Cyber security Standards... unsung heroes

22/07/2012

'Standards underpin our whole business and are vital to its success' says Andy Prow, Managing Director, Aura Information Security, a finalist in the recent Wellington Discovering Gold business awards.

Aura's RedEye vulnerability scanning is the latest Aura service developed in New Zealand to provide cyber security to clients around the world. Standards such as AS/NZS ISO/IEC 27002:2006 Information technology – Security techniques – Code of practice for information security management and AS/NZS ISO/IEC 27001:2006 Information technology – Security techniques – Information security management systems – Requirements are vital to the platform of Standards on which Aura software security services are built.

Andy says Aura provides expert advice on the security of IT systems, websites (where whole businesses are conducted online), Wi Fi networks, and mobile devices. With a client base across New Zealand, Australia, USA, Canada, and the UK, all security services are provided remotely to clients that include government departments, e-commerce companies, and the banking and finance sectors. Aura also provides a raft of training to those who look after servers and services for this wide range of clients.

'Our new RedEye business provides security services by scanning customers' networks and websites hunting for security holes. We often refer to RedEye as being like a monitored alarm system but the alarms go off when it is possible to break in as opposed to when this has happened. This is a rapidly growing service for clients who benefit from ongoing security scanning rather than scanning once a year or even less frequently.

'We also use a range of industry specific standards such as PCIDSS (Payment Card Industry Data Security Standards) for RedEye – these are global standards for credit card and payment card protection – OWASP (Open Web Application Security Project) and OSSTM (Open Standard Software Test Methodology) along with the ISO ones. This basket of Standards is essential to how we demonstrate the value of what we do and why we deserve the trust of our clients. Our certification to certain Standards gives us global recognition and is a major factor in the confidence people can have that their systems, data, and privacy are well protected when using online services.

'With so many drivers on market growth the need for cyber security is bigger than ever. The advent of smart mobile devices and fast broadband have led to people expecting to be able to run their lives without standing in queues and to be able to pay their tax or any bill or renew their passport online at any hour from anywhere in the world. At the same time agencies themselves are becoming increasingly interconnected and, while privacy and data security are important in this, system outage is even more fundamental.

'IT and the web are now critical infrastructure to facilitate business in New Zealand and trade between New Zealand and the rest of the world. Standards help make all of this work. Without them we could not jump and change between organisations, businesses, and services because it is Standards that provide us all with common ways of doing things. That is why they are the unsung heroes to our business.'

Order AS/NZS ISO/IEC 27002:2006 Information technology – Security techniques – Code of practice for information security management and AS/NZS ISO/IEC 27001:2006 Information technology – Security techniques – Information security management systems – Requirements from www.standards.co.nz or call 0800 782 632 during business hours, or email enquiries@standards.co.nz.

Note: You can order ISO Standards from www.standards.co.nz or call 0800 782 632 during business hours or email enquiries@standards.co.nz. Members of Standards New Zealand receive a 20% discount on all NZS and AS/NZS Standards, and a 10% discount on all international Standards. Visit our membership page for more information.

 

==ENDS==

Media enquiries

Jayne McCullum
Standards New Zealand
(04) 498 3989
jayne.mccullum@standards.co.nz