Cyber security responsibilities and accountabilities for Australian directors

by Kat McCrabb | Mar 18, 2025 | Compliance Governance Privacy Resilience

Regulatory bodies, including ASIC, APRA, and the AICD, emphasise the need for directors to actively oversee cyber resilience. Failure to do so can result in legal, financial, and reputational consequences. This article outlines the responsibilities of Australian...

Managing third-party risks: approaches and best practices

by Kat McCrabb | Mar 11, 2025 | Governance

Third-party relationships introduce significant risks across cyber security, procurement, legal, privacy, data governance, and HR. Organisations must adopt structured approaches to mitigate third-party risks while maintaining operational efficiency. This table...

Tactics of leading cybercriminal groups against the MITRE ATT&CK framework

by Kat McCrabb | Mar 4, 2025 | Compliance Resilience

Cybercriminal groups continue to refine their tactics, techniques, and procedures (TTPs), many of which align with the MITRE ATT&CK framework—a globally recognised model for understanding adversary behaviour. To counter these evolving threats, organisations need...

Legal, Contractual and Cyber Risks of Unsupported Operating Systems

by Kat McCrabb | Feb 25, 2025 | Compliance Governance Resilience Uplift

With Windows 10 reaching end of support, organisations face growing cyber security threats and compliance risks. Unsupported systems no longer receive security patches, making them vulnerable to exploits. Businesses operating in regulated industries must also consider...

Preparing organisations for AI: data governance, security, and privacy

by Kat McCrabb | Feb 18, 2025 | AI Privacy Uplift

Artificial intelligence (AI) presents significant opportunities for organisations, but without the right foundations, risks related to data quality, security, and privacy can outweigh the benefits. Poor data governance can lead to inaccurate insights, security gaps...