Industry Publications

ACSC Essential Eight Assessment Services

ACSC Essential Eight Assessment Services

Australian Cyber Security Centre’s (ACSC) Strategy to Mitigate Cyber Security Incidents provides a prioritised list of mitigation strategies to assist organisations in protecting their systems and their crown jewels against a range of adversaries. The mitigation strategies advised by ACSC vary and can be customised based on the risk profile, the industry sector and the

ACSC Essential Eight Assessment Services Read More »

Cyber Resilience Testing Under the CORIE Framework

The Council of Financial Regulators (CFR) released a framework in December 2020 thatis used to build red team scenarios to test the level of Australian financial services industry’s cyber resilience.The Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework is a pilot programme of exercises that will mimic the Tactics, Techniques and Procedures

Cyber Resilience Testing Under the CORIE Framework Read More »

New CORIE Framework by the Council of Financial Regulators for APRA-regulated financial institutions

A new framework by the Council of Financial Regulators requires APRA-regulated financial institutions to attack themselves in a bid to uplift their cyber preparedness, as APRA orders urgent audits against CPS 234.The #CORIE framework that has been launched will require banks, super funds and other financial institutions to organize independent red team attack simulations.

New CORIE Framework by the Council of Financial Regulators for APRA-regulated financial institutions Read More »

Payment Card Industry Data Security Standard (PCI DSS): Why is Compliance Critical?

The Payment Card Industry Data Security Standard (PCI DSS) is mandated by the major payment brands (MasterCard, Visa, Amex, JCB and Discover) for organisations that handle payment card data. The PCI DSS defines the minimum security controls needed to protect cardholder data. If you process, store, or transmit payment card data, you are required to

Payment Card Industry Data Security Standard (PCI DSS): Why is Compliance Critical? Read More »

The rise and rise of ISO 27001 in Australia and worldwide

Achieving ISO 27001 certification does not guarantee your organisation will never experience security incidents ever again. Nor can anyone realistically claim that the standard is perfect and it can absolutely be trusted. Despite the negativity, obtaining certification does offer several significant benefits that cannot be denied. Often touted benefits of an Information Security Management System (ISMS) that is implemented correctly and follows the spirit of the standard are:

The rise and rise of ISO 27001 in Australia and worldwide Read More »

Part 1: EU GDPR, the Privacy Amendment (NDB) and ISO 27001:2013

Early last March at the ‘Data Privacy Matters’ meetup, I had the privilege of moderating a panel segment addressing the NDB Amendment & GDPR’s Impact on Australian Businesses. The panellists were Patrick Gunning, (Law Partner from King & Wood Mallesons), Fergus Brooks, (Cyber Risk National Practice Leader, at Aon Australia) and Romain Rallu, (CEO at

Part 1: EU GDPR, the Privacy Amendment (NDB) and ISO 27001:2013 Read More »

Scroll to Top