Recently I’d been helping a customer negotiate their cyber security insurance – which turned out to be trickier than I expected. This got me thinking about the role that insurance played in cyber security. Then – coincidentally – I was reading a book on security (Paul Martin’s great “The Rules of Security”) and came across this sentence: “Insurance is sometimes described as a means of transferring risk, but it is really more of a mechanism for softening the financial impact of a loss.” (p 73). It got me wondering – at Axenic have we been thinking about insurance all wrong?
Category: Blog
2021’s Cyber Security Events: A New Zealand Perspective
A few years ago there was an ad campaign for New Zealand making fun of the fact that we are often left off maps. When looking at cyber security news it often feels like we are missed off the map too. There were plenty of international round-ups of cyber security events for 2021, but few mentioned what happened here in Aotearoa New Zealand. To redress the balance, here’s our list of New Zealand’s publicly reported cyber security events from 2021:
The Grass Looks Greener from Here: Cyber Security Should Be Like Health and Safety
All the experts agree – cyber security should be an organisation-wide concern. And yet, in my experience too many organisations, and too many people in those organisations think that cyber security is solely the concern of (a) the security team, or (b) the IT/digital team. In case you need convincing my favourite response is that if there is a cyber-attack (or incident) then it is not the IT team’s job that is at risk, but part of the organisation (if the HR system is compromised it is the HR team who won’t be able to work, not the IT or security teams). Who knows what the impact is of an attack? It’s not IT, that’s for sure. And who is best placed to balance off the needs of the organisation with the cyber risks? It’s not security: if you left it up to me, I’d turn everything off! That’s the only way to be sure (and I get no benefit from it being on, so…)
2022 for Face to Face conferences, maybe?
All going well, by this stage in November we would have been sitting back reflecting on another wonderful Kawaiicon event. As in previous years, the whole Axenic team was looking forward to attending it. However, Kawaiicon 2021 was unfortunately postponed until mid 2022. Just like many events this year, the organisers had to make the tough call of postponing for public health reasons.
In lieu of that, we thought we would pull together a shortlist of some virtual conference material that you can check out instead – it should help feed your cybersecurity knowledge hunger!
July 2021 Newsletter – Axenic Cybersecurity Commentary
Hot off the virtual press is our latest monthly cybersecurity update. Our popular round-up of some of the cybersecurity-related events over the past month that caught our eye. This edition includes our thoughts on the recent Kaseya hack, an emerging job sector for Ransomware-as-a-Service (RaaS) Negotiators and what not to post in online forums when you have access to classified information. Read up on all this and more in the latest newsletter here.
Highlights from the Privacy Forum 2021
New Zealand Privacy Week 2021 was held recently; 10 – 14 May. This annual event is designed to help promote privacy awareness and to help inform people of their rights under the Privacy Act. A key event of the week was the Privacy Forum that was held here in Wellington on Friday 14 May. If you were unable to attend, the good news is that Axenic were there and the following blog is a review of some of the key insights from the event courtesy of Axenic Principal Consultant Lisa Zannino.