Last week was a big week for the Information Commissioner’s Office in the UK after the BA fine announcement (£183m) and a second data breach fine story around the Marriott Hotel chain.
Read MoreThe result of three recent cyber resilience audits conducted by the Australian National Audit Office (ANAO) was released on 4 July. The report showed some encouraging results, but also highlighted some concerns. The need for real-time visibility of cyber security posture is becoming increasingly evident.
Read MoreThere is a growing range of ways to provide security control metrics and assessments for businesses. The intended audience of these solutions tends to be non-security people, for example senior board members (for enterprise security and the associated risks) and procurement or risk/compliance managers (for third party security risk exposures) who need an understanding of cyber risk and security control effectiveness to monitor performance, improvements or exceptions.
Read MoreVarious factors are converging to influence the need for better management of cyber security risk. Whether it’s to understand the effectiveness of security controls, isolate any weaknesses or to simply acknowledge cyber security as a corporate governance issue; the requirement for greater visibility of an organisation’s cyber security posture is a given.
Read MoreOrganisations are being asked by regulators, partners, and other stakeholders to improve their cyber security risk management process. As cyber risk becomes recognised as a business risk both senior executives and operations security managers are seeking greater visibility of those risks and access to tools that will help mitigate them.
Read MoreMuch has been written about the growing and increasing maturity of the cyber security insurance market. There is also no shortage of (rather depressing) surveys of companies and breaches to give scale to the size of the cyber security problem. In Australia the research done on past breaches by ACSC led directly to the formulation of the Essential 8 cyber mitigation strategies.
Read MoreWhether as a result of increased governance at Board level or simply improved performance management practice, cyber risk measurement and management is now acknowledged as an important 360-degree risk mitigation strategy to support your corporate risk management responsibilities.
Read MoreGrowing, mid-size companies that want to avoid or survive cyber crime face a tricky challenge as they are often overlooked.
Read MoreIt is widely acknowledged that all businesses can be victims of cyber crime, suffer data loss, get hit by ransomware or fall victim to some other form of cyber attack – the “when, not if” maxim in cyber security circles. However, for SMEs, facing up to this fact is difficult.
Read MoreFor people who have been working in security for some time there has been an evolution in communicating cyber crime risks to the board; this has gone through several phases from initial disinterest, through necessary but begrudging acceptance to a point where now measurement of the state of key risk indicators is actively sought.
Read More