Compliance & Legislation

Privacy Legislation impact on Cyber Security Operations

Should the changes to privacy laws make us rethink log retention? Does your Security Operations Centre (SOC) collect and store logs? The answer is, almost certainly ‘yes’. Even the most basic security operations activities include analysing security events, such as those produced by end user computers, web filters, email systems, databases and network appliances.

Read More

APRA CPS 234: An Overview of the Cyber Security Standard and How to Apply it

The Australian Prudential Regulation Authority (APRA) regulates Australia’s financial services industry and, as such, has responsibility for compliance and governance over all aspects of the finance industry. This is a wide and complex remit, since financial services cover a wide range of specific business types, so when they announced their draft standard for cyber security last week, APRA CPS 234, it immediately begs the question, how can it be applied?  

Read More

6 ways Data Breach Notifications will improve IT Security Operations

As the GDPR deadline looms there are still programmes and projects underway in many organisations to achieve compliance – both private and public sector.  It is easy to characterise GDPR and its requirements (including for data breach notifications) as a boon for consumers and a challenge for businesses or a marketing opportunity for consultants and lawyers and a life sentence for security teams.

Read More
1 2 3 4 5