Cyber Security implications of IoT devices
Cyber Security
The Internet of Things (IoT) refers to the growing network of devices that are embedded with network connectivity, allowing them...
Enterprise Architecture: The foundation of good security
Cyber Security
Enterprise architecture can often be viewed as bringing order to a highly complex ICT portfolio and is thus unnecessary for...
Five simple things you should be doing to improve your online security
Cyber Security
Most of us are regularly exchanging data over networks with organisations, people and devices. With cyber-attacks becoming more common, strategic...
Ransomware and small business
Cyber Security
Small and medium-sized businesses (SMBs) make up 60% of the nation's cybercrime victims, and it's not hard to see why. SMBs are often unaware of the threats they face and are not sure how to defend themselves without spending a fortune. Unfortunately, these factors make them very likely victims of ransomware. Ransomware is a type of unwanted software that can...
Mitigating the insider threat
Cyber Security
Insider threats, or threats from your own users, are the number one concern for Australian organisations according to the 2015 Australian Centre for Cyber Security (ACSC) survey results. Organisations are increasingly losing control of high-value information. Extenuating factors include bring-your-own-device (BYOD) usage, the sending of sensitive information to external people, and the use of cloud applications and collaboration tools. These...
Phishing season or the weakest link
Cyber Security
Phishing is the action of exploiting human nature in order to acquire information for the purpose of identity theft, financial fraud or obtaining unauthorised access to sensitive information. A phishing attack is typically delivered in the form of an unsolicited email designed to lure a user into visiting a web site or to open an attached document. Typically, the link...
Risk and business continuity: compliance or good management
Cyber Security
Risk management and business continuity planning are often seen by organisations as distractions from their day-to-day business. Many organisations approach these areas as a compliance activity required to meet certain standards, because their clients expect them to have policies and procedures in place, or because senior management have said they need them. However, approaching risk and business continuity from this...
Incident History – to inform or to guess
Cyber Security
Many organisations spend large amounts of money hiring outside consultants to analyse risks to ICT systems. Surprisingly in almost all cases, consultants working in IT Security do not have access to all relevant data, including history of previous incidents, which is particularly important when conducting risk assessments. The lack of access to such data makes it extremely difficult to make...
Adversary Simulation – proactive security to the next level
Cyber Security
Organisations are continually investing in protecting and defending against substantial online threats. Significant levels of IT resources are being invested into costly technologies aimed at protecting against these new threats. Unfortunately, many of these investments fail to understand the methods of an external attacker and as a result fail to prevent a system breach. An external attacker has a number...
Ensure the right person is steering your security program
Cyber Security
Cyber Security attacks are on the rise at the same time as budgets for IT programs are undergoing cost cutting and efficiency measures. Now more than ever, businesses need to carefully consider their security expenditure to maximise the return on investment. Like any other area of the business, it is critical that the security program is in step with the...
Top