virtual blend will be truly immersive.

The reason why VR development is moving at such a rapid pace is because of the synergy between hardware and software development. All of the large players are releasing their own platforms to view VR content – and as it stands now, the pathway to content is quite sporadic and device-dependent. This will likely change, with the first company to create a great customer experience at all touch points going a long way to being the ‘Netflix of VR’.

But this will most likely have a shelf life as technology advances, and smart device manufacturers start to adapt their offerings into the MR space. One thing that won’t change is the need for a super-fast network to deliver the content and experience – however it is offered.

Taking VR into the mainstream

Virtual Reality at CES 2018

As VR becomes more mainstream, it will move from the ‘gamer’ space via film-making, and eventually into advertising and public relations (PR). The marriage between VR and PR is quite a simple one, as it makes a lot more financial sense to create a PR activation that can then be taken into the virtual world and experienced by the masses.

No longer is a PR or advertising opportunity going to be bound by the laws of physics or geography; in the near future, utilising AR, ads will be able to be generated into each of our mixed reality experiences for both our entertainment and the company’s ROI.

“Surfing” the web will move from being a nice analogy into reality, with companies like Web VR already playing with the idea of virtual websites. VR for websites has always been what we’ve imagined the best user experience on the Internet to be, and this will enable mass adoption of VR – bringing with it new rules for UX design and web design alike.

The virtual desktop will enable people to work in even tighter spaces, with an unlimited number of screens and at a larger scale than ever before. Productivity will increase, and people will truly be able to immerse themselves in their work.

VR will invade many different industries from both a consumer and enterprise perspective regardless of history. There are already no limits to where someone can take their experience inside the virtual world – and as technology keeps advancing, the limits to how VR can interact with the physical world keep expanding.

There are a few questions that will arise as VR is widely adopted: will one company be able to truly “own” VR? How will ethics become a part of VR development practices? How will VR start to affect us as humans – as we start to interact more with the virtual world, is it inevitable that our physical interactions will decline?

360 video: Tech trends for 2018 that will change your everyday life

Tech and Innovation

Posted on December 12, 2017

1 min read

Hot off the technology presses at Telstra’s Chief Technology Office – meet the five trends that will change your everyday life next year, including everything from the mass adoption of voice assistance, to cheering on the newest category of athletes and the tech toys your kids actually want for Christmas.

If you prefer listening to our tech trends on the go, listen to our in-depth podcast on the 2018 tech trends here:

 

Tags: technology, trends,

Let’s get down to business: the top technology trends for enterprises in 2018

Tech and Innovation

Posted on November 20, 2017

4 min read

Telstra’s Chief Technology Office is looking ahead to 2018, nailing down the top five technology trends that will impact global businesses during the year. From the changing realm of cyber security, to the possibilities of real time data and team collaboration tools, businesses of all sizes will feel the effects of these technologies.

  1. Cyber security

Demand for appliance-based security services should continue to decline as software-based, hosted cyber security solutions emerge. With users connecting to internet-based applications via a variety of mobiles, tablets and laptops, we can no longer simply ring-fence corporate systems from potential attack. The need for behavioral analytics-based systems is pulling security into the realm of Big Data-based solutions. Interconnected supply chains and industry ecosystems will drive Blockchain maturity for trust and verification. Security management will follow a deep learning approach throughout the application stack to improve both quality and speed of detection and response.

 

  1. Real time analytics

The complex Enterprise is looking to visualise and make physical world decisions based on information across its entire digital footprint. Multi-channel customer interactions will drive the need to access historical data for real time decision making, while adoption of IoT will increase real-time data flows. A visual representation of this ecosystem (in a dashboard or in a VR representation) throughout the enterprise will enable real time decisions, beyond the network and application performance and across the enterprise supply chain (i.e a warehouse ERP system upgrade window is moved or changed due to weather or emergency services information in a given geography not directly connected to the enterprise). Integrated views will come due to consolidation of data environments which will include third party information integration.

 

  1. Containers and microservices

Modern webscale businesses are moving to microservices and containers for compelling reasons. Microservices are small, useful functions with a cloud API that can be combined into bigger services that might run something like Uber or Amazon. Software using this approach scales better, is easier to adapt to new business needs and allows developers to pick the best frameworks or tools for writing each microservice. Interest in microservices has coincided with the arrival of containers as an alternative to virtual machines for running multiple instances of software on a single physical server. While virtual machines each run a full image of an operating system, containers are more efficient and share the operating system so many more containers run on the same server. This suits microservices well, as each service can run in its own container and there will be many more of them than traditional applications. Enterprises are seeing the benefits of microservices and containers, and are working through the challenges of migrating to this model and adapting affected licence arrangements.

hand pointing at screen

 

  1. Digital team collaboration

Email originates from the 1970s, and while it is still very popular today, it has limitations. It doesn’t cope well when communicating with dynamically changing teams, attachments are hard to find later, and if someone leaves a company the knowledge stored in their inbox vanishes. Alternatives to email have been created by eager startups and are now becoming entrenched in enterprises, and one such alternative – Slack – is valued at over $5b. Some of the major brands are including similar experiences into their own collaboration suites, e.g. Cisco has introduced a similar product called Spark, and Microsoft has their own offering called Teams. All of these enable teams within an enterprise to send messages to other team members in ways that overcome issues with email, and are particularly suited to desk-based workers like software developers.

lightbulb with gears

 

  1. Digital twin

Most enterprises have embarked on a digitisation journey to remove manual processes, connect sensors to key pieces of equipment, collect real-time data about their systems, and automate as much as possible. Full automation is still a little way off, as many existing processes cannot be replaced with simple computer-based rules, and machine learning approaches to addressing automation are still at an early stage. The challenge is then to provide people with the optimal interface for dealing with digitised parts of the company, and the ‘digital twin’ has emerged as a useful pattern for enterprises. In this approach, the real-time data is displayed as a virtual instance of a real machine or process – its ‘digital twin’ – and the human operator monitors or manipulates this instance in a familiar way. This lowers the training effort, allows the operator to be located remotely, and provides a rapid path to value.

Digital twin technology


Uber is a trademark of Uber Technologies, Inc.
Cisco is a trademark of Cisco Technology. Inc.
Slack is a trademark of Slack Technologies, Inc.

Tags: technology, trends,