Of Mice and Coin
15 June 2021
elevenM’s Peter Quigley takes a closer look at what Australia can do in the face of a modern scourge – ransomware – as governments up the ante against the threat.
News round-up February 2021 — Downplaying data breaches, escalating ransomware tactics and “there’s something in the water”
11 February 2021
Once again, privacy and data breaches are in the news this month, with the OAIC saying that organisations are downplaying them. There’s a general trend of regulators and law enforcement stepping up this month, with historic decisions by the OAIC, the FTC and the Norwegian Data Protection Agency, and a crackdown on the notorious Emotet botnet.
The five trends driving ransomware tactics
12 January 2021
Ransomware attacks continued to increase in 2020, and 2021 looks set to follow the trend. Unfortunately, the past 12 months has seen substantial evolution in ransomware tactics, as attackers look
News round-up Nov 2020 – Privacy Act review, ICO fines British Airways £20m over data breach and more
5 November 2020
Privacy is well and truly in the frame this month – not least because of the Government’s review of the Privacy Act. It’s a big deal and we’ll have a bit to say about it – starting with our summary below. As the number of COVID-19 cases ease, attention is now also shifting towards the privacy provisions of COVID-19 check-in services. And turning to cyber, if you felt ransomware wasn’t nasty enough, attackers have dug deep and found more evil to draw on.
News round-up Oct 2020 — Update on ServiceNSW databreach, Twitter upping its security game, and more
1 October 2020
It’s in the nature of this game that there’ll always breaches and bungles, so increasingly it matters how you respond. And in our eyes, some recent response actions are worth commending. The NSW Government opened up on how it might have prevented the Service NSW breach, while Twitter laid out how it is upping its internal security game after a hack in July. We also explore if NAB’s step into the world of bug bounties sets a new bar for security maturity.
News round-up July 2020 — European court decision on international data transfers, software vulnerabilities, and more
31 July 2020
This month saw some big plays in the world of privacy – most notably the striking down by a European Court of a mechanism for international data transfers. We look at the implications for Australia organisations coming out of the judgement. This month we’re also reminded of the inherent vulnerability of software via stories about backdoors in Chinese tax software, a flood of critical patches released for popular enterprise software products and, of course, more yarns about ransomware.
News round-up June 2020 — PM’s cyber strategy announcement, ransomware attacks and email scammers
30 June 2020
“Imagine if we could get the Prime Minister to yell ‘cyber’?”
Security leaders preparing to go cap-in-hand for FY21 budgets could only have dreamed of the platform their portfolios would get this month. In this month’s round-up we take a look at the PM’s announcement, and watch as ransomware and business email compromise jostle for the mantle of most damaging cyber threat.
News round-up May 2020 — Ransomware formally registered as business risk and security report on cyber attackers
31 May 2020
In our latest round-up, we get a fresh angle on some familiar threats. The rise of ransomware over recent years has seen it elevated as a formally registered business risk, while new research seeks to explain why phishing continues to work so well. A new security report also gives us insight into what’s motivating cyber attackers, and into one of the fastest growing reasons that data breaches are occurring.
News round-up April 2020 — Privacy and security issues with COVID-19
30 April 2020
COVID-19 is creating a heady and swirling vortex of news, information and disinformation. In this edition we cut through to the key privacy and security issues of the pandemic, including the Government’s contact tracing app and the new risks and scams that security leaders need to be thinking about. We also check in on how cybercriminals are attending to business-as-usual.
2019 end of year wrap
18 December 2019
It’s the end of another year (and another decade). Close out your final tasks, prepare for the inevitable summer feasting, and join us as we recap five cyber security and
Top tags
Tags
#privacy
ACCC
AI
AI governance
APP
APRA
Artificial intelligence
Australia’s Privacy Act 1988
ciso
cloud
compliance
consent
covid-19
CPO
CPS234
CYBER
cyber risk
cyber security
Cybersecurity
cyber threats
data breach
databreach
data governance
data minimisation
data processing inventories
data processing inventory
GDPR
General Data Protection Regulation
governance
iapp
law reform
Mandatory Data Breach Notification
oaic
personal information
Privacy
privacy act
privacy reform
ransomware
regulation
risk
risk management
supplier
technology
trust
vulnerabilitymanagement