August 14th, 2017

IT Security Training Australia sponsors HAISA 2017

We invite you to participate in the event which, will be held over the 28-30th November 2017 in Adelaide, Australia. This symposium, the eleventh in the series, will bring together leading figures from academia and industry to present and discuss the latest advances in information security from...

August 4th, 2017

Who’s listening? Privacy and legal issues with chatbots and voice activated apps

The use of chatbots and voice activated apps (such as Siri or Google Now, smart TVs and other household items and even toys like Hello Barbie) is increasing.  These apps rely on recording and storing audio collected by the device on an on-going basis.  These recordings will inevitably...

EU GDPR, Privacy, Australia July 27th, 2017

The new EU General Data Protection Regulation: Does it apply to you?

From 25 May 2018 Australian businesses may need to comply with the EU General Data Protection Regulation, even if they don't have any physical presence in the EU.  If you offer goods and services or monitor the behaviour of individuals in the EU, then you may be caught.  Our Guidance...

Data breach preparedness: It's more than just notificaton ... April 20th, 2017

Data breach preparedness: It's more than just notificaton ...

New Australian data breach notification laws, effective in February 2018, have focused attention on organisations’ preparedness to notify of eligible data breaches.  But notification is just one part of responding to a data breach or cyber incident.  Data breaches are complex,...

March 28th, 2017

Why is information security blue?

They say a picture is worth a thousand words.  If that's true, what do the images used for information security tell us? What are they trying to convey and are those messages consistent with how we would like to think about information security? There’s an easy way to find out how...

March 13th, 2017

Notifying eligible data breaches: What does it all mean?

Key take-aways Only ‘eligible data breaches’ are notifiable to affected individuals and the OAIC. An eligible data breach is one where there been loss, unauthorised access to or disclosure of information which is likely to result in serious harm. If you’re unsure,...

Pages

Blog

The new EU General Data Protection Regulation: Does it apply to you?

July 27th, 2017

From 25 May 2018 Australian businesses may need to comply with the EU General Data Protection Regulation, even if they don't have any physical presence in the EU.  If you offer goods and services or monitor the behaviour of individuals in the EU, then you may be caught.  Our Guidance...

Why is information security blue?

March 28th, 2017

They say a picture is worth a thousand words.  If that's true, what do the images used for information security tell us? What are they trying to convey and are those messages consistent with how we would like to think about information security? There’s an easy way to find out how...

Notifying eligible data breaches: What does it all mean?

March 13th, 2017

Key take-aways Only ‘eligible data breaches’ are notifiable to affected individuals and the OAIC. An eligible data breach is one where there been loss, unauthorised access to or disclosure of information which is likely to result in serious harm. If you’re unsure,...

Why women (and greater diversity) are good for cyber security

March 12th, 2017

The low number of women in cyber security, and ways that we might encourage more women into the field, has been receiving a lot of attention recently.  This led me to ponder why I think it is important that more women become cyber security professionals. There is certainly little doubt that...

What's happened to data breach notification law in Australia?

December 4th, 2016

It’s December 2016 and still no data breach notification law in Australia, despite the government committing to introduce legislation by December 2015 as part of the protections promised on the introduction of mandatory data retention requirements. So, what’s been going on?

Regular Password Changes: No Longer Good Security Practice

October 18th, 2016

Pages

News

IT Security Training Australia sponsors HAISA 2017

August 14th, 2017

We invite you to participate in the event which, will be held over the 28-30th November 2017 in Adelaide, Australia. This symposium, the eleventh in the series, will bring together leading figures from academia and industry to present and discuss the latest advances in information security from...

Who’s listening? Privacy and legal issues with chatbots and voice activated apps

August 4th, 2017

The use of chatbots and voice activated apps (such as Siri or Google Now, smart TVs and other household items and even toys like Hello Barbie) is increasing.  These apps rely on recording and storing audio collected by the device on an on-going basis.  These recordings will inevitably...

February 7, 2017: Ask out loud - Safer Internet Day

February 6th, 2017

What: Share the single call to action with your staff and / or customers: #AskOutLoud If you experience something suspicious online, Ask Out Loud because your online safety is worth a second opinion. How: Share the pre-prepared resources (produced on behalf of Stay Smart Online(SSO)) and promote...

Kick Start Your Cyber Sec Training in 2017

January 27th, 2017

Hone your offensive and defensive cyber skills or develop a deeper understanding of cyber topics (like Dark Web, Bot-nets, Bitcoin, Cryptoware, Watering-holes, Man-in-the-Middle) with practical, hand-on courses led by a respected industry expert. More information available here. SPECIAL OFFER:...

Cyber Security for SME's

December 4th, 2016

Cyber Security for SMEs - Identifying Threats and Preventing Attacks Discover what common cyber threats and attacks face small and medium enterprises, and what you can do to prevent them. Free online course starting on December 5, 2016. https://www.futurelearn.com/courses/cyber-security-...

TREsPASS Summer School: Diversity in Information Security

September 16th, 2016

Dr Jodie Siganto presented on the benefits of diversity in information security practice a the Royal Holloway University of London TREsPASS Summer School in June 2016.  Thanks to Miriam, a very clever illustrator, sketch notes from that presentation are available.  

Pages

Resources

Data breach preparedness: It's more than just notificaton ...

April 20th, 2017

New Australian data breach notification laws, effective in February 2018, have focused attention on organisations’ preparedness to notify of eligible data breaches.  But notification is just one part of responding to a data breach or cyber incident.  Data breaches are complex,...

ISO 27001 ISMS Overview and Implementation Course Materials

September 26th, 2013

 Below are attached the following resources:Practical ISMS Nov 12: Completed Course Slides – November 2012 (updated)ISMS Implementation Diagram ISO 27001 Reference List - articles, books and websites that may be of useResearch Article: "Information Security Management: An...

White Paper

10 reasons why an Australian data breach notification law won’t make any difference

August 29th, 2016

Having been on the drawing board since 2008, It is entirely possible that at some stage in the next two years, Australia may get its own version of a data breach notification law.  But, assuming a law similar to the draft legislation issued for consultation in December 2015 is passed, will it...

Data Breach Notification In Australia - Whitepaper Available!

August 30th, 2013

The first data breach notification law (DBNL) was introduced in California in 2002 (and enacted in 2003).  Since that time, similar laws have been introduced in different forms in nearly all the States in the United States and are under consideration in a number of other jurisdictions...

Privacy Act Amendments: What Do They Mean For Information Security?

August 30th, 2013

In May 2012, as part of Privacy Awareness Week, the Attorney General announced amendments to the Privacy Act 1988 (Cth), with the Amendment Bill (all 266 pages of it) introduced to Parliament in late May.  The Bill is expected to pass through both Houses without issue.  The amendments...

Data Breach Litigation In The U.S.: What Does It Mean For Australia?

August 30th, 2013

Since the passing of Data Breach Notification laws in the U.S. there has been an explosion of data breach related litigation.  Most of the actions are brought as class action suits (because the amounts sought per head is small but the groups are often very large).  Although most of the...

Subscribe to ITSTA News