The Blog

News & Thoughts from the Axenic Team

Whitelists & Blackhats

By Axenic Team, on 13 February, 2013

The news yesterday and Monday was all about Telecom’s Xtra service and Yahoo. The media were outraged on behalf of everyone and a number of commentators took to the airwaves to tell us just how bad this was.

A Tale Of Two Incidents

By Axenic Team, on 20 December, 2012

Unless you spent the latter half of this year in a cave, you will be aware that both ACC and the Ministry of Social Development suffered security and privacy incidents.

Compliant Does Not Equal Secure.

By Jim, on 12 April, 2012

On the 30 March Global Payments Inc. announced that it had suffered a data breach that had led to the Track 2 (i.e., the primary account number, expiration date, service code, PIN and CVV number) data of approximately 1.5 million credit cards being “exported” from its North American payment processing system.

Do you Google yourself?

By Jim, on 30 June, 2011

Whilst reading through the New Zealand Information Security Manual (NZISM) I came across this recommendation in section 9.4 Using the Internet within 9. Personnel security:

Best, good or generally accepted practice?

By Jim, on 25 November, 2010

I hate the term “best practice”. There I’ve said it….. It feels good to get that off my chest. But why do I hate it?

There is only one way to eliminate risk

By Jim, on 26 October, 2010

One common misconception of risk management that I have come up against time and time again is that by managing a risk it has been eliminated and can be closed and removed from the risk register. This is simply not the case as risks can evolve and change over time for any number of reasons.