Latest News

Written by Dr.Ignatius Swart, Managing Consultant, Privasec

Achieving ISO 27001 certification does not guarantee your organisation will never experience security incidents ever again. Nor can anyone realistically claim that the standard is perfect and it can absolutely be trusted. Despite the negativity, obtaining certification does offer several significant benefits that cannot be denied. Often touted benefits of an Information Security Management System (ISMS) that is implemented correctly and follows the spirit of the standard are:

Written by Shamane Tan, Cyber Security Advisor - APAC, Privasec

Early last March at the 'Data Privacy Matters' meetup, I had the privilege of moderating a panel segment addressing the NDB Amendment & GDPR's Impact on Australian Businesses. The panellists were Patrick Gunning, (Law Partner from King & Wood Mallesons), Fergus Brooks, (Cyber Risk National Practice Leader, at Aon Australia) and Romain Rallu, (CEO at Privasec, an independent Security firm). We spent the night discussing the applicability of the Privacy Act, being prepared for this new privacy legislation, the ramifications of ignoring the them, and exploring what is covered by insurance when it comes to Data Breaches.

6

Privasec has released a fact sheet to assist you in assessing and handling this discovery. 

Krack Wi-Fi Vulnerability Fact Sheet - PDF

The Director's Guide to Cyber Breach Legislation is now available as a free download.

An Excerpt:

"What if tomorrow was your unlucky day and it started with a $1.8 million financial penalty? Imagine if the bottom line of your organisation was reduced by $1.8 million. Now that might not sound like a lot but think about what $1.8 million could represent. It could fund at least ten high profile employees. It might allow you to market the launch of a new product or service. It might be the budget for a project that could move your company to new heights that your competitors simply can’t match. We know you can use your imagination here to think about what $1.8 million could buy." 

ISO 27001:2013 is one of the most widely recognized and internationally accepted information security standards. It identifies requirements for a comprehensive Information Security Management System (ISMS), and defines how organizations should manage and handle information in a secure manner, including appropriate security controls and establishes requirements for information controls to manage people, processes and technology.