Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Blogs June 30, 2023 Metrics’ role in cyber transformation We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the information that matters. But with so many data points available to measure security, it is difficult to know where to begin. Security practitioners must constantly question what data they collect and why. Only by providing relevant measures can we… Blogs June 19, 2023 A Guide to pen testing and red teaming: What to know now Penetration testing and red teaming are essential cybersecurity practices that bolster an organisation’s security posture by uncovering vulnerabilities within their systems, networks, and people or business processes. These methodologies have distinct objectives, scopes, approaches and technologies employed. Blogs June 30, 2023 A house divided: Key differences in cybersecurity implementation for IT and OT This blog post was authored by Justin Turner - Director, Security and Privacy on the technology insights blog. Anyone who has spent a significant amount of time in any U.S. state where college football is popular, has likely seen a “house divided” bumper sticker or license plate cover, with contrasting university logos. Many of us (and our friends and families) enjoy spirited rivalries (Roll… Flash Report March 3, 2021 Virginia Becomes the Second State to Enact Consumer Privacy Law The Commonwealth of Virginia passed the Consumer Data Protection Act (CDPA) into law on March 2, 2021, following overwhelming bipartisan support for a state consumer privacy law. The November 2020 election results provided the much needed impetus to strengthen consumer privacy for the Commonwealth of Virginia. State officials wasted no time in introducing the privacy bill. Now that the… Whitepaper January 29, 2018 China’s Cybersecurity Law and its Impacts - Key Requirements Businesses Need to Understand to Ensure Compliance On June 1, 2017, China’s Cybersecurity Law went into effect, marking an important milestone in China’s efforts to create strict guidelines on cyber governance. Long before the Cybersecurity Law took effect, China had already made some efforts to strengthen information security. For example, a white paper titled The Internet in China, published in 2010, served as an early guide to China’s policy… Blogs April 6, 2023 3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem DevSecOps is an organisational software engineering culture and practice that aims at unifying software development (Dev), application security (Sec), and operations (Ops). The main characteristic of DevSecOps is to monitor and apply security at all phases of the software lifecycle: Planning, development, integration, delivery, deployment and production. Looking at DevSecOps through an IT… Blogs April 12, 2023 Australia’s Privacy Act is fundamentally changing: What this means for your organisation Background On 16 February 2023, the Attorney-General’s Department released its Privacy Act Review Report (the Report) following a two-year review of the Privacy Act 1988 (Cth) (the Act). The Report contains 116 recommended amendments to the existing Act to strengthen the protection of personal information and the control individuals have over their information. If accepted and adopted, the… Blogs April 21, 2023 Enhancing cyber capabilities using a threat-driven strategy Senior leaders focused on cybersecurity recognise there is considerable guidance, best practices, frameworks, regulations and varied opinions on how programmes should design defensive capabilities. In addition, depending on the day, the various pressures in the organisation’s macro-environment may be greater or lesser and invite different priorities for time, team and budget. Despite… Blogs April 19, 2023 Achieving Diversity’s Benefits in Cybersecurity Could any security organisation benefit from greater innovation? Or from responding more effectively to diverse internal customers? How about benefitting by retaining the talent its leaders have so carefully nurtured, by accessing more diverse capabilities, or by improving problem-solving capabilities within the team? Blogs May 5, 2023 Creating a resilient cybersecurity strategy: The governance lifecycle approach Cybersecurity governance should do more than manage cyber risk. Good cybersecurity governance creates efficiencies by clarifying the outcomes expected from its processes and establishing boundaries of responsibility among cybersecurity practitioners, frontline operational areas, senior leaders and board members. Recently, numerous crises have drawn senior leaders and board members down… Load More
