Rajitha Udayanga

✅ Monash University authorised as a CVE Numbering Authority (CNA) 🔐 MON-CSIRT (Monash University Computer Security Incident Response Team) has been announced as a Partner in the CVE Program by MITRE. 🔐 MON-CSIRT is only the third organisation in Australia to be authorised in the Researcher category and the first university globally. 🔐 The scope of the MON-CSIRT partnership allows previously undiscovered vulnerabilities to be triaged and assign CVE IDs and corresponding CVE Records published. We view this as a crucial step in continuing to strengthen both the Monash ecosystem and the wider global digital landscape. This partnership enables us to assist vendors in triaging, categorising, and communicating vulnerabilities, ensuring that customers and affected parties are promptly informed of their exposure and can respond more quickly. 🤷 Curious what the CVE Program is? 👉 The Common Vulnerabilities and Exposures (CVE) Program a global initiative to identify, define and catalogue cyber security vulnerabilities. The CVE Program is managed by the not-for-profit MITRE Corporation in collaboration with international cyber security communities. 👉 Authorised partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Each vulnerability is assigned a unique ID (e.g. CVE-2024-12345) that provides a standard way to refer to it. 👉 Information technology and cyber security professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritise and address the vulnerabilities. More info here: https://lnkd.in/gQgMHxWn 👏 A big thankyou to Nathira Rajagopal and K S. for their passion and hard work to get this initiative off the ground. #CVE #CNA #vulnerabilitymanagement #cyber #ciso #mitre

192

10 Comments

Big news for the Australia cybersecurity landscape! The Australian Cybersecurity Bill 2024 has been passed on 25th Nov 2024, bringing in some significant changes: 1.      Mandatory Cybersecurity Standards for Smart Devices: Say goodbye to the Wild West of IoT security. Manufacturers and suppliers will need to ensure that devices meet specific security standards before hitting the shelves. 2.      Ransomware Reporting: Certain businesses will be required to report ransomware payments to help authorities better understand the threat landscape. 3.      Enhanced Information Sharing: The Act facilitates faster and more open sharing of information between the National Cyber Security Coordinator (#NCSC), the Australian Signals Directorate (#ASD), and relevant entities during cyber incidents. 4.      Cyber Incident Review Board (#CIRB): This independent body will conduct no-fault post-incident reviews of significant cyber incidents to identify lessons and improve future response. This comprehensive legislation aims to bolster Australia's cybersecurity posture and protect businesses and individuals alike. Stay tuned for more updates on how this Act will shape the future of cybersecurity in Australia. #Cybersecurity #Australia #CybersecurityAct #CybersecurityBill https://lnkd.in/gFS3HF8V

74

3 Comments

Small Business Cyber Security: How to secure your small business from common cyber security threats. Credit: The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) #cybersecurity #Smallbusiness

5

𝐄𝐦𝐛𝐫𝐚𝐜𝐢𝐧𝐠 𝐚 𝐒𝐞𝐜𝐮𝐫𝐞 𝐅𝐮𝐭𝐮𝐫𝐞: 𝐌𝐲𝐆𝐨𝐯 𝐄𝐧𝐚𝐛𝐥𝐞𝐬 𝐒𝐮𝐩𝐩𝐨𝐫𝐭 𝐟𝐨𝐫 𝐏𝐚𝐬𝐬𝐤𝐞𝐲𝐬 Exciting news in the Australian digital security landscape! MyGov has recently enabled support for passkeys, marking a significant step towards enhancing online safety and user convenience. 𝐖𝐡𝐲 𝐏𝐚𝐬𝐬𝐤𝐞𝐲𝐬? 🤔 Passkeys are a revolutionary password-free way of logging in, offering robust protection against phishing and malicious websites. They use public-key encryption to ensure that your private key never leaves your device, while the public key is stored with the service provider. This means that passkeys cannot be guessed, shared, or stolen through company server breaches, making them a formidable defense against cyber threats. 𝐁𝐞𝐧𝐞𝐟𝐢𝐭𝐬 𝐚𝐭 𝐚 𝐆𝐥𝐚𝐧𝐜𝐞: ✨ 𝘚𝘵𝘳𝘰𝘯𝘨 𝘣𝘺 𝘋𝘦𝘧𝘢𝘶𝘭𝘵: Every passkey is inherently strong and unique. No More Password Fatigue: Forget the hassle of remembering and typing out complex passwords. 𝘗𝘩𝘪𝘴𝘩𝘪𝘯𝘨 𝘙𝘦𝘴𝘪𝘴𝘵𝘢𝘯𝘵: Passkeys are bound to the specific sites they’re created for, rendering them useless on fraudulent lookalike sites. 𝘜𝘴𝘦𝘳-𝘍𝘳𝘪𝘦𝘯𝘥𝘭𝘺: Passkeys offer an improved user experience with seamless access across devices. Let’s champion this initiative and move towards a passwordless future with MyGov. Very well done MyGov. PS: Don't forget to turn OFF your passwords once you enable passkey !!! #DigitalSecurity #Passkeys #MyGov #OnlineSafety #Innovation

48

6 Comments

https://lnkd.in/etFZF7PQ Cyber security training once a year isn’t working We all know how important it is to keep our people up-to-date on the latest cyber threats. After all, with cyber attacks on the rise, staying one step ahead is crucial to protect your business from potential breaches. But here’s the thing – annual cyber security training just isn’t cutting it anymore. Sure, it’s become a routine part of the calendar for many organisations. And it’s great that it’s happening at all. But ask any security leader, and they’ll tell you… employees find it time-consuming and uninspiring. From clicking through slides to skimming through videos at double-speed, it’s usually seen as just another box to tick. And let’s be honest, even for those who do engage with the training, there’s little evidence it leads to real behaviour change. That’s because the traditional approach lacks interactivity and doesn’t connect with employees on a personal level. It’s more about ticking boxes than building a culture of cyber security vigilance. Guess what? There’s a better way. It’s all about small, regular, human-centric interventions. Think of it like the speed signs you see when you’re driving. They remind people to stop and think before they engage in risky behaviour. Just as the signs work for driving, this kind of training makes your employees more aware of what they’re clicking. By nudging employees toward safer decisions in real-time, we can help them develop better cyber hygiene habits without overwhelming them with information overload. It’s about empowering them to make smarter choices every day. And with the amount of Generative AI and third-party tools we’re surrounded with right now, it’s more important than ever to give employees the guidance they need to navigate potential risks. Whether it’s through real-time coaching or policy reminders, we can help employees understand the importance of safeguarding sensitive data. So, while there may be a place for annual training, it’s time to think about using a more proactive approach to cyber security education. This is something we can help you with. If you want to learn more, get in touch.

1

ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations: Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecurity. This guidance provides critical information on how to create and maintain a safe, secure operational technology (OT) environment. The six principles outlined in this guide are intended to aid organizations in identifying how business decisions may adversely impact the cybersecurity of OT and the specific risks associated with those decisions. Filtering decisions that impact the security of OT will enhance the comprehensive decision-making that promotes security and business continuity. CISA encourages critical infrastructure organizations review the best practices and implement recommended actions which can help ensure the proper cybersecurity controls are in place to reduce residual risk in OT decisions. For more information on OT cybersecurity, review our Industrial Control Systems page and the Joint Cybersecurity Advisory Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems to help critical infrastructure organizations manage and enhance their OT cybersecurity. https://lnkd.in/gjVHUtGw

3

10 Forward-Thinking Aspects of the Australian Cybersecurity Bill 2024: 1. Mandatory Security Standards for Connected Products: Ensures all connected devices meet strict security requirements to protect against vulnerabilities. 2. Cyber Incident Review Board: A game-changing move that creates an official board to investigate and review major cyber incidents, improving national resilience. 3. Ransomware Reporting Obligations: Introduces compulsory reporting of ransomware attacks, enhancing transparency and response times. 4. Protection of Reported Information: Strong safeguards to ensure that sensitive information shared in incident reports is securely protected from misuse. 5. Extraterrestrial Application: Forward-looking provisions that extend cybersecurity measures to Australian interests beyond Earth, such as satellites and space infrastructure. 6. Regulatory Power for Compliance: New powers for regulatory bodies to enforce compliance and ensure organizations meet cybersecurity obligations. 7. Public Reporting of Cyber Incidents: Encourages accountability through regular, public reports on significant cyber incidents and breaches. 8. Incentives for Cybersecurity: Offers rewards and incentives to businesses for proactively investing in and implementing strong cybersecurity measures. 9. Collaboration with States and Territories: Promotes a unified approach by fostering cooperation between federal, state, and territory governments on cybersecurity policies and responses. 10. Security Implications of Emerging Technologies: Takes a proactive stance on addressing the cybersecurity risks associated with emerging technologies, ensuring Australia is prepared for future challenges. #Cybersecurity #Cyber_Resilience #Emerging_Technologies #Ransomware_Protection #Incident_Response #Tech_Regulation #Cyber_Policy #Cyber_Law #Space_Cybersecurity #National_Security

18

I am hearing on the vine that this campaign is having significant success in a number of sectors. Make sure your staff are aware. Update your response plans. Do you have a playbook for stolen session cookies? Update your systems with known IOCs. Comment below if you have additional suggestions or tips.

36

3 Comments

The State of Cloud Security Platforms and DevSecOps: A new survey by Cisco and Enterprise Strategy Group reveals the true contours of cloud native application development and security

1

Best Practices for Event Logging and Threat Detection: Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) in cooperation with the following international partners:  * United States (US) Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA). * United Kingdom (UK) National Cyber Security Centre (NCSC-UK). * Canadian Centre for Cyber Security (CCCS). * New Zealand National Cyber Security Centre (NCSC-NZ) and Computer Emergency Response Team (CERT NZ). * Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and Computer Emergency Response Team Coordination Center (JPCERT/CC). * The Republic of Korea National Intelligence Services (NIS) and NIS’s National Cyber Security Center (NCSC-Korea). * Singapore Cyber Security Agency (CSA). * The Netherlands General Intelligence and Security Service (AIVD) and Military Intelligence and Security Service (MIVD). Event logging supports the continued delivery of operations and improves the security and resilience of critical systems by enabling network visibility. This guidance makes recommendations that improve an organization’s resilience in the current cyber threat environment, with regard for resourcing constraints. The guidance is of moderate technical complexity and assumes a basic understanding of event logging. An effective event logging solution aims to: * Send alerts to the network defenders responsible for monitoring when cyber security events such as critical software configuration changes are made or new software solutions are deployed. * Identify cyber security events that may indicate a cyber security incident, such as malicious actors employing living off the land (LOTL) techniques or lateral movement post-compromise. * Support incident response by revealing the scope and extent of a compromise. * Monitor account compliance with organizational policies. * Reduce alert noise, saving on costs associated with storage and query time. * Enable network defenders to make agile and informed decisions based on prioritization of alerts and analytics. * Ensure logs and the logging platforms are useable and performant for analysts. There are four key factors to consider when pursuing logging best practices: * Enterprise-approved event logging policy. * Centralized event log access and correlation. * Secure storage and event log integrity. * Detection strategy for relevant threats. To access the PDF version of this report, visit here. Introduction The increased prevalence of malicious actors employing LOTL… https://lnkd.in/gBe_Bji7

1

Gathid has been selected as a finalist for the Australian Information Security Association (AISA) 2024 Cyber Security Award in the Start-up of the Year category.  As Australia’s leading industry body for information and cyber security, AISA’s awards program is designed to celebrate excellence, innovation, integrity, leadership and outstanding achievements in the cyber security sector. “The Gathid team is thrilled to be recognized as a finalist for AISA’s Start-Up of the Year Award, which acknowledges the innovative spirit that drives us,” said Peter Hill, founder and CEO at Gathid. “Our patented approach is fundamentally different from traditional identity approaches. Most organizations have significant identity debt and find it difficult to easily trace their identities (including non-human) and their access. By using knowledge graph technology to generate daily digital twins of an enterprise’s identity ecosystem, Gathid delivers complete, actionable visibility over their identity landscape in ways never seen before.” Read the full media release via our website. https://lnkd.in/gFSncGC5 Vote for Gathid here. https://lnkd.in/g642tWST #IdentityGovernance #AccessManagement #Innovation #StartUpOfTheYear #AISA #TechInnovation #DataSecurity #IdentitySolutions #IdentityGraph #Gathid #CyberCon2024

10

1 Comment

Hot off the Press: ACSC Annual Cyber Threat Report 2023-2024 The ACSC has just released its Annual Cyber Threat Report 2023-2024, shining a spotlight on the escalating sophistication of cyber threats in Australia. From ransomware to state-sponsored activity, the report provides invaluable insights into the risks affecting industries and critical infrastructure. It calls for stronger collaboration, proactive defense strategies, and innovation to secure our digital future. Don’t miss this essential read for anyone navigating the cybersecurity landscape: https://lnkd.in/ge9TRwiY #Cybersecurity #HotOffThePress #ACSC #ThreatReport

13

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises: Today, the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), the Cybersecurity and Infrastructure Security Agency (CISA), and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromises. This guide informs organizations of recommended strategies to mitigate common techniques used by malicious actors to compromise Active Directory. Active Directory is the most widely used authentication and authorization solution in enterprise information technology (IT) networks globally. Malicious actors routinely target Active Directory as part of efforts to compromise enterprise IT networks by escalating privileges and targeting the highest confidential user objects.   Responding to and recovering from malicious activity involving Active Directory can be consuming, costly, and disruptive. CISA encourages organizations review the guidance and implement the recommended mitigations to improve Active Directory security. To learn more about taking a top-down approach to developing secure products, visit CISA’s Secure by Design webpage.  https://lnkd.in/g9uXgHHK

1

Last chance to register for the Crafting Effective Cyber Incident Response Playbooks workshop: Join us day after for a one-hour session to learn how to develop impactful Cyber Incident Response Playbooks. This interactive workshop will be led by our CEO and NCSC Assured Trainer, Amar Singh. Receive detailed step-by-step guidance on crafting playbooks that not only work effectively but also help in mitigating damage from cyber attacks. You'll also discover how to define, establish and implement an ICT-related incident management process with your Playbooks, as required by the EU DORA regulation. #cyberincidentresponse #cybersecurity https://hubs.li/Q02z6N_x0

1

Summary of Cyber Challenges in Australia and Solutions with Independent Voice's Email Collaboration Suite Australia faces a complex cyber threat landscape, exacerbated by advancements in technology that benefit both society and malicious actors. In FY2023-24, the Australian Signals Directorate (ASD) responded to over 1,100 cyber security incidents and received more than 36,700 calls to its Australian Cyber Security Hotline. State-sponsored cyber actors, particularly from China and Russia, continue to target Australian networks, including critical infrastructure, for espionage, influence, and disruptive attacks. Cybercrime remains a significant threat, with business email compromise, ransomware, and data theft being pervasive and costly. The ASD emphasizes the importance of strong partnerships, continuous monitoring, and compliance with best practices to build resilience against these threats. Solutions with Independent Voice's Email Collaboration Suite To address one key entry point is to protect your Microsoft 365 email environment, Independent Voice's Email Collaboration Suite offers comprehensive cybersecurity features: 1. Anti-Phishing Protects against sophisticated phishing attacks by identifying and blocking malicious emails before they reach your inbox. 2. Malware Prevention Includes advanced anti-virus protection that detects and prevents known malware, ensuring that your email environment remains secure. 3. URL Protection Blocks malicious URLs and rewrites them to ensure safe access, preventing users from inadvertently accessing harmful websites. 4. Account Takeover Prevention Monitors for anomalies in account behavior to prevent unauthorized access and takeovers, safeguarding your email accounts. 5. Unauthorised Applications Detection Identifies and mitigates shadow IT by detecting unauthorised applications, ensuring that all software used is secure and compliant. 6. Data Loss Prevention (DLP) Ensures that sensitive information is not lost or misused by monitoring and controlling data flows within the email environment. By implementing these features, Independent Voice's Email Collaboration Suite helps organizations maintain a secure email environment, comply with the Australian Privacy Principles (APPs), and protect against a wide range of cyber threats. This proactive approach to email security is essential for safeguarding sensitive data and ensuring operational continuity in the face of evolving cyber challenges. If you need further assistance or have specific questions about protecting your email environment, feel free to ask! [email protected]

2

1 Comment

𝐖𝐞 𝐚𝐫𝐞 𝐚𝐧𝐬𝐰𝐞𝐫𝐢𝐧𝐠 𝐲𝐨𝐮𝐫 𝐛𝐮𝐫𝐧𝐢𝐧𝐠 𝐈𝐓 𝐪𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬 🔥 The Essential 8 is a mitigation strategy developed by the Australian Signals Directorate (ASD) to help businesses protect themselves against cyber threats. The 8 mitigation strategies are: 🛡️ Patch applications 🛡️ Patch operating systems 🛡️ Multi-factor authentication 🛡️ Restrict administrative privileges 🛡️ Application control 🛡️ Restrict Microsoft Office macros 🛡️ User application hardening 🛡️ Regular backups As an #ITProvider, we implement best practices across all our services. This includes Essential 8 to ensure robust protection for our clients, enhancing their resilience against cyber threats and optimising their operational efficiency. Have any burning IT questions? Comment yours below and we will answer them. 👇🏼👇🏼 #DBT #CyberSecurity #Essential8

9

🚨 Big News in Cyber Security! 🚨 Australia has just passed its first Cyber Security Act—a huge leap forward in tackling the growing cyber threat landscape. 🛡️ This new legislation will enforce minimum security standards across businesses, raising the bar for how we all protect our data and systems. But let’s be real—cybercriminals aren’t going to pack up and leave just because the government tells them to! The ball’s in your court to make sure your business is protected. That’s where ARCSEC IT steps in. We’re all about keeping it simple, no scare tactics, just solutions—helping you meet compliance and safeguard your business without drowning in tech jargon. 💡 Not sure where to start? We’ve got you covered. Check out our tailored IT and security packages—we’ll meet you where you are and help you level up: https://lnkd.in/giYmCw2v Because at the end of the day, it’s not just about ticking boxes. It’s about having the confidence to focus on your business while we’ve got your back. So don’t wait until it’s too late—let’s lock it down together! 🔒

9