Our latest insights

The Federal Court’s $5.8M ACL decision signals a new era for privacy, cybersecurity, and governance in Australia. It reinforces that privacy and cyber obligations start Day 1 of any acquisition, governance failures will be scrutinised, and accountability cannot be outsourced. Boards must ensure robust oversight, deep cyber due diligence, and forensic incident response. With OAIC escalating regulatory enforcement, organisations face heightened legal, financial, and reputational risks.

It is a challenging time for many; from a cost-of-living crisis and global political uncertainty, to lingering stress post pandemic. Coupled with business control weaknesses or vulnerabilities, these pressures can create the perfect storm for financial crime to occur.

As the CPS 234 Information Security tripartite review program nears its end in June 2024, APRA-regulated entities face a critical moment. The upcoming CPS 230 Operational Risk Management implementation is closely linked to CPS 234, requiring preparation from regulated entities and service providers.

The Australian Cyber Security Centre (ACSC) released an update to the E8MM in November 2023 with several changes to the framework of controls previously recommended. These changes will require organisations who benchmark themselves against the E8 to reassess their existing cybersecurity strategies and control practices to determine if they remain in alignment with the new requirements.

The digital revolution, with its promises of efficiency and connectivity, has inadvertently given rise to cyber fraud – an invisible threat that can infiltrate the core of an organisation.

When Australia is the fifth most hacked country in the world, how do cyber security experts advise people and businesses to protect themselves?

Cyber security is a systemic risk to the prosperity of Australia; the problem is going to get worse before it gets better; it will impact everyone; and everyone has a role to play in addressing the issues.

CFOs have a pivotal role in preventing and mitigating fraud risks within organisations. They should establish a strong governance framework promoting ethical behaviour, transparency, and accountability. Collaborating with technology leaders, CFOs can implement anti-fraud technology, stress-testing measures, and anti-money laundering controls. Maintaining an ethical culture through awareness, education, and reporting mechanisms is crucial.

APRA has released the long-awaited findings from its independent tripartite cyber assessment over compliance with CPS 234. The themes identified by APRA are based on the audit of more than 300 banks, insurers and superannuation trustees – a significant industry wide program.

June 30 is fast approaching, and with it comes tax scammers, the escalating cost of living means their activity is on the rise, we outline some scams for you to be aware of.

Business Email Compromise (BEC) is a rapidly growing cyber threat, across all Australian business sectors.

You may not know it, but your privacy related risk exposure changed overnight. Now more than ever, businesses cannot afford to be complacent about privacy compliance.