by Paul Friend, MBA | ISO Lead Auditor | Sep 4, 2025 | Blog
Summary As cyber threats intensify and regulatory requirements expand, many Australian organisations face a leadership gap: they need CISO-level expertise but lack the resources for a full-time executive. A Virtual Chief Information Security Officer (vCISO) bridges...
by Paul Friend, MBA | ISO Lead Auditor | Sep 3, 2025 | Blog, ISO 27001
Understanding how an ISO 27001 audit works is essential for any organisation preparing for certification in Australia. While the audit process is well defined in the ISO/IEC 27001 standard, many organisations experience delays, unexpected findings, or failed...
by Paul Friend, MBA | ISO Lead Auditor | Aug 28, 2025 | Blog
Password managers are often seen as one of the most effective defences against account takeover. They generate strong, unique passwords, store them securely, and autofill only on legitimate sites. For enterprises, they centralise identity hygiene, enforce policies,...
by Paul Friend, MBA | ISO Lead Auditor | Aug 20, 2025 | Blog
In a regulatory environment that continues to evolve in both complexity and scope, compliance is no longer a point-in-time achievement. Engaging a managed cybersecurity and compliance service is essential, as it is a continuous operational discipline. From ISO 27001...
by Paul Friend, MBA | ISO Lead Auditor | Aug 14, 2025 | Blog
10 Years On, a Decade of Data Reframes Human-Centric Cyber Resilience In its tenth edition, the SANS 2025 Security Awareness Report offers a sobering yet insightful longitudinal view into the evolving state of human risk in cybersecurity. Drawing on responses from...
