Compliance & Legislation

Notifiable Data Breaches – are they increasing?

The Office of the Australian Information Commissioner (OAIC) released its latest statistics on notifiable data breaches covering the period from January to June 2020. Interestingly, this report showed a 3% decrease in the number of breaches in this period, compared to the previous report covering July to December 2019. By all accounts, the pandemic seems to have had no significant difference on the number of breaches that were reported, even though the volume of phishing attacks and criminal cyber activity purportedly skyrocketed.

Read More

Cyber Security for the Australian Energy Sector

The Australian Cyber Security Centre (ACSC) has created several publications aimed at helping critical infrastructure providers protect ICT systems from the escalating threat of nation state cyber-attack. The Australian Government has recently stated that organisations in both the public and private sectors are continually being targeted by adversarial nation states, and ACSC’s incident response activities over the past years show that water and power distribution networks, transport and communications grids are all at risk. The Australian Energy Market Operator (AEMO) has taken ACSC’s guidance and developed its own set of standards for uplifting the Australian energy sector, helping entities to become more cyber resilient. In this blog post we look at AEMO’s guidelines and how they relate to both IT and OT security.

Read More

CMMC – Restrict Admin Privileges

This blog post “CMMC – Restrict Admin Privileges” is the tenth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

CMMC – Cybersecurity Risk Management

This blog post “CMMC – Cybersecurity Risk Management’’ is the eighth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

System and Information Integrity and the CMMC

This blog post “CMMC – System and Information Integrity’’ is the seventh in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

CMMC – Developing a Level 4 Maturity SOC

This blog post “CMMC – Achieving a Level 4 SOC’’ is the sixth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

CMMC – Backup Systems Assurance

This blog post ‘CMMC – Backup Systems Assurance’ is the fifth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

Identification and Authentication – How to improve your cyber hygiene

This blog post ‘Identification and Authentication – How to improve cyber hygiene’ is the fourth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

CMMC – How to mature Audit and Accountability

This blog post ‘How to mature Audit and Accountability’ is the third in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More
1 2 3 5