Tag:risk management

1
Do you have a weak link in your supply chain?
2
The Essential Eight: Strategies for Security for Commonwealth Government Agencies
3
Australian Government Contractor Data Breach
4
Update everything: Discovery of Wi-Fi flaw in connected devices
5
Deloitte hack: Big four cyber-security advisor takes a hit
6
Equifax data breach: 143 million records exposed but senior executives not told immediately?
7
Security incidents high, confidence to manage them low. Really? We did see this coming – why aren’t we better prepared?
8
Gartner: Worldwide spending on information security to reach $93 billion in 2018
9
Together we are stronger – Australia and Singapore partner up on cybersecurity
10
Old-school data breach sees hospital investigated

Do you have a weak link in your supply chain?

By Cameron Abbott and Keely O’Dowd

Nausicaa Delfas, Executive Director and Chief Operating Officer at the Financial Conduct Authority (UK) recently presented a speech at the Cyber Security Summit and Expo 2017 in London.

During her speech, Ms Delfas cited an issue that often comes up in her conversations with firms, business people or leaders – how to manage risk that ‘lies beneath the surface’.

Read More

The Essential Eight: Strategies for Security for Commonwealth Government Agencies

By Cameron Abbott, Keely O’Dowd and Olivia Coburn

The Federal Parliament’s Joint Committee of Public Accounts and Audit, tasked with inquiring into the cyber resilience of certain Commonwealth entities has recommended that all such entities adopt a cyber security mitigation strategy called the Essential Eight.  The Committee made this recommendation in its Report 467: Cybersecurity Compliance Inquiry based on Auditor-General’s report 42 (2016-17) (Report). Tarantino’s Hateful Eight is perhaps a little more convoluted than these simple touchstones of good practice. The Essential Eight are good reading for all enterprises, not just government agencies.

Read More

Australian Government Contractor Data Breach

By Cameron Abbott, Allison Wallace and Olivia Coburn

The personal details of almost 50,000 Australians have been published online by a third party government contractor, who is yet to be identified. And I guess you would feel a little shy about owning up to this one!

Read More

Update everything: Discovery of Wi-Fi flaw in connected devices

By Cameron Abbott, Rob Pulham and Olivia Coburn

A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.

The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.

Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.

Read More

Deloitte hack: Big four cyber-security advisor takes a hit

By Cameron Abbott and Olivia Coburn

“Big four” accounting and consulting firm Deloitte revealed on Monday that it was targeted by a hack that exposed its email system and client records.

Although Deloitte has not yet provided details on the full extent of the breach, it confirmed that the information accessed includes confidential emails and plans of some of its blue-chip clients. It also said that “very few” clients were affected.

Read More

Equifax data breach: 143 million records exposed but senior executives not told immediately?

By Cameron Abbott and Olivia Coburn

Equifax has joined Yahoo on the podium for the award no one wants: suffering one of the largest data breaches in history.

Equifax, one of the three largest US credit reporting agencies, announced last week that it suffered a cybersecurity incident potentially impacting 143 million US consumers –  a figure comprising of roughly 55 per cent of Americans aged 18 years or older. Some UK and Canadian residents are also affected.

Read More

Security incidents high, confidence to manage them low. Really? We did see this coming – why aren’t we better prepared?

By Cameron Abbott and Olivia Coburn

RiskIQ, a US-based cyber security company, has reported that 40% of businesses surveyed in the US and the UK have experienced 5 or more significant security incidents in the past 12 months. Significant incidents include malware, targeted attacks, mobile exposures, rogue mobile apps, website or brand abuse, phishing and social impersonation.

RiskIQ, through IDG Connect, also surveyed the confidence of corporate decision-makers in their ability to handle and mitigate cyber threats. Their report, 2017 State of Enterprise Digital Defense Report, reveals that nearly two-thirds of respondents had no to modest confidence in their ability to manage digital threats.

Read More

Gartner: Worldwide spending on information security to reach $93 billion in 2018

By Cameron Abbott and Olivia Coburn

Global spending on information security products and services will reach $86.4 billion this year, according to US-based technology research and advisory firm Gartner, Inc.

This figure is an increase of 7 per cent over 2016, and is expected to grow to $93 billion in 2018.

Read More

Together we are stronger – Australia and Singapore partner up on cybersecurity

By Cameron Abbott and Allison Wallace

A freshly inked Memorandum of Understanding between Australia and Singapore will see the two countries strengthen their cybersecurity through a joint effort to build a secure and resilient cyber space.

The two-year partnership which was signed last week, will see Singapore’s Cyber Security Agency work with the Australian government to conduct regular information exchanges on cyber threats, share best practices to promote innovation in cyber security, and build cyber security capabilities. Read More

Old-school data breach sees hospital investigated

By Cameron Abbott and Allison Wallace

While health institutions around the world work to secure patients’ personal information and prevent the hacking or leaking of data from their systems, one Melbourne hospital is being investigated after medical records were found lying in a gutter in a nearby street.

Fairfax Media reports Australia’s Privacy Commissioner Timothy Pilgrim is investigating how the paper records of 31 patients of the John Fawkner Private Hospital were removed from the premises last month.

The documents, which were found by a local resident, were sent to both the Privacy Commissioner, and Victoria’s Health Complaints Commissioner.

Under current legislation, there is no obligation for the hospital to notify the affected patients that their privacy has been breached. All this will change under the new data breach notification laws, which were passed by the Australian government last month, and are expected to come into force within the next 12 months.

This breach is a timely reminder for all businesses, government agencies and other organisations covered by Australia’s privacy laws to take stock of how they store personal information – whether it be in a filing cabinet, on a hard-drive, or in a cloud – and ensure it is secure.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.