Welcome to Issue 4 of the Australian Cyber Security Magazine. It’s hard to believe that we are already into April – Christmas seems like it was yesterday. Cyber security has again been in the headlines over the past few months – let’s face it, these days it’s rarely not in the news – with several large-scale incidents, such as the one that affected Equifax, capturing much media attention. Globally, ransomware still dominates our incident response efforts, but the rise of cryptomining (more on that later) has become a modern irritation, where stealing CPU and GPU cycles – and electricity – is the new scourge affecting businesses and home users alike.
Here in Australia, we’ve seen the introduction of new cyber security legislation mandating certain kinds of data breaches that relate to personally identifiable information (PII) must now be notified to all affected customers and the Office of the Australian Information Commission (OAIC). This new legislation is vague and is causing concern amongst the business community, since it’s often hard to determine what’s included and what is not, and what constitutes a reportable breach. Following on from the last issue, we have gathered together some more articles containing practical advice and guidance on mandatory breach notification, to help you understand what you need to do in advance, to prepare for such an incident.
We had feedback last year that we didn’t have enough technical security articles, so we’ve taken that advice on board and included deeper investigations into forensics, malware analysis and a technical analysis of Shockwave Flash. We’re privileged to hear from Richard Adams, who explains hybrid forensics, an approach designed to address the problems of dealing with massive data volumes and large networks, and regular author, Guillaume Noé, walks us through the issues faced by investors looking to get in on the cryptocurrency gold rush…Click here to read full article.