An entity that is required to comply with the Privacy Act 1988 must take reasonable steps to protect the personal information it holds from misuse, interference and loss, as well as unauthorised access, modification or disclosure. This extends to situations where an entity engages a third party to store, maintain or process personal information on its behalf.
Wayne Tufek |
28 Apr |
Read more
As information security professionals, we spend much of our time identifying and correcting technical vulnerabilities, be they missing patches or insecure system configurations.
Wayne Tufek |
20 Sep |
Read more
Data breaches are inevitable and waiting for a breach to occur before designing an incident response plan is a recipe for failure. It’s a question of when the breach will occur and how you will respond, not if you will be breached. 100% prevention simply doesn’t exist, so having a plan to deal with a security breach is now more important than ever. You probably already have an incident response plan from a technical perspective. Phrases such as preparation, identification, containment, eradication and lessons learned.
Wayne Tufek |
15 Sep |
Read more
The attractiveness of adopting cloud services continues to grow. Who can argue against access to the latest technologies, a pay as you go model, rapid provisioning/de-provisioning and on demand scaling? All of these benefits lead to improved agility, faster time to market and a business focus on the business (not managing IT). Many of the risks of cloud computing have become less frightening as organisations have become more comfortable with data sovereignty and availability issues.
Wayne Tufek |
16 Oct |
Read more