“New year, new you”, lets flip this and look at “New year, new cybersecurity”.
What are some of the assumptions and unconscious biases about cybersecurity that we can pull out and look at?
The Blog
Stay ahead: Strengthen your business with third-party risk management
With the fast-paced business style, organisations nowadays heavily rely on third parties such as vendors, suppliers, logistics partners, cloud services providers, etc. These partnerships can offer great benefits but also could expose your organisation to risks. That’s where third-party risk management (TPRM) comes into play. TPRM provides a structured approach to evaluating and mitigating these potential risks.
Ready to take control and protect your business? Let’s dive into the world of TPRM!
Boost Your Security: Integrate Threat Modelling Insights into Risk Assessments
Integrating insights from threat modelling into your risk assessments enhances your security by helping you get a better view of your risks. While threat modelling is highly effective for helping to secure software systems, it is not as commonly used in broader risk assessments due to its specialised nature and focus on technical threats within software development.
Plus ça change
When Chris Blunt and I started Axenic back in 2009, John Key was Prime Minister, Barack Obama had just become President of the USA and told Benjamin Netanyahu that he should freeze settlement construction in Gaza to enable movement towards a two-state solution, and a Royal Commission recommended that the 8 Auckland region local government bodies merge to form a “supercity”.
The CSRB, Microsoft, China and You
What does the recent report on Microsoft security mean?
In May-June 2023 a hacking group affiliated with the Chinese Ministry of State Security (known as Storm-0558) breached the email of several of Microsoft’s customers including the US State Department, the US Department of Commerce, several UK government organisations as well as customers in other countries. They also compromised the personal email accounts of key individuals involved in US relations with China.
The New NIST Cyber Security Framework Is Coming
We think that the new version of NIST’s Cyber Security Framework is a significant improvement. There’s one big change, but it is the lots of little changes that add up to a massive overall improvement. New Zealand organisations will still need to do some work to plug some of its idiosyncratic gaps, however.