News & Thoughts from the Axenic Team
When you hear certification and accreditation (C & A) you might immediately think of heaps of documents, long meetings, and ticking boxes.
Honestly yes, it can feel like a chore, and just something you do to keep the executives and auditors happy.
But if that is all C & A is to your organisation, then you’re missing the real point.
You may have seen in recent news a hack of service provider Collins Aerospace, a provider of baggage and check–in services to several airports in Europe. I was getting ready to travel at the time and was flying out through London Heathrow airport (one of the affected airports), so I kept tabs on the developments. I wanted to be able to adjust my travel plans in case flights out of Heathrow were cancelled or delayed. An announcement on the airline website showed that all services were running normally, but I made plans to get there a little earlier than usual… just in case. 
Recently, Qantas found itself in the spotlight—not because of a direct breach to its own systems, but because one of its third-party providers was compromised. This incident is a timely reminder that, your security is only as strong as the weakest link in your supply chain. As someone who recently travelled with Qantas, this incident was an eye-opener for me as well.
We’re pleased to share that Axenic has been accepted onto the Department of Internal Affairs (DIA) Trust Framework Authority (TFA) panels as an independent evaluator for both the security and privacy panels.
This appointment recognises our deep expertise in information security and privacy assurance, and Axenic’s continued contribution to building trusted digital services in Aotearoa.
A few years back, we kicked off our own internal lightning talks—our way of having a good old geek-out over cybersecurity topics that get our Governance, Risk, Assurance, and Compliance brains buzzing. Think of it as a slightly more structured version of those deep and meaningful yarns we used to have around the office coffee machine… before COVID did its thing and made us all experts in online meetings awkwardness instead.
These blogposts are not written by one team member. The content is provided to you by the whole Axenic Team – or whomever attended on the day.
Always remember this -> Without ambition, one starts nothing. Without work, one finishes nothing. The prize will not be sent to you. You have to win it – Ralph Waldo Emerson.
If you’re reading this blog, you probably already have some experience with security standards and certifications – maybe you even hold a few yourself. In this blog, I will shed some light on my own journey to gain the QSA qualification and break down the steps I took to make this happen.
