No legal professional privilege for Deloitte forensic report in Optus data breach litigation
Optus has lost a bid in the Australian federal court to keep secret a Deloitte...
19 November, 2023
OAIC sues ACL for security failure
In November 2023, the Office of the Australian Information Commissioner (OAIC) announced the commencement of...
16 November, 2023
Data Tagging: Best Practices, Security & Implementation Tips
Data tagging helps businesses enhance data security, improve data governance, and better manage data and...
14 November, 2023
Cyber security regulation in Australia: What’s the current status?
Will Australia be getting a Cyber Security Act any time soon? The cyber security regulatory...
27 October, 2023
OAIC Data Breach Report: January – June 2023
Key Findings in the OAIC’s Data Breach Report: January – June 2023 Some of the most...
28 September, 2023
RIP Passwords: Are Passkeys the Future of Account Security?
Passwords are probably the most well-known account security feature that exists today. But they’re problematic....
28 September, 2023
What To Do If a Third Party Mishandles Data Your Organisation Shared with It
Earlier this year, news broke about a third-party data breach that impacted the personal information...
27 September, 2023
Privacy and Security in Mobile App Development: Tips to Creating Better Apps
Following the highly-publicised ban of TikTok on government devices, Australians are starting to pay more...
18 August, 2023
Third party service providers: It’s so much more than the contract
Victoria's privacy watchdog, the Office of the Victorian Information Commissioner (OVIC), released a report into how...
11 August, 2023
3 Tips for Talking to Boards About Cybersecurity
Cybersecurity concerns are no longer the domain of the IT department. They permeate every aspect...
10 August, 2023
Lessons from the HWL Ebsworth Data Breach
The HWL Ebsworth data breach has sent shivers down the spine of every professional consulting...
28 July, 2023
An Overview of Cybersecurity Certifications in Australia
As the privacy industry matures, we’re seeing more privacy and security jobs seeking professionals who...
10 July, 2023
3 Steps to Safeguard Privacy
In the spirit of Privacy Awareness Week 2023, we are sharing 3 tips to safeguard...
07 May, 2023
Australia’s New Cyber Security Strategy: Call for submissions
On 8 December 2022, the Minister for Cyber Security, the Hon. Clare O’Neil MP, announced...
20 April, 2023
Australia’s First Major Financial Services Provider Breach: Latitude Financial Ransomware Update
Australian financial services provider, Latitude Financial, has announced that it has suffered a data breach...
27 March, 2023
Data Management Strategy: No Longer a Nice-to-Have
The importance of organisational data is growing each year. As we move through 2023, a...
11 March, 2023
Melbourne School Data Breach: Lessons for Handling Credit Card Hacks
Around 400 parents of current and former Mount Lilydale Mercy students were recently alerted to...
03 February, 2023
Key Takeaways from TechCrunch’s List of Badly Handled Data Breaches in 2022
TechCrunch recently released its list of the most badly handled data breaches in 2022. Surprisingly...
10 January, 2023
Privacy Issues for Employers Using Biometrics in the Workplace
Biometrics technologies have been developed to help employers accurately track employee attendance and hours, track...
20 December, 2022
Electronic Surveillance Reform in Australia: What can we expect next?
Australia’s regulation of electronic surveillance has been a mess for some time. When it announced...
18 December, 2022
Email Snafu – What to Do If You Send Personal Information to the Wrong Email
The OAIC’s latest reporting shows that 33% of human error data breaches in Australia are...
15 December, 2022
Worried about Data Breaches? How Privacy by Design can help
The increase in data breaches has highlighted that organisations are holding onto data, a lot...
24 November, 2022
Questions Boards Should Ask About Cybersecurity
The days of board directors delegating oversight of cybersecurity to department managers are long behind...
10 November, 2022
New ISO 27001:2022 released – Finally!
Hot off the press - ISO 27001:2022 has been published! The much-anticipated update to ISO 27001:2013...
01 November, 2022
Biometrics in Schools and Privacy Issues: What Could Go Wrong?
Biometric technologies have been making their way into schools for years. It's not uncommon for...
28 October, 2022
The Optus Data Breach Communications – A Case Study of What Not to Do in the Wake of a Breach
There has been a great deal of backlash in the wake of the Optus data...
05 October, 2022
Privacy by Design: How to Bake Privacy in Early
Using privacy by design to bake privacy in early is becoming a must. The benefits...
30 September, 2022
Optus data breach – Listen to Dr Jodie Siganto on ABC Radio
Dr Jodie Siganto was one of the privacy and security experts interviewed by the ABC...
27 September, 2022
Data Sharing and Third Parties: Questions to ask before sharing personal information you’ve collected
Regulators around the globe have been targeting their enforcement efforts at companies that engage in...
05 February, 2022
Clearview AI’s Australian Privacy Breach
Penalties have started to flow in for Clearview AI’s controversial scraping and use of the...
18 March, 2022
New security obligations for Australian Critical Infrastructure Providers: Why?
Rushed, imprecise and unlikely to be enforced? And most importantly, why? In November 2020, the Australian...
13 December, 2020
The end to ASIC v RI Advice: Cyber security take-aways for Australian organisations
In early May 2022, the Australian Federal Court released its judgement in the long-running ASIC...
06 May, 2022
Ransomware in Australia: Legal Liability, Notifications and Your Obligations
Ransomware in Australia is on the rise! As a result, regulators are paying more and...
23 March, 2022
How do I get my CISM Certification?
Thinking about getting the CISM? This is an easy guide to all the practical steps...
23 April, 2021
How do I Prepare for the CISM Certification Exam?
How can you give yourself the greatest chance of passing your CISM exam? We want...
23 April, 2021
Security for privacy practitioners: What security certification suits?
We are often asked by privacy practitioners to recommend security training to help them get...
26 August, 2022
Who Needs to Comply with China’s PIPL?
Organisations are getting used to the extraterritorial scope of privacy laws enacted in other countries,...
20 August, 2022
A Privacy Compliance Tool to Overcome Common Privacy Issues You Need to Avoid
Compliance with Australia’s Privacy Principles is non-negotiable for organisations covered by Australia’s privacy laws (APP...
16 August, 2022
ISACA CISM Exam Update: What’s Changed
The ISACA updates the content of its curriculum and exams around every five years. The...
29 July, 2022
What is Australia doing about scams? The ACCC’s 3 pronged approach
The Australian Competition and Consumer Commission (ACCC) has proposed a “three-pronged approach” to ensure Australia...
22 July, 2022
Project REDSPICE: Looking into Australia’s $10b Investment in Cyber Security
Many privacy and cyber security professionals across Australia were surprised by the $9.9 billion earmarked...
28 April, 2022
Changing legal landscape for Data Breach Notification in Australia
With the rise of cyber security incidents and increased concern about ransomware, additional data breach...
11 April, 2022
The new ISO 27002: 2022 – Answers to some Frequently Asked Questions
The new 2022 revision of ISO 27002 was published on February 15, 2022 It’s been eight...
10 April, 2022
Update to ISO 27002
Finally, ISO 27002 has been updated! The information security management standard ISO 27001 and its code...
11 March, 2022
Red Cross Data Breach Exposes Personal Information from the World’s Most Vulnerable
On January 19, the International Committee of the Red Cross (ICRC) published a press release...
18 February, 2022
CLOUD Agreement eases law enforcement access to big tech data
On December 15, 2021, the United States and Australia signed an agreement to make it...
19 December, 2021
Ransomware Action Plan: Another new cyber security law for Australia?
In mid-October 2021, Australia’s new Ransomware Action Plan was released by the Department of Home...
02 November, 2021
Update on Australia’s First Cyber Security Case: ASIC v RI Advice
Earlier this year, we published a post about Australia’s First Cyber Security Case – ASIC...
30 October, 2021
Cybersecurity Enforcement in a World Where a Ransomware Attack Led to a Baby’s Death
A US medical malpractice lawsuit (scheduled for trial in November 2022) alleges that a hospital...
14 October, 2021
ISO 27002 is getting updated, finally!
More than eight years since its last face-lift, ISO 27002 is under review with a...
04 October, 2021
China’s new Personal Information Privacy Law: Yet another piece in a complex puzzle
Another piece is added to the jigsaw of China’s privacy and security laws. The Personal...
25 August, 2021
Is cyber security regulation possible in Australia?
On 13 July 2021, the Australian Government through the Department of Home Affairs (DHA) opened consultation...
05 August, 2021
Mandatory notice of ransomware payments: Is it a good idea?
There is no doubt that ransomware attacks are amongst the most serious cyber threats to...
03 August, 2021
Privacy Enhancing Technology: Demystifying Privacy Management Solutions
More organisations are looking at automated solutions to support the efficient management of their privacy...
17 July, 2021
Cybersecurity in the ‘Next Normal’: Minimum Standards When Working From Home
The white-collar workforce is likely to look very different long into the future. While some...
25 June, 2021
Australia’s Cyber Security Strategy 2020: What About Privacy?
Most Australian privacy and security practitioners recognise the growing importance of data protection and the...
19 August, 2020