Latest Blog.
PSPF Direction on Technology Risk Management
|In July, Home Affairs issued a Direction under the Protective Security Policy Framework (PSPF) requiring Non-Corporate-Commonwealth Entities to conduct a stocktake and develop a Technology Risk Management Plan for all their internet-connected assets ...
PSPF Direction on Foreign Ownership, Control or Influence
|On 8th July 2024, Home Affairs Secretary, Stephanie Foster PSM, issued three Protective Security Directions under the Protective Security Policy Framework (PSPF) which every Commonwealth Non-Corporate Entity is required to implement. The fact that...
Australian Organisations Take Note: Countering PRC State-Sponsored Cyber Threats
|The Australian Cyber Security Centre (ACSC) is urging Australian organisations to be vigilant against cyberattacks by state-sponsored actors of the People’s Republic of China (PRC). A joint Cybersecurity Advisory (CSA) issued in February by the A...
SIGBox Secure View: Enhanced Security for Sharing PROTECTED Classified Data
|Australian government agencies operate in an ever-changing digital world where collaboration is crucial. Data loss protection is essential when sharing necessary information with external partners, like law enforcement, external contractors working o...
Essential Eight and Legacy Systems
|In the many discussions I’ve had with our agency customers around their efforts to implement Essential Eight security, the most common obstacle encountered is deploying the strategies on the legacy systems remaining in their environments. By ‘...
Sovereign Cloud and AI: Where do I want my data stored?
|In 2006, Clive Humbly coined the term, “Data is the new oil.” Today, data and the significance of where and how it is stored, processed, and managed cannot be overstated. As an Australian, my preference would always be for data to be retained wit...
Safeguarding Against Cyber Supply Chain Compromises: Lessons from the XZ Utils Attack
|The recent cyber-attack on XZ Utils, a popular software used for file compression, underscores the escalating threat landscape targeting software supply chains. The breach, which involved malicious code inserted into the software’s updates, exposed...
Beyond the Essential Eight (E8) – where to from here?
|As the Australian government moves towards its next phase of the Cyber Security Strategy and consults industry to make legislative reforms, some quiet debate remains within government and industry circles about replacing the nation’s Essential Eig...
Developing Australia’s Defence Industry Base Report
|Today at the National Press Club the Sovereign Australian Prime Alliance (SAPA) launched a new report that sets out the pathway for creating Australian Headquartered businesses and highly skilled jobs in shipbuilding, cyber defence, space, missiles, ...
Reducing the risk of supply chain data breaches
|If you are sharing government data with third party service providers, are you certain that information remains secure, even if the sharing is for legitimate government approved purposes? Amid the increased cyber security threats facing Australian...