“New year, new you”, lets flip this and look at “New year, new cybersecurity”.
What are some of the assumptions and unconscious biases about cybersecurity that we can pull out and look at?
Category: Blog
Plus ça change
When Chris Blunt and I started Axenic back in 2009, John Key was Prime Minister, Barack Obama had just become President of the USA and told Benjamin Netanyahu that he should freeze settlement construction in Gaza to enable movement towards a two-state solution, and a Royal Commission recommended that the 8 Auckland region local government bodies merge to form a “supercity”.
The CSRB, Microsoft, China and You
What does the recent report on Microsoft security mean?
In May-June 2023 a hacking group affiliated with the Chinese Ministry of State Security (known as Storm-0558) breached the email of several of Microsoft’s customers including the US State Department, the US Department of Commerce, several UK government organisations as well as customers in other countries. They also compromised the personal email accounts of key individuals involved in US relations with China.
The New NIST Cyber Security Framework Is Coming
We think that the new version of NIST’s Cyber Security Framework is a significant improvement. There’s one big change, but it is the lots of little changes that add up to a massive overall improvement. New Zealand organisations will still need to do some work to plug some of its idiosyncratic gaps, however.
Analysing Organisation – Wide Cybersecurity Health
Whenever our team works on a project for one of our clients, we are most likely performing a risk assessment for a single information system. The purpose of this is for the organisation’s leadership to understand if that system falls within their risk appetite and to approve that system’s use. It’s like a warrant of fitness for your car – where the risk assessment is the development of items that need to be checked, and then when we audit the system, we’re playing the role of the mechanic checking each one of the items on that list. Then the organisation can approve the system for use (like when you get your WoF sticker and drive your car legally).
Archer Continuous Assurance September Release
In September, we released an updated version of the Axenic Archer Continuous Assurance service. This service is being regularly updated and enhanced to ensure a high-quality and seamless user experience. These will be a regular occurrence and we will update the main changes here, ensuring that the solution is not only a continuous assurance product, it is also continually improving and innovating. Read on to find out all the latest release details and functions of the Archer Continuous Assurance product.