How is the Australian Government doing in its efforts to defend itself from cyber threats? Are key strategies and advisories being implemented and operating effectively? The newly released ‘Commonwealth Cyber Security Posture in 2019 Report to Parliament’ (CCSP2019) provides information and visibility into the efforts of the Australian Cyber Security Centre (ACSC) and Attorney-General’s Department (AGD) as to the readiness of Commonwealth entities to respond to the country’s cyber threat environment.
Read More
Cyber criminals are making the most of the spread of the Coronavirus. The financial services industry is being hit particularly hard, with attackers creating their own pandemic of phishing emails trying to steal money, personal information and intellectual property.
Read More
Security teams face a number of challenges. The growing extent and complexity of the technology environment that businesses utilise, the limitations of human capabilities to choose good passwords or avoid clicking on links, the increasing sophistication of attacks and attackers and the burgeoning regulations under which they operate.
Read More
Risk management, across all disciplines, is of vital importance to businesses. Cyber security is one critical element of risk and has clear implications if it is done poorly (or not at all).
Read More
All businesses, job roles, departments and functions require performance management. Security is no different and this is now being seen as critical within the compliance and audit functions as part of the management of cyber risk.
Read More
The area of cyber security is one that is inundated with research and statistics – every year there are various “state of information security” surveys or “breach reports” including from organisations such as Verizon (The breaches), PwC (The cyber threats) and CIISec (The security industry survey).
Read More
The Cybersecurity Maturity Model Certification (CMMC) is a US initiative lead by the Office of the Assistant Secretary of Defense for Acquisition within the Department of Defense (DoD). It imposes requirements on DOD contractors and subcontractors to help safeguard information within the US Defense supply chain. This post is the second in a series where we analyse the CMMC and look at how you might achieve compliance or use it as a basis of your own information security programme. You can read the first post that gives an overview of CMMC, here.
Read More
Cyber security and regulatory compliance are frequent bedfellows. If compliance standards aren’t specifically driving security adoption, they are affecting wider areas, such as GDPR and privacy, which significantly impacts on security.
Read More
The importance of accurately identifying and communicating a business’s risk exposure has never been more critical. This is particularly true for audit and security managers who undertake cyber security audits.
Read More
Security risks are prevalent in most organisations, yet the consistent management of all technical, process and personnel-related security problems can be difficult as multiple teams are often identifying and mitigating them. In a bid to address this, many organisations are now fusing their risks management technologies and approaches into one Integrated Risk Management (IRM) solution comprising the platforms and processes needed to unify this critical business function.
Read More