The most sustainable strategic approach to cyber security is to implement an Information Security Management System (ISMS) that considers the organisation and its operating environment. In using this approach, the appropriate resources and responsibilities can be identified, leading to the development of organisationally relevant policies and procedures, and the implementation of the most appropriate technology to mitigate the cyber security risks that apply specifically to that environment.
At ScrySphere, we assist clients to take this journey, or support any part of it. We aren’t a re-seller of any technology products, so we don’t push products or solutions. Rather, we help organisations to understand the type of organisational systems or technology products they need, and can assist in the selection, implementation and ongoing monitoring of systems.
- CISO as a Service – Many organisations lack the resources for a full time strategic security leader. We can provide this role as a service, for a day per week, month or quarter or as required to develop and implement security strategy
- Risk Assessment – Do you know how appropriate your current controls are for your organisation’s risk appetite?
- Preparation - Responding to an incident is much more effective if appropriate plans, controls and logging are implemented in advance.
The Privacy Amendment (Notifiable Data Breaches) Act of 2017 is the most recent update to the Australian Privacy Act 1988, and adds new notification requirements for any eligible breaches of personal information. Starting 22 February 2018, failure to protect personal information can result in financial penalties that can go up to AUD$360,000 for individuals, and up to AUD$1.8 million for organisations.
Get in touch to meet your obligations under these new laws and avoid hefty fines.