31 January 2019
Cybersecurity continues to be a hot topic in 2019
2019 is off to a very hot start. In case you missed them, some of the notable IT security items that hit the news in December and January included -
- A massive data breach exposed the private data of 500,000 guests of the Marriott International hotel chain and a high percentage of this data included passport and credit card numbers.
- Another heist on a cryptocurrency exchange! The CEO of NZ based Cryptopia is suggesting NZ$24mil has been stolen from his company, however the exact amount stolen has not yet been confirmed by investigators.
- The work details of 30,000 public servants in Victoria were stolen from a government directory in a data breach just days before Christmas.
- Google have been fined €50mil by the national data protection watchdog in France for failing to comply with the General Data Protection Regulation (GDPR).
Unfortunately there is no sign of these types of incidents and issues abating so these 4 examples are likely to be part a growing list of breaches, thefts and actions for 2019. If Incident Response planning is not already well in hand within your organisation then it might be worth making it a priority - regardless of how secure you may perceive you organisation is.
Trending to Cloud
As the uptake of Microsoft’s Office 365 and Azure offerings continues to grow we are increasingly engaged in discussions with a range of different business types around their migration to the Cloud and what is required to ensure their final solution is secured.
For example, when deploying the Office 365 solution organisations need to make some key security configuration decisions. Making "the correct" decisions can be challenging given the depth of configuration options to choose from. Thereafter, a “set and forget” approach won’t work as the Office 365 cloud environment is inherently very dynamic and security requires ongoing assessment.
Kaon Security can assist your organisation ensure the move to Office365 and Azure is secure. Click below to view our service overview
To get a more detailed understanding of the service contact Mike or Steve.
Foundations Being Laid
2018 saw a number of new organisations adopt the IT Policy System, as they had a requirement to get the foundation in place to drive a more secure computing environment.
A sample list of the organisations we welcomed aboard include City of Greater Geelong, Mansfield Shire Council, Broken Hill Shire Council, Mosman Council, Cumberland Council, Port Pirie Regional Council, City of Burnside, Greater Wellington Regional Council, UDC Finance, Top Energy and Tower Insurance.
The new Policy Lite System version has been well received by smaller organisations (sub 250 users) and being “cloud delivered” allowed us to more readily extend our reach to remote locations.
IT Policies are important because they -
- Provide the IT security framework for an organisation
- Help protect the assets of the business
- Endorse the commitment of the CEO and senior management to protect valuable information assets
- Provide a uniform level of control and consistent guidelines for management
- Communicate one IT security message to all
- Advise staff about IT security and about their responsibilities
Would You Rather Be Doing Something Else?
Most organisations don’t have in-house subject matter expertise to write and manage policy content that is easy to read and understand and aligned with the organisational ethos – and interestingly nobody is keen to volunteer to do this work!!
If written in house, policies are not usually kept up to date and therefore don’t reflect ongoing business, technological, compliance or regulatory changes. Our research shows policies written in house often remain untouched for up to 5 years after being deployed. Hence the IT Policy System provides an organisation with a very viable alternative approach to developing, delivering and managing customised policy content.
Click on the links below to view our IT Policy System walkthrough videos -
To book an online demonstration contact Mike or Steve