Blog

when working from home is not as save

When working from home isn’t as safe

Are we really safe and secure when working from home amid the Covid-19 pandemic? Check out the cyber security insights shared by Quan Heng.

Read More →
ACSC Essential Eight Assessment Services

ACSC Essential Eight Assessment Services

Australian Cyber Security Centre’s (ACSC) Strategy to Mitigate Cyber Security Incidents provides a prioritised list of mitigation strategies to assist organisations in protecting their systems and their crown jewels against a range of adversaries. The mitigation strategies advised by ACSC vary and can be customised based on the risk profile, the industry sector and the adversaries the organisation is most concerned with.

Read More →
CORIE framework

Cyber Resilience Testing Under The CORIE Framework

The Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework is a pilot programme of exercises that will mimic the Tactics, Techniques and Procedures (TTPs) of real-life adversaries, creating and utilising tools, and using techniques that may not have been anticipated and planned for. Also known as red team exercises, these help Financial Institutions(FI) stay competitive and secure by leveraging an unbiased view, and by third-party providers mimicking real-world Advanced Persistent Threats (APTs).

Read More →
VeriSaaS IRAP Assessment

VeriSaaS – The IRAP Journey

Meet the CEO at VeriSaaS, Brice Neilson, as he talks through their journey of undergoing an IRAP assessment up to PROTECTED status, what it means to be IRAP assessed, and why.

Read More →
Makdap ISO 27001 certification | Privasec

“Privasec Delivers Outcomes” | Client Feedback with Makdap’s Head of IT

Makinson d’Apice has long been part of Australia’s business fabric. Check out the testimonial left by Asitha Udumalagala, Head of Information Technology at Makdap.

Read More →
YouTube_Channel_Thumbnail_1

Broadcast Episode New Release | MAS TRM Directive and Third-Party Risk Management

Our latest broadcast episode is now out! In our third episode (Singapore feature), together with our host Quan Heng “Q”, we meet with Angela Yuen, Privasec’s GRC Consultant, as we explore a very topical discussion.

Read More →
Privasec Team Family

We are Hiring! – Check out our open job roles

Due to rapid growth and industry’s demand, our Privasec team is hiring!

Read More →
Lunch__Learn__Broadcast_Series_32

Happy International Women’s Day 2021 | #ChoosetoChallenge Special Edition

It’s International’s Womens Day! This year’s IWD 2021 campaign theme is: ‘Choose to Challenge’. From challenge comes change; a challenged world is an alert world. We can all choose to seek out and celebrate achievements, collectively, helping to create an inclusive world.

Read More →
Fireworks over Singapore city skyline, Singapore, Singapore

Singapore’s Safer Cyber Space Masterplan 2020

Singapore’s Safer Cyberspace Masterplan 2020 builds on the second Pillar of the 2016 Singapore Cybersecurity Strategy and outlines a plan towards the creation of a safer and more secure cyberspace in Singapore. The Cyber Security Agency of Singapore (CSA) has developed this Masterplan in consultation with the cybersecurity industry and academia, to raise the general level of cybersecurity in Singapore, for individual users, communities, enterprises, and organisations.  The Masterplan comprises three thrusts, to: Secure our core digital infrastructure; Safeguard our cyberspace activities; and Empower our cyber-savvy population. The Masterplan also outlines 11 initiatives under these three thrusts (as shown in the infographic below) that serve as examples of how we intend to better safeguard and protect our cyberspace, and mitigate the impact through swift detection and response to cyber threats. Everyone has a role to play in the cybersecurity of our shared digital space, and enterprises, organisations and individuals can leverage the initiatives in the Masterplan to better protect themselves.  Demo content from https://www.csa.gov.sg/news/publications/safer-cyberspace-masterplan

Read More →
Two robbers in black uniform hacked the vault

Hacked!: What To Do Next

EVERNOTE became the latest member of the “we’ve been hacked” club. And the thing is, what was once a pretty exclusive club now lets just about everyone in these days. I’m a member too. And as I discovered when I was hacked last year, my experience was distressingly commonplace. And yet while being hacked may be increasingly familiar, it isn’t getting any less stressful or confusing. It’s hard to know what to do, or where to begin, immediately afterward. Whether you were hacked, phished, had malware installed or just don’t know what the heck happened but there’s somebody all up in your e-mail, here are a few good first steps to take following an incident. This is by no means comprehensive, but it’s a good start. Ask Yourself WhyWhile you are fixing things, it’s a good time to take a step back, and ask yourself a more basic question: What was the reason for the breach? If it was your bank account, the answer may be obvious. In other cases, such as e-mail, it can be for a host of reasons — from using it to send spam, to requesting money from your contacts, to getting password resets on other services. …

Read More →
Modern businessman

The Directors Guide to Cyber Security

You have a firewall, anti-virus installed on each computer, security policies, and the best ITsecurity operations people taking care of your organisation’s cyber security. Everything isunder control, right? Think again. Sony Pictures, The Office of Personnel Management, Ashley Madison, and Targetalso had all of these, yet each was vulnerable to cyber-attacks so damning that the CEOs wereforced to resign. Having to replace a CEO whilst in crisis mode is a challenge for any board,but it gets worse, much worse. Consider if you were on the board of a company that had suffered a $252 million loss as theresult of a cyber-attack. How do you imagine shareholders and customers would react to thatkind of loss? What impact would that have on your conscience? That’s the loss that Targetfaced, resulting in shareholders ousting the board of directors. Imagine waking one morningto discovering your unblemished record of career excellence tarnished by a cyber-attack.What each of these companies failed to have, which could have reduced the risk of cyberattack to within the organisation’s risk appetite, was a board that was engaged and playing a small, but necessary role in combating cyber-attacks. To date, most boards have been passive with respect to cyber security simply …

Read More →
joel-filipe-jU9VAZDGMzs-unsplash

New CORIE Framework by the Council of Financial Regulators for APRA-regulated financial institutions

A new framework by the Council of Financial Regulators requires APRA-regulated financial institutions to attack themselves in a bid to uplift their cyber preparedness, as APRA orders urgent audits against CPS 234.

The #CORIE framework that has been launched will require banks, super funds and other financial institutions to organize independent red team attack simulations.

Read More →

Already know what you are after?

Get a quick quote from our consultants.

Scroll to Top