Blog

Essential Eight Maturity Assessments | Cyber Security | Privasec

Privasec’s Essential 8 Maturity Assessment

Get to know about Privasec’s Essential 8 framework, which focuses on three key objectives — prevention, limitation, and recovery — to help organisations build a baseline to mitigate cyber security incidents.

Read More →
02 - PDF Generator Best Practices

PDF Generator Best Practices

The dangers of using server-side PDF generation technologies without properly sanitising user input.

Read More →
ISO 27001 Event - 1200x 675

Privasec × AiSP Joint Webinar: ISO 27001 Certification Journeys

Privasec and AiSP host an expert panel to talk about the Information Security Management System (ISMS), and how it fits into an organisation’s overall cybersecurity strategy.

They will also discuss ISO 27001 as a security governance standard; touching on topics such as the benefits of adoption, misconceptions about its usage and how to achieve certification for it.

Read More →
Copy of PSA - CRM (1200 x 675) Website (2)

Panel Discussion: In Pursuit of The PSA Licence

By Yap Yu Qing, Marketing Executive The Privasec team has organised a panel discussion last week, where it was an informative sharing session in which different aspect of PSA Licensing compliances for FIs including Fintechs and Crypto was discussed. As a recap, in this session, Jonathan Cheong, Chief Legal and Compliance Officer of DigiFinex shared about his compliance journey for PSA Licensing and gave insightful advice to organisation that are also planning to embark on the same journey. Emphasising on the importance of risk management for PSA Licensing, he shared that, businesses should become “resilient, and capable of identifying the kind of risks that will affect your (their) business”. Compliance Officers should also be equipped with the knowledge to embrace technological changes which will change the regulatory landscape. Megan Li, Co-Founder of Regtank shared about the key challenges of Anti-Money Laundering (AML)/Know-Your-Customers (KYC) regulations for Crypto business due the nature of the blockchain technology – decentralised ledger and anonymity of users. With the digital asset industry (cryptocurrency) being an emerging industry in which many regulations are still in the development phases, organisation needs to act fast and reactive to the regulatory landscape. Lim Quan Heng, our Regional Head of Asia, …

Read More →
Cyber Readiness

Cyber Readiness for Financial Institutions

Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.

But what actually happens during a Red Team and how does an Attack Simulation work in practise?

Read More →
Demystifying Workshop

Demystifying Two Different Worlds: A Look into ISO 27001 and Red Teaming

Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.

But what actually happens during a Red Team and how does an Attack Simulation work in practise?

Read More →
three-locks-and-a-chain

What happens during a Red Team Attack Simulation?

Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.

But what actually happens during a Red Team and how does an Attack Simulation work in practise?

Read More →
RMIA feature image | Privasec

Updates To ISO 27002 And Its Impact

With the pending updates to the ISO 27002, it is now more well-rounded for tackling information security risks. What remains a constant, is the purpose of the standard to provide implementation guidance on security best practices for compliance to ISO 27001.

Read More →
Third party risk management | Privasec

Managing Third-Party Risk

It is always in a company’s best interest to protect itself from vendor risks – before entering, during, and even after the vendor relationship has been established.

Read More →
Singapore Cyber Landscape 2020 | Privasec

Singapore Cyber Landscape Report 2020: Everything you need to know

Hear from Privasec’s Regional Head of Asia, Quan Heng, on his thoughts on the Singapore Cyber Landscape 2020 report published on 8 July 2021.

Read More →
ZenTao CMS | Privasec

ZenTao CMS – A Monkey’s journey to Priv Esc & Remote Code Execution

This article explores Zentao, understanding how its routing works, and identifying several vulnerabilities that lead to an attack chain that an attacker can execute in order to achieve remote code execution.

Read More →
Privabroadcast

Former Service NSW Chief Security Tech Officer Speaks on Security Partners Engagement

Get to know the former Chief Security & Technology Officer at Service NSW as he shares in under 5 minutes his views on how companies can leverage their security partners and gain the most value in partner engagement.

Read More →

Already know what you are after?

Get a quick quote from our consultants.

Scroll to Top