Queensland Audit Office – Managing cyber security risks

The Queensland Audit Office has published its findings and recommendations following its audit of cyber security readiness at three Queensland public sector bodies. The audit tested each entity’s cyber security through a variety of mechanisms, assessed the public availability of the entities’ sensitive information and tested the implementation of the Australian Cyber Security Centre’s ‘Top … Read more

NCSC advocates Security by Design at Launch of Third Annual Review today in London

The National Cyber Security Centre (“NCSC“) emphasised the need for security by design at the launch of its Annual Review 2019 in London this morning. Many legacy systems are “accidentally insecure”, noted NCSC CEO Ciaran Martin, but now we can see the major trends developing and plan strategically. The Secure by Design Code of Conduct … Read more

Zero-day attacks, red teaming and other cyber concerns

There are a myriad cybersecurity issues that legal departments must concern themselves with, with proactivity being key to the safety of a business’s information. Speaking recently on a live webcast hosted by Lawyers Weekly — Security breaches: is your firm protected? — Telstra security consultant Keith Kerr said zero-day attacks refer to instances where legal … Read more

EU adopts new sanctions framework targeting external cyber attacks

On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU and its member states. The sanctions will be designed “to deter and respond to cyber-attacks with a significant effect which constitute an external threat to the EU and its Member … Read more