Our latest insights

The Australian Federal Government has passed major changes to the Privacy Act 1988 (Cth) in the form of the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022. These changes signal a call to action for organisations to review their privacy, security, and information handling practices.

With recent news of significant data breaches at major corporations, there are a number of questions being asked from Boardrooms to kitchen tables all across Australia. Some common questions include, what went wrong? Are we at risk? And how can we protect ourselves from similar events in the future?

In this episode we speak with Matthew Green, Partner and Controls Assurance Specialist and Chris Watson, Partner and previously a Detective in the Computer Crime Unit City of London Police.

As we watch the ramifications of the recent widespread data breach continue to play out in the media and on the floor of Federal Parliament, I keep reflecting on the requirements of APRA Prudential Standards CPS 234: Information Security and the draft Prudential Standard CPS 230: Operational Risk Management. If ever there was any doubt in the minds of Boards or Management as to why the focus on cyber security and operational resilience, then the current situation brings this into stark focus.

APRA has released draft Prudential Standard CPS 230 Operational Risk Management for comment. CPS 230 will replace CPS 231: Outsourcing and CPS 232: Business Continuity, and the sector specific standards HPS 231, SPS 231 and SPS 232. What is operational resilience? Operational risk management analyses and defines risks associated with people, processes, and systems. Operational resilience defines the approach to managing operational risks.

Since March 2022, existing .au registrants were eligible for the Priority Allocation Process, enabling them to apply for priority status of a direct .au domain name matching their pre-existing domain name. After 20 September 2022, direct .au domain names that have not been registered will be available to the general public.

Following the announcement of the CPS tripartite audits in November 2020, APRA began issuing notices to regulated entities to undergo the independent assessment. The reviews are part of APRA’s four year strategy to increase the rigor of compliance with CPS 234: Information Security.

JBS Foods International is the largest meatpacking company in the world – but also in Australia. Operating 47 sites across the country, some sub-brands you might recognise include Primo and Hans.

Our Virtual ADI Conference covers a variety of hot topics for ADI’s, particularly coming up to the end of financial year reporting period.

There is a whole economy on the dark web built upon your stolen data – with an economic cost of approximately US$5t worldwide and US$1b in Australia alone.

On Sunday 26 April 2020 the Federal Government released the COVIDSafe smart phone app.

Zoom has had security flaws identified and reported on for some time now. These flaws have been the aforementioned call hijacking, questionable encryption, call traffic being routed through Chinese servers and the more covert issue of Mac users being unknowingly forced into calls.