The Zero Trust Model: Security Inside and Out (Part 2)
Blog posts • Feb 26, 2020 11:53 UTC
Part 2 of “The Zero Trust Model: Security Inside and Out” provides guidance around how to gain stakeholder support to adopt the Zero Trust security model.
Blog posts
Tags
The Zero Trust Model: Security Inside and Out (Part 1)
Blog posts • Feb 17, 2020 17:21 UTC
Could trusting no one be the key to data security? In this two-part series, we’ll examine how a Zero Trust model removes implicit trust in the traditional “trust but verify” model, as well as give insight into: • Advantages of the Zero Trust model • Guidance around implementing Zero Trust within your organization • Potential roadblocks and how to secure stakeholder support
Three Things we (Still) Care About in 2020
Blog posts • Jan 20, 2020 10:13 UTC
January is a time for reflection, which most companies try to tap into by spamming you with predictions for the upcoming year, New Year’s resolutions and new solutions to old problems. My marketing department have convinced me to jump on the bandwagon, however ...
Which security framework is right for you?
Blog posts • Jan 15, 2020 23:59 UTC
One of the problems that cyber security stakeholders face is the overabundance of tools and processes. Just Google “firewall providers” and you are deluged with information; replace firewall with any other tool (anti-virus, phishing simulation, intrusion detection system, and the like) and the results are similar.
Lessons from blockbusters: What Hollywood can teach us about cyber security
Blog posts • Dec 18, 2019 21:57 UTC
Few things capture the imagination like movies. From epic dramas to tearful romances, from everyday travails to futuristic science fiction, from chilling horror to feel-good comedy, Hollywood is our great escape into the land of make believe. Here are some of my favorite movies, the lessons they taught us as moviegoers, and the lessons that translated for me as a cyber security consultant.
Trust, but verify (your third-party vendors)
Blog posts • Dec 11, 2019 16:48 UTC
For a company focused on core operations and meeting the needs of its stakeholders, it makes financial sense to handover non-core functions to third-party vendors. Unfortunately, this introduces a whole new element of risk in the company’s ecosystem – third party risk, of which cybersecurity is a critical component.
A technical review of connected toy security
Blog posts • Dec 10, 2019 05:19 UTC
Matt Lewis explains more on the assessment undertaken for the consumer choice organisation Which? to assess the security of seven popular electronic and connected toys in the run up to Christmas 2019.
Virtual Payment Cards, in scope or out-of-scope for PCI DSS?
Blog posts • Dec 08, 2019 19:02 UTC
With increased demand for virtual card capabilities from Australian businesses, merchants and service providers, we keep being asked by our customers whether virtual payment cards are subject to Payment Card Industry Data Security Standard (PCI DSS). If they are, what would be the impact and their obligation against the payment standard? Mohammad Daneshvar explores...
The best way to improve your cyber security? Outline where you are now and roadmap to your target state.
Blog posts • Dec 04, 2019 18:16 UTC
As anyone working in cyber security knows, 100% threat prevention/mitigation is a myth. One question we hear time and time again is, “how much security is enough?” Sourya Biswas explains why there are so many different ways to answer this...