Cyber Security - Year In Review 2023

$2k to avoid being another Optus

In Brief: Cyber updates to the Critical Infrastructure Bill

Report: The 2022 State of Email Security

Threat Advisory: Okta Compromise

How the ACSC Essential Eight can protect against supply chain attacks

Updates to the ISO 27001 certification standard: What you need to know

Cybersecurity Risk Issues: Where do Executives Rank Cyber Risk Now, and in 2030?

In The News: Ensuring IT Security as Threats Evolve

How do you know when it's time to uplift your cybersecurity efforts?

Six reasons why Australian businesses should use a Managed Security Services Provider

In the news: Why zero trust is critical in the modern hybrid workplace

The Year That Was: Updates and Observations from 2021

Threat Advisory: Java Library Vulnerability 'Log4Shell' Exploited

Threat Advisory: Office 365 and Office 2019 on Windows 10

Understanding Your Outsourced Providers: IT Security MSSPs vs IT MSPs

Regulating Ransomware Payment Reporting: What Do You Need to Know?

Actionable Insights from the Verizon 2021 DBIR

Planning your Cyber Strategy for 2021? Here’s What You Need to Know:

Cyber Security Learnings 2020: Tips From the Frontline

Ransomware 2020: Costs, Risks, and Realities.

The New Normal: The Security Risks of Future Remote Working

Should your business holiday season preparations include a pentest?

Twitter Hack Root Cause Applies Equally to Enterprise Systems

A Primer on Single Sign-on

Zoom's (Sensationalism-Free) Cyber Security Posture

Security Analytics Repurposed for COVID-19 Monitoring

The Dangers of Outsourced Development (and the 'AntiHack' Function)

There is no Magic Bullet for your Cyber Security Risks

Why Cyber Insurance Cannot Replace a Mature Security Posture

Intro to Injection Vulnerabilities and the OWASP Top 10

How inappropriate use of Office 365 is increasing NDB exposure

The PSPF and ISM Undergo Major Revisions

Formula 1, Cyber Vendors and Selling Fences

Security Fundamentals - Part 3: Controlling Admin Privileges

A Security Conscious Cohort - Part 1: Defining a New Norm

Management Buy-In - Part 1: Why You Need It

Christmas Turkeys and Cyber Security Aren't That Dissimilar

Hiding in plain sight: Preventing data exfiltration via DNS tunnelling

Security Fundamentals - Part 2: Managing Hardware and Software Assets

Are you aware of your risk profile?

Bits of Entropy - The Importance of Complex Passwords

Are you giving cyber security the attention it deserves?

In Europe for GDPR – Comparing it to Australia’s Privacy Act NDB

Documentation Provides Security Value

Why multi-factor authentication is worthwhile

WannaCry: Nothing New Here Apart from a Catchy Name

Security Fundamentals - Part 1 Do this before buying your next product

Top 5 Risks a Penetration Test Might Uncover

What does the eBay hack and Jeremy Clarkson have in common?

Security Centric joins PCI QSA program, but for different reasons

Complete Heartbleed Protection in Under 36 Hours From Discovery

Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe to Updates