BLOG
In recent years, there has been an exponential growth in the number and subsequent damage of malicious cyber attacks, thus growing the need for CISO's. Their role is to form cyber security strategies and controls to manage these threats to avoid technical, financial, reputation and compliance risks and data breaches. The role of a CISO is vital in achieving and maintaining compliance requirements. No matter how big or small your business is, having a solid cyber security foundation is essential for all businesses; something which a CISO helps establish and maintain. A CISO will help establish and maintain this by...
Security is the number one focus and priority for organisations today. Moving to the cloud is a journey, and every organization is at different stages of this journey. However, moving to the cloud does not have to be a departure from existing systems and processes. In a fully integrated hybrid IT environment, the cloud becomes an extension of data centre and the policies through controlling it. Hybrid cloud strategies also offer security leaders a measured approach to moving to the cloud, allowing them to move business functions to the cloud only when they are confident that the service offers the...
You may have heard the term ‘zero trust’ being used more frequently these days within the world of security what exactly does this mean, and what practical steps can be taken for the mid sized enterprise? Zero Trust has evolved from a general trend which you may have noticed happening within the IT landscape over the last decade or so. Looking back, there was a time once where all the organisational IT assets were within what could be called the ‘perimeter’, i.e. your organisation would have IT assets in the offices and also within the data centre, which would contain...
Globally, there are numerous laws, regulations and other legal requirements for your organisation to protect the security and privacy of digital and other information assets aligned with the regulations apply to your specific industry. Your organisation is always Responsible and Accountable for your customers data safety. Across multiple territories and geographic locations, privacy laws and regulations require the implementation of measures to adequately protect Personal and Personally Identifiable Information (PII). This include protection from unauthorised access, modification, loss, amendment or alteration, with the failure to protect PII potentially resulting in legal challenges fines and imposed actions (including restrictions around the...
The Australian National Privacy Act of 1988 provides guidance and regulates how organisations collect, store, secure, process and disclose personal information. The National Privacy Principles (NPP) listed in the Privacy Act were developed to ensure that organisations holding personal information handle and process it responsibly. In march 2014, the revised Privacy Amendment Act introduced a set of new principles, focusing on the handling of personal information, now called the Australian Privacy Principles (APPs). This requires organisations to put in place SLAs, with an emphasis on security, that list the right to audit, reporting requirements , data locations permitted and not...