News & Thoughts from the Axenic Team
Always remember this -> Without ambition, one starts nothing. Without work, one finishes nothing. The prize will not be sent to you. You have to win it – Ralph Waldo Emerson.
If you’re reading this blog, you probably already have some experience with security standards and certifications – maybe you even hold a few yourself. In this blog, I will shed some light on my own journey to gain the QSA qualification and break down the steps I took to make this happen.
With the fast-paced business style, organisations nowadays heavily rely on third parties such as vendors, suppliers, logistics partners, cloud services providers, etc. These partnerships can offer great benefits but also could expose your organisation to risks. That’s where third-party risk management (TPRM) comes into play. TPRM provides a structured approach to evaluating and mitigating these potential risks.
Ready to take control and protect your business? Let’s dive into the world of TPRM!
Integrating insights from threat modelling into your risk assessments enhances your security by helping you get a better view of your risks. While threat modelling is highly effective for helping to secure software systems, it is not as commonly used in broader risk assessments due to its specialised nature and focus on technical threats within software development.
When Chris Blunt and I started Axenic back in 2009, John Key was Prime Minister, Barack Obama had just become President of the USA and told Benjamin Netanyahu that he should freeze settlement construction in Gaza to enable movement towards a two-state solution, and a Royal Commission recommended that the 8 Auckland region local government bodies merge to form a “supercity”.
What does the recent report on Microsoft security mean?
In May-June 2023 a hacking group affiliated with the Chinese Ministry of State Security (known as Storm-0558) breached the email of several of Microsoft’s customers including the US State Department, the US Department of Commerce, several UK government organisations as well as customers in other countries. They also compromised the personal email accounts of key individuals involved in US relations with China.
