Analysis Highlights Security Shortfalls of ‘Global’ CSP’s

Agencies managing Australian government data are being warned that non-sovereign clouds are not always suitable for security-sensitive workloads. This was highlighted by a recent review of the IRAP assessment reports of multiple cloud providers, which revealed a number of  deficiencies and compromises that customers should carefully consider the cyber risks they are being asked to…

Read More

Taking multi cloud compliance and security standards to new heights

Government agencies grappling with digital transformation issues such as cloud strategy and security in a constantly shifting regulatory environment have a powerful new ally following the announcement of a partnership between Protiviti and Vault Cloud. Protiviti is a global consulting firm with deep expertise in large enterprise cloud transformation projects for government and the private…

Read More

Follow-the-sun model eclipsed by dawn of the data sovereignty age

Experts are questioning what role global cloud service providers can continue to play in key government and defence markets in light of Australia’s tough new data sovereignty standards. Given how dependant their business model is on “follow-the-sun’’ support based in multiple centres around the world, it is unclear how the tech titans can adapt to…

Read More

NSW government agencies reassured on secure multi-cloud

NSW’s government agencies are entering a transformative era as the state ramps up its shift to public cloud.  Agencies were obliged to develop their cloud strategies and transition plans by June, and with planning for the new financial year now well under way, many are currently approaching crucial strategy, budgeting and procurement decisions that will…

Read More

Three tips for managing cyber security skills in government

Bringing IT talent into an organisation can be a herculean task at the best of times, but as any hiring manager responsible for digital skills will tell you, there’s no challenge quite like cybersecurity.  According to a study from Burning Glass, filling cyber security roles takes 20 per cent more time than typical IT roles.…

Read More

How Critical Industries Can Prepare for SOCI Act Reforms

Critical Infrastructure security

Our nation’s critical infrastructure is a highly connected system – one that supports and drives our day-to-day operations as businesses and as a nation. However, connectivity without security creates vulnerabilities that can have immense repercussions. With this in mind, this June, the Australian Government will announce reforms to the Security of Critical Infrastructure (SOCI) Act…

Read More

On-premise exodus: tips for migrating legacy applications in the public-sector

At the start of 2020, IDC predicted that public and private cloud spending would outperform “traditional IT spending” – think on-premise IT and legacy applications – in the forthcoming year. Of course, they weren’t accounting for a global pandemic, which has sent cloud spending into the stratosphere, while traditional IT spending wanes. Supporting this continued…

Read More

Secure Internet Gateways – is there a better way?

When the Federal Government introduced the Secure Internet Gateway (SIG) program in 2010, it was a great leap forward in cyber security.  The program allowed agencies to easily assess and procure a range of ASD accredited SIG packages, with the ASD’s ‘stamp of approval’ providing assurance that the solution was robust and up to all…

Read More

Understanding and strengthening healthcare organisations’ 2021 cloud strategies

After a year that shifted many corporate priorities and reinforced others, concerns around digital infrastructure and cyber security in the healthcare sector are stronger than ever. This year the government plans to make amendments to the Security of Critical Infrastructure Act, which would expand how we define “critical infrastructure” for regulatory purposes — with the…

Read More

Why data privacy and its management contributes to your GRC measures

GRC

Cybersecurity is a balancing act, bridging the perceptual dichotomy between protection and productivity. It’s not an easy task but it can be made easier by considering it in the context of organisational Governance, Risk and Compliance (GRC) measures.  Fundamentally, GRC is a combined approach towards governance, risk, and compliance, aided by information technology. While GRC…

Read More