Resources

More Resources

Closing the ‘human factor’ gap

CyberMetrix
https://www.cybermetrix.com.au/resources/closingthehumanfactorgap.pdf
The ‘human factor’, defined by an effective security culture has been missing or understated by cyber risk management frameworks to date. Our presentation emphasises the importance of developing an effective cyber security culture supported by evidence, and will also outline a risk management framework that will enable an organisation to evaluate how well it is prepared to defend and recover from a cyber-attack.

8 things every SME should know about cyber security

Peter Maynard
https://www.linkedin.com/pulse/8-things-every-sme-should-know-cyber-security-peter-maynard/
With a little time and planning cyber security doesn’t have to be hard or expensive. Regardless of what size you are, your turnover or your sector, the principals are the same.

Cyber Security: The Small Business Best Practice Guide

Australian Small Business and Family Enterprise Ombudsman
http://www.asbfeo.gov.au/cybersecurity
An excellent guide to assist business owners and leadership teams understand cyber risk and what they need to be thinking about and planning for.

Notifiable Data Breaches Quarterly Statistics Report: 1 April – 30 June 2018

Office of the Australian Information Commissioner
https://www.oaic.gov.au/media-and-speeches/news/notifiable-data-breaches-second-quarterly-report-released
Notifiable Data Breaches Quarterly Statistics Report: 1 April – 30 June 2018.

What Is Two-factor Authentication? (2fa)

Duo Security
https://youtu.be/0mvCeNsTa1g
This 2-minute video provides a simple overview of two-factor authentication. It explains in simple terms what it is and why it is one of the best ways to protect against remote attacks such as phishing, credential exploitation and other attempts to take over your accounts.

Leveraging The Human To Break The Cyber Kill Chain

SANS Securing The Human
https://securingthehuman.sans.org/blog/2016/01/12/leveraging-the-human-to-break-the-intrusion-kill-chain
An excellent overview of the Lockheed Martin Cyber Kill Chain. This article breaks the chain down into steps of how an adversary attacks – reconnaissance, weaponisation, delivery, exploitation, installation, command / control, and actions on objectives.

10 Minutes On The Stark Realities Of Cyber-risk

PricewaterhouseCoopers
http://www.pwc.com/sg/en/risk-assurance/assets/10mins-cyber-risk-2014.pdf
An excellent look at cyber risk and the need for boards and c-suite teams to deal with cybersecurity as a business wide risk and not just an issue to be delegated to the IT department.

Acsc Threat Report 2017

Australian Cyber Security Centre
https://www.acsc.gov.au/publications/ACSC_Threat_Report_2017.pdf
The 2017 ACSC Threat Report provides an in depth, up to the minute view of the top cybersecurity threats and risks facing Australian organisations. The ACSC Threat Report is compiled by the Australian Cyber Security Centre and is considered to be the authoritative view of the cybersecurity landscape within Australia.

Preparing For The Notifiable Data Breaches Scheme

Australian Government, Office of the Australian Information Commissioner
http://www.webcasts.com.au/oaic211117/
In February 2018, Australia’s Notifiable Data Breaches (NDB) scheme becomes mandatory for all organisations that fall within the guidelines. This is likely to have a significant impact on most organisations within Australia. This webinar provides an excellent overview of the scheme and how it may impact your business. We strongly encourage all organisations to watch this video and increase their awareness and understanding of how the NDB scheme is likely to impact their business.

Notifiable Data Breaches Scheme Resource Website

Australian Government, Office of the Australian Information Commissioner
https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme
The Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Privacy Act) establishes requirements for entities in responding to data breaches. Entities have data breach notification obligations when a data breach is likely to result in serious harm to any individuals whose personal information is involved in the breach.

What Happens When You Dare Expert Hackers To Hack You

Real Future
https://www.youtube.com/watch?v=F78UdORll-Q
This “must watch” video contains excellent, real world examples of social engineering attacks and how people play such an integral role in the attack cycle. Watch in real time how people can easily be manipulated to give access and information when they shouldn’t and how a targeted spear phishing attack allows an attacker to take control of your computer, spy on you through your video camera, hijack your identity and steal your banking details.

Cyber War

Four Corners. ABC
http://www.abc.net.au/4corners/stories/2016/08/29/4526527.htm
An eye-opening insight into the world of cyber hacking, explaining how hackers are threatening everything from your bank account to the nation’s secrets. This video contains excellent interviews with the former head of the CIA and the NSA, Michael Hayden, renowned hacker Kevin Mitnick, and other leading experts in the field of cybersecurity.

Cybersecurity

KPMG
https://youtu.be/BL0v7KcQH_k
A must-see video that highlights the range of cyber threats facing organisations, from deliberate attacks to unforeseen errors, software failures to web weaknesses. It emphasises the importance of boards developing a robust understanding of the threats that exist, to be aware of the company’s vulnerabilities, and have measures in place to counteract the risk. Every employee is a potential target for a cyber attacker, and it takes vigilance on the part of every employee within an organisation to make it secure.