On Friday 19th June, the Australian Prime Minister gave a press conference outlining an intense and persistent cyber attack against Australian organisations, allegedly originating from an overseas adversary. The Prime Minister confidently stated that a hostile nation-state was behind the campaign, refrained from naming the culprit. Other news outlets, however, suggested unnamed senior government officials claimed the origin was China, but this remains unconfirmed by official sources.
Read More
This blog post “CMMC – Restrict Admin Privileges” is the tenth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.
Read More
In the first quarter of 2020 IT and security teams around the world faced an unprecedented challenge. The coronavirus pandemic grew in a matter of weeks to a phenomenon that would disrupt businesses, lives and the economy like nothing else we have faced before.
The introduction of lockdowns, travel restrictions and stay-at-home orders forced many businesses to adjust almost overnight to a different way of working that avoided staff being in offices or on sites. Some staff had to balance work obligations with a need to home-school children, some had to shelter for their own safety, some were furloughed or laid off – leaving businesses without access to their abilities.
Read More
The 2019-20 ‘Interim Report on Key Financial Controls of Major Entities’ has been released. The Australian National Audit Office’s (ANAO) review focused on the financial and HR systems of eighteen Australian Government agencies.
The report revealed that only one of the eighteen agencies that were reviewed was rated as achieving and managing their cyber resilience to Essential Eight Maturity Level Three requirements. It also found that four agencies had incorrectly self-assessed, due to a poor understanding of their requirements.
Read More
Cyber hygiene is a relatively new term to describe the basic security practices everyone should be doing to ensure their organisation remains safe from common security threats. Yet even these most basic security controls are often neglected or not implemented correctly, unduly leaving the business exposed to risks they could easily counter.
Read More
This blog post “CMMC – Monitoring Privileged Users” is the ninth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.
Read More
The pandemic is currently ravaging people’s lives and the economy across the world. Cyber security and audit professionals, and their roles, included.
Businesses are walking a narrower financial tightrope than ever before, balancing cost cutting, with human resources, lost business and diminished profits.
Read More
This blog post “CMMC – System and Information Integrity’’ is the seventh in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.
Read More
The need for assurance in supply chains and third parties is well-recognised in cyber security. It is common to exchange data – often sensitive – with third parties, and to rely on them for aspects of service delivery or the undertaking of key business functions.
Read More
This blog post “CMMC – Achieving a Level 4 SOC’’ is the sixth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.
Read More