Wednesday, February 26, 2014

Telspace Systems appointed sole security supplier to betting and gaming solutions provider BetTech.

BetTech Gaming, the global provider of turnkey gaming solutions to market-dominating clients, has partnered with Telspace Systems to significantly boost its security operations.

Telspace Systems has been awarded a multi-year contract to conduct round-the-clock attack and penetration testing and analysis. They will also run vulnerability assessments and source code reviews, handle large, complex transactional systems and provide training.

The preventative measure will benefit all of BetTech’s betting and gaming operator customers, ensuring their players receive industry-leading protection against cyber crime.

“Telspace Systems has an impeccable reputation,” said BetTech Gaming chief technology officer Ian Barnes. They make organisations as unattractive to online criminals as possible and keep all sensitive financial and client data safe. We have partnered with them to give the highest possible level of security to BetTech as well as our customers and their organisations.”

Telspace Systems was established in 2002 and is based in Johannesburg, South Africa, with a presence in United Kingdom, Botswana, United Arab Emirates, and Brazil. It services high-profile casinos and banks, and telecommunications, petroleum, and insurance companies around the world.

Chief executive officer Dino Covotsos commented: “There is no room for complacency when it comes to online security. New software vulnerabilities are found daily and attacks can immobilise a business – the potential financial costs are huge so it is always best to take the strongest possible precautions.”

Thursday, February 13, 2014

Fighting fire with fire using Honey Encryption

A newly-developed encryption system by independent researcher Ari Juels and Thomas Ristenpart of the University of Wisconsin, has shown that trickery is an underexploited, but very effective tool in data protection.

Dubbed ‘Honey Encryption’, this security method adds an extra layer of protection to encrypted data by returning fake data every time an incorrect password or encryption key is made. If the attacker does at some stage guess the correct combination, the sensitive data will be lost among spools of false data.

Later this year, Juels and Ristenpart will present their Honey Encryption method and findings at the Eurocrypt cryptography conference.

Since cybercriminals have been using decoys since the very beginning, it makes sense for use the same techniques to our advantage. Using deception as a defense mechanism against cyber attacks is not only delightfully ironic, but very effective.

SA needs to shape up

Despite ground-breaking security developments taking place internationally, SA is said to still lack the security awareness and understanding to ensure adequate data protection.

A recent statement by Beza Belayneh, CEO of the SA Centre for Information Security (SACIS), suggests local organisations (outside the financial sector) often view cyber security awareness as sensationalism, resulting in what Belayneh terms "cyber security fatigue".

"Organisations will process and store large amounts of personally identified information and most of their business processes such as HR, finance and legal, are fully computerised and digital. Institutions don't realise that cyber attacks constitute data theft and can interrupt business functions."

According to the SACIS, local organisations are spending resources on cyber attack prevention, but throwing money at the problems will not help people understand the nature of threats and how to counter them effectively – a task which Belayneh says is never-ending. Instead,Belayneh believes the focus should shift to building resilient security frameworks.

"Institutions must develop a holistic approach that responds effectively to attack since they are impossible to avoid," he says.

Telspace is hiring!

And on that note, Telspace Systems is looking to hire a security analyst in South Africa, preferably Gauteng. The ideal candidate should be should be competent in a combination of Web application security, attack and penetration testing, network security,source code reviews, and mobile security.

For a more detailed description, please visit our job listing on LinkedIn or e-mail your CV to admin[at]