| BLACKHAT Solutions ( is warning small to medium | | | | hacker”, says Emeline. |
| businesses of their financial and legal susceptibility in | | | | “Prevention is the best weapon against the risk of |
| the face of increasingly sophisticated data hacking. | | | | cyber-fraud, with manual auditing the only real |
| The company, an IT security specialist, claims the | | | | guarantee of ongoing security. BLACKHAT Solutions |
| tendency for complacency, despite an increasing | | | | has tested systems for retailers, investment |
| dependence on online transactions, is putting business' | | | | companies, software engineers, marketing companies |
| network security at risk. It predicts that manual analysis | | | | and for social networking sites, among others. The |
| and tailored security solutions, rather than the | | | | advantage of a hands-on investigation is that variations |
| automated alternative, will become standard practice | | | | of likely attack scenarios are trialled according to the |
| this decade for businesses reliant on e-commerce. | | | | unique characteristics of the business. When testing is |
| Screening systems using off-the-shelf software will | | | | tailored to a company’s particular dynamics, a 99.9 |
| not compete with the human touch necessary to | | | | per cent guarantee of impenetrable protection is |
| protect data and client privacy as hackers’ | | | | realistic, unlike other available methods. Automated |
| expertise outstrips even the biggest name software | | | | systems simply can’t match that level of foolproof |
| suppliers’ efforts to thwart manipulation. | | | | security in the face of constantly changing IT |
| It’s not the safety of sensitive clients' data alone | | | | threats,” said Emeline. |
| that poses an urgent business threat in the new age | | | | Increasingly, even IT companies are outsourcing |
| of cyber-fraud, according to Max Emeline, Director and | | | | security audits to specialists like BLACKHAT Solutions |
| Project Manager of BLACKHAT Solutions. Current | | | | to scrutinise software and systems. But outside the IT |
| privacy obligations for Australian business mean that | | | | arena, there’s almost no business that wouldn’t |
| the party that owns the data is liable even when | | | | benefit from putting its online systems or data storage |
| information is stolen and misused. | | | | facilities to the test, whether or not in-house IT support |
| “Depending on how stolen data is used, it’s the | | | | is available. |
| original owner of that data that can be sued if personal | | | | “Businesses seeking data security services should |
| information particularly, is exploited. The potential for | | | | look for manual testing that offers a mix of relevance |
| financial impact on an organisation could be | | | | depending on their available IT resources. It’s an |
| disastrous,” said Emeline. | | | | investment in business security that could save |
| “Off-the-shelf security products still play a role, but | | | | hundreds of thousands of dollars,” said Emeline. |
| on their own are simply not adequate to protect a | | | | Where high-level in-house system administration or |
| company’s information security to the foolproof | | | | programmers are on staff, Emeline recommends an |
| standard of protection that online transactions and | | | | audit report that simply outlines specific threats. He |
| data storage requires.” | | | | says companies with only limited IT personnel should |
| Recently reported security threats and in some cases | | | | go to the next level and commission a summary of |
| infiltration of social networking sites, financial institutions | | | | the threats along with their technical solutions, “but |
| and large online retailers highlight the refinement of | | | | to be most effective, it’s important in both cases |
| hacking to a level able to conquer organisations | | | | that the analysis is written by the same person who |
| regarded as operating with the ultimate levels of | | | | ran the tests,” he says. |
| information security, according to Emeline. | | | | Many of BLACKHAT Solutions’ clients engage |
| In January 2010, the Australian Department of Defence | | | | them for the full service of risk identification, a solution |
| opened its Cyber Security Operations Centre in | | | | summary followed by total threat elimination, which can |
| Canberra, which is staffed by 130 IT experts. An | | | | involve configuration of server hardware and re-writing |
| average of 200 electronic security investigations were | | | | of application code. |
| carried out at the Department during each month of | | | | About BLACKHAT Solutions |
| 2009. | | | | BLACKHAT Solutions addresses the security dangers |
| “If the household name companies and government | | | | of online transactions and data protection, providing |
| departments are being targeted, it makes sense that | | | | clients with tailored and precise solutions to information |
| average businesses are definitely vulnerable,” said | | | | security risks, as well as ongoing support and |
| Emeline. | | | | protection. The company has developed and refined |
| With privacy breaches and their legal implications a | | | | in-house tools and techniques by specialist |
| genuine threat and generic software reliable only to a | | | | programmers, consultants and security advisers. |
| point, the best options for business are to block | | | | BLACKHAT Solutions has earned solid reputation |
| attacks before they happen. To cover all possible | | | | within financial, legal and online retail enterprises for its |
| hacking possibilities “you need to think like a | | | | ethical business practices and top-level confidentiality. |