Latest Blog.
Government agencies get SASE on security and flexible working
|When COVID-19 struck, we quickly became grounded and more restricted in how we could move and travel, with the important exception of moving from the office to the home office for roles that could do so. But the same hasn’t been true for the app...
Demystifying Zero Trust for Government
|In Home Affairs recent publication of the 2023-2030 Australian Cyber Security Strategy, they have stated “We will also draw on internationally recognised approaches to zero trust, aiming to develop a whole-of-government zero trust culture.” Furth...
PSPF Direction on Technology Risk Management
|In July, Home Affairs issued a Direction under the Protective Security Policy Framework (PSPF) requiring Non-Corporate-Commonwealth Entities to conduct a stocktake and develop a Technology Risk Management Plan for all their internet-connected assets ...
PSPF Direction on Foreign Ownership, Control or Influence
|On 8th July 2024, Home Affairs Secretary, Stephanie Foster PSM, issued three Protective Security Directions under the Protective Security Policy Framework (PSPF) which every Commonwealth Non-Corporate Entity is required to implement. The fact that...
Australian Organisations Take Note: Countering PRC State-Sponsored Cyber Threats
|The Australian Cyber Security Centre (ACSC) is urging Australian organisations to be vigilant against cyberattacks by state-sponsored actors of the People’s Republic of China (PRC). A joint Cybersecurity Advisory (CSA) issued in February by the A...
SIGBox Secure View: Enhanced Security for Sharing PROTECTED Classified Data
|Australian government agencies operate in an ever-changing digital world where collaboration is crucial. Data loss protection is essential when sharing necessary information with external partners, like law enforcement, external contractors working o...
Essential Eight and Legacy Systems
|In the many discussions I’ve had with our agency customers around their efforts to implement Essential Eight security, the most common obstacle encountered is deploying the strategies on the legacy systems remaining in their environments. By ‘...
Sovereign Cloud and AI: Where do I want my data stored?
|In 2006, Clive Humbly coined the term, “Data is the new oil.” Today, data and the significance of where and how it is stored, processed, and managed cannot be overstated. As an Australian, my preference would always be for data to be retained wit...
Safeguarding Against Cyber Supply Chain Compromises: Lessons from the XZ Utils Attack
|The recent cyber-attack on XZ Utils, a popular software used for file compression, underscores the escalating threat landscape targeting software supply chains. The breach, which involved malicious code inserted into the software’s updates, exposed...
Beyond the Essential Eight (E8) – where to from here?
|As the Australian government moves towards its next phase of the Cyber Security Strategy and consults industry to make legislative reforms, some quiet debate remains within government and industry circles about replacing the nation’s Essential Eig...