by Kat McCrabb | Mar 18, 2025 | Compliance Governance Privacy Resilience
Regulatory bodies, including ASIC, APRA, and the AICD, emphasise the need for directors to actively oversee cyber resilience. Failure to do so can result in legal, financial, and reputational consequences. This article outlines the responsibilities of Australian...
by Kat McCrabb | Mar 4, 2025 | Compliance Resilience
Cybercriminal groups continue to refine their tactics, techniques, and procedures (TTPs), many of which align with the MITRE ATT&CK frameworkâa globally recognised model for understanding adversary behaviour. To counter these evolving threats, organisations need...
by Kat McCrabb | Feb 25, 2025 | Compliance Governance Resilience Uplift
With Windows 10 reaching end of support, organisations face growing cyber security threats and compliance risks. Unsupported systems no longer receive security patches, making them vulnerable to exploits. Businesses operating in regulated industries must also consider...
by Kat McCrabb | Feb 4, 2025 | Compliance Governance Resilience
Australia’s proposed Cyber Incident Review Board (CIRB) aims to enhance national cyber resilience. The draft rules outline the Board’s structure and functions, but the requirement for Ministerial approval of Terms of Reference raises concerns about...
by Kat McCrabb | Jan 22, 2025 | Compliance Governance Uplift
Winning Australian government tenders demands more than offering value for money – it requires strict compliance with security standards. The Information Security Registered Assessors Program (IRAP) has become a cornerstone for organisations aiming to secure...
by Kat McCrabb | Dec 18, 2024 | Compliance Governance Uplift
The Essential 8, developed by the Australian Cyber Security Centre (ACSC), provides a baseline of mitigation strategies to defend against cyber threats. Many organisations are obliged to implement the Essential 8 to a specific maturity level. The Essential 8 comprises...
