Story image

Aura InfoSec hires former GCSB exec to push the future of cybersecurity

08 Aug 2017

Aura Information Security has appointed former GCSB’s head of consultancy services Barry Brailey as its new principal security consultant. The role will see him take a leading role in managing security consulting engagements, contributing to management business plans and growing the company’s consulting team.

Brailey comes to Aura Information Security from the Domain Name Commission, where he was manager of security policy. He also worked at the GCSB’s National Cyber Security Centre as head of consultancy services.

He has been on the New Zealand internet Task Force board since 2009 and on the Information Security Awards NZ (iSANZ) Board since 2014.

Brailey has more than 15 years’ experience in the industry, in areas such as security management and incident management, and in other areas such as international collaboration, intelligence-led operations, relationship management and strategic business development.

Peter Bailey, Aura Information Security’s general manager, says that Brailey’s experience in security would bring great value to the team and the expanding cybersecurity sector.

“Barry’s invaluable experience in information security, coupled with his proven relationship management and leadership skills, will be hugely beneficial for developing our internal team and guiding strategic business direction,” Bailey says.

“As a result, we’ll continue to ensure an unrivalled level of service for Aura Information Security clients. As Principal Security Consultant, Barry will be integral to Aura Information Security as we enter an exciting and critical period in cyber security. We’re absolutely thrilled to have him on board," he continues.

 Earlier this year the company hired Tom Moore as practice manager for its A/NZ operations. Moore previously worked at Datacom, where he was a principal security consultant.

In May, Aura Information Security also released an online training tool designed to help New Zealand businesses minimise the risk of security breaches. The subscription-based tool is housed on an existing learning management system or on the customer’s intranet.

“Aura was recently called upon to assist a critical infrastructure provider that had been targeted by CryptoLocker. Had their staff been through a security awareness course and, in particular, had they been able to spot a phishing email, they may have been able to avoid the negative impact the attack had on the business,” Bailey said at the time.

“In order for cyber security to become a part of the culture of an organisation, staff need to be involved – not just those in the IT department or senior management, everyone has a part to play,” Bailey concludes. 

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”