Cybersecurity
Collection

Cyber resilience is an organisation’s ability to detect, prevent, respond, recover and learn from cybersecurity disruptions. Our cybersecurity collection explores common issues, trends and what organisations must do to prepare proactive and reactive solutions to and keep your assets safe.

Featured Insights

SEC Cybersecurity Disclosure Enhancements: Efforts to Boost Investor Confidence
On 26 July 2023, the U.S. Securities and Exchange Commission (SEC) adopted amendments1 to its rules on cybersecurity risk management, strategy,...

The Innovation vs. Technical Debt Tug of War
Technology leaders are exploring new ways to drive innovation and maximise the value of IT in a changing world driven by disruption and a need for...

ISO 27001: 2022 - Key Changes and Approaches to Transition
This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organizations can take to...

2023 State of Play – Australian Privacy Reform
Three years on from announcing it would be undertaking a review to “consider whether the scope of the Privacy Act 1988 and its enforcement mechanisms...
Managed Security Services

A Guide to pen testing and red teaming: What to know now
Penetration testing and red teaming are essentialcybersecuritypractices that bolster an organization’s security posture by uncovering...

Achieving Diversity’s Benefits in Cybersecurity
Could any security organisation benefit from greater innovation? Or from responding more effectively to diverse internal customers? How about...

Protecting the Enterprise: How a Well-Designed Security Analytics Programme Can Help
The purpose of security analytics in an organisation
Security metrics and the analysis of security information can be challenging concepts even for...

How can an enterprise use access management to establish a Zero Trust environment?
A hybrid RBAC, ABAC and PBAC framework is the best practice approach
A strong access management programme is foundational to establishing a Zero...
Data Protection

New White House Cybersecurity Strategy Creates Additional Concerns for Businesses
The White House recently released a comprehensive national cybersecurity strategy that is sure to have a major impact on government agencies as well...

The Evolution of Attacker Behavior: 3 Case Studies
This blog post was authored by Mike Ortlieb, Director, Security and Privacy andChris Porter, Associate Director, Security and Privacy on ...

For $62.59, the 8 Character Password is Still Dead
Five years ago, we wrote a post called “The 8 Character Password is Dead,” which was an in-depth look at password cracking in 2017 and how eight...

Managing Privacy Under One Roof
Introduction
With regulatory change on the horizon with the Attorney-General’s Department currently reviewing the Privacy Act 1988 and proposing...
Security Resilience

Cyber risk quantification for chaos management
The most important use of any risk assessment tool is that it must contribute to better decision making on how to manage individual risks. Whether...

Metrics’ role in cyber transformation
We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the...

Creating a resilient cybersecurity strategy: The governance lifecycle approach
Cybersecurity governance should do more than manage cyber risk. Goodcybersecuritygovernance creates efficiencies by clarifying the...

Enhancing cyber capabilities using a threat-driven strategy
Senior leaders focused on cybersecurity recognise there is considerable guidance, best practices, frameworks, regulations and varied opinions on how...
Security Architecture

Simple is secure: Streamlining smart contract design
For security teams looking to implement and design smart contracts, there are many intricacies and nuances that can be overwhelming. Using established...

Smart contracts part 1: What is a smart contract?
In recent years, there’s been considerable talk of blockchain and its use cases in the business world. While some of these topics have specific use...

Cybersecurity risk assessments vs. gap assessments: Why both matter
As cybersecurity incidents continue to make headlines, whether involving the breach of sensitive information or the halting of an enterprise’s...

3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem
This blog post was authored bySiobhan Moran - Director, Senthil Kumar Kothandaraman - Associate Director, Security and Privacy onThe...