Integrating Australian Government Investigation Standards into cyber incident response

by Kat McCrabb | Mar 25, 2025 | Resilience

Aligning cyber security incident response with the Australian Government Investigation Standards (AGIS) helps support prosecutions. This blog post outlines how organisations can integrate AGIS into their incident response capabilities to support lawful investigations,...

Cyber security responsibilities and accountabilities for Australian directors

by Kat McCrabb | Mar 18, 2025 | Compliance Governance Privacy Resilience

Regulatory bodies, including ASIC, APRA, and the AICD, emphasise the need for directors to actively oversee cyber resilience. Failure to do so can result in legal, financial, and reputational consequences. This article outlines the responsibilities of Australian...

Managing third-party risks: approaches and best practices

by Kat McCrabb | Mar 11, 2025 | Governance

Third-party relationships introduce significant risks across cyber security, procurement, legal, privacy, data governance, and HR. Organisations must adopt structured approaches to mitigate third-party risks while maintaining operational efficiency. This table...

Tactics of leading cybercriminal groups against the MITRE ATT&CK framework

by Kat McCrabb | Mar 4, 2025 | Compliance Resilience

Cybercriminal groups continue to refine their tactics, techniques, and procedures (TTPs), many of which align with the MITRE ATT&CK framework—a globally recognised model for understanding adversary behaviour. To counter these evolving threats, organisations need...

Legal, Contractual and Cyber Risks of Unsupported Operating Systems

by Kat McCrabb | Feb 25, 2025 | Compliance Governance Resilience Uplift

With Windows 10 reaching end of support, organisations face growing cyber security threats and compliance risks. Unsupported systems no longer receive security patches, making them vulnerable to exploits. Businesses operating in regulated industries must also consider...