Summary Microsoft Exchange remains at the core of many organisations’ communication systems, but its widespread use makes it a top target for cyber attackers. In October 2025, the NSA, CISA, ASD’s Australian Cyber Security Centre (ACSC), and the Canadian Cyber Centre...
Summary Proton has recently launched its Data Breach Observatory, a publicly-facing, free platform that continuously monitors the dark web for data leaks and publishes them in near-real time. Key findings from Proton’s initial research: In 2025 (so far), Proton...
Summary Australia’s cyber threat environment has entered a new phase. The Australian Signals Directorate (ASD) and Australian Institute of Company Directors (AICD) have released Cyber Security Priorities for Boards in 2025–26, urging directors to take direct oversight...
Summary Cloud can harden security and resilience when you implement it the ASD way. The Australian Signals Directorate sets out a practical path: assess the provider and its services, assess your own systems, make shared responsibilities explicit, then monitor...
An internal ISO 27001 audit is one of the most important activities in maintaining an effective Information Security Management System (ISMS). It provides assurance that your organisation’s information security controls are working as intended, helps identify...
Summary Cyber incidents are no longer a “what-if”; they are a “when”. As the Australian Signals Directorate observes, malicious cyber activity against Australian national and economic interests is increasing in frequency, scale and sophistication. The right incident...
Budgeting for an ISO 27001 audit can feel like trying to predict the weather: many variables, a few surprises, and the risk of under-estimating key costs. But understanding the full cost structure and building in buffers lets you approach certification strategically...
Penetration testing is one of the most effective ways to identify and fix security weaknesses before attackers exploit them. In 2026, Australian organisations are investing more heavily in penetration testing to meet regulatory expectations, satisfy customer assurance...
ISO 27001 controls are the practical safeguards that underpin an effective information security management system (ISMS). While policies and documentation provide structure, real ISO 27001 compliance in Australia depends on how these controls operate day to day in...
The ASD Annual Cyber Threat Report 2024–25 confirms that Australia’s cyber risk environment has intensified across all sectors. The Australian Cyber Security Centre (ACSC) responded to more than 1,200 cyber security incidents, showing an 11% increase from the previous...