Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Blogs June 30, 2023 Metrics’ role in cyber transformation We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the information that matters. But with so many data points available to measure security, it is difficult to know where to begin. Security practitioners must constantly question what data they collect and why. Only by providing relevant measures can we… Blogs June 19, 2023 A Guide to pen testing and red teaming: What to know now Penetration testing and red teaming are essential cybersecurity practices that bolster an organisation’s security posture by uncovering vulnerabilities within their systems, networks, and people or business processes. These methodologies have distinct objectives, scopes, approaches and technologies employed. Blogs June 30, 2023 A house divided: Key differences in cybersecurity implementation for IT and OT Anyone who has spent a significant amount of time in any U.S. state where college football is popular, has likely seen a “house divided” bumper sticker or license plate cover, with contrasting university logos. Many of us (and our friends and families) enjoy spirited rivalries (Roll Tide vs. War Eagle, The Egg Bowl, Bedlam, The Backyard Brawl, “The Game”). But we’re fundamentally not all that… Blogs October 5, 2023 Australia’s Privacy Act is fundamentally changing: What this means for your organisation On the 28th of September, the Australian Government released its long-awaited response to the Attorney General’s Privacy Act Review Report. The Government response outlines its stance across the 116 proposals put forward by the Attorney General. In May, we originally published our article analysing the proposed changes that we believe will be most impactful for our clients, we have updated the… Blogs April 21, 2023 Enhancing cyber capabilities using a threat-driven strategy Senior leaders focused on cybersecurity recognise there is considerable guidance, best practices, frameworks, regulations and varied opinions on how programmes should design defensive capabilities. In addition, depending on the day, the various pressures in the organisation’s macro-environment may be greater or lesser and invite different priorities for time, team and budget. Despite these… Blogs April 19, 2023 Achieving Diversity’s Benefits in Cybersecurity Could any security organisation benefit from greater innovation? Or from responding more effectively to diverse internal customers? How about benefitting by retaining the talent its leaders have so carefully nurtured, by accessing more diverse capabilities, or by improving problem-solving capabilities within the team? Blogs July 14, 2023 Smart contracts part 1: What is a smart contract? In recent years, there’s been considerable talk of blockchain and its use cases in the business world. While some of these topics have specific use cases – metaverse, decentralised finance, etc – there is one topic that underpins everything in the blockchain and decentralised space: smart contracts. Smart contracts are behind-the-scenes applications that route data, track changes and settle… Blogs July 14, 2023 Cybersecurity risk assessments vs. gap assessments: Why both matter As cybersecurity incidents continue to make headlines, whether involving the breach of sensitive information or the halting of an enterprise’s operations, cybersecurity risks remain top of mind for many organisations. To this end, organisations are continuously seeking to validate their cybersecurity defenses in protecting their assets and mitigating cybersecurity risks. Blogs November 3, 2023 Tackling gender bias: Women in cybersecurity Cybersecurity is distinguished not only by a talent shortage but also by having a predominantly male workforce. Women are in the minority on most cybersecurity teams that have women at all, so when they experience gender bias, they’re likely to be isolated. Flash Report July 31, 2023 SEC Cybersecurity Disclosure Enhancements: Efforts to Boost Investor Confidence On 26 July 2023, the U.S. Securities and Exchange Commission (SEC) adopted amendments1 to its rules on cybersecurity risk management, strategy, governance and incident reporting by public companies subject to the reporting requirements of the Securities Exchange Act of 1934. The SEC’s view is that cybersecurity threats and incidents pose an ongoing risk to public companies, investors and market… Load More
