The Office of the Australian Information Commissioner (OAIC) released its latest statistics on notifiable data breaches covering the period from January to June 2020. Interestingly, this report showed a 3% decrease in the number of breaches in this period, compared to the previous report covering July to December 2019. By all accounts, the pandemic seems to have had no significant difference on the number of breaches that were reported, even though the volume of phishing attacks and criminal cyber activity purportedly skyrocketed.
Read More
Organisations introducing threat hunting into their operational security team’s remit will encourage a proactive approach to detecting and responding to sophisticated cyber threats. Threat hunting demands disciplined and focused effort using threat intelligence to inform the investigation team on what to examine. Incorporating the MITRE ATTACK Framework into your organisation’s threat hunting model is the best way to determine which tactics, techniques and procedures (TTPs) to search for across your environment.
Read More
Continuous Diagnostics and Mitigation, or CDM, is a term for a strategy around cyber security defence that tries to shift from a stance of: Prevent – Detect – Respond, to an approach that is more real-time, continuous, operational and automatic.
Read More
On Friday 19th June, the Australian Prime Minister gave a press conference outlining an intense and persistent cyber attack against Australian organisations, allegedly originating from an overseas adversary. The Prime Minister confidently stated that a hostile nation-state was behind the campaign, refrained from naming the culprit. Other news outlets, however, suggested unnamed senior government officials claimed the origin was China, but this remains unconfirmed by official sources.
Read More
Obviously, writing this in the midst of the Coronavirus outbreak, airlines all round the world are suffering huge impacts from the effects of the isolation, quarantine and travel restrictions that are in place. Cyber security might not be at the top of their agenda, but it’s certainly at the top of Cathay Pacific’s.
Read More
Last week was a big week for the Information Commissioner’s Office in the UK after the BA fine announcement (£183m) and a second data breach fine story around the Marriott Hotel chain.
Read More
This week saw the announcement that British Airways (BA) was to be fined by the Information Commissioner for its breach of the GDPR. The proposed fine amounts to £183m so it caught the attention of the security and legal/compliance community as being the first really notable GDPR case with a big fine attached.
Read More
Few organisations have the resilience to suffer a cyberattack as large as the one the Australian National University (ANU) notified last week. Data breaches of this magnitude certainly take their toll, and in this case the ANU will be feeling the pain for some time to come. But what happened and how can organisations better prepare themselves for this kind of attack?
Read More
At the weekend, an Australian graphic design company called Canva reported a data breach. At this stage, you’d be forgiven for thinking so what? Yet, this wasn’t just a typical data breach – it’s one of the largest privacy breaches of user information in history, on the league table just behind Equifax’s breach of 2017. In Canva’s case, the hacker claims to have stolen 139 million Canva users’ details, including names, postal addresses, email addresses and 70 million users’ password hashes. So how might this breach affect your business and is there anything you can do to protect yourself from the fallout?
Read More
The Office of the Australian Information Commissioner’s fourth quarterly report shows an increase in the percentage of attacks attributed to malicious or criminal activity, as well as a continuing trend of growth in the overall number of attacks.
Read More