Our Views:
A selection of issues relevant to Forensic and Cyber Security matters during the last month. This month’s theme is “Free Training Tools”.
Privacy Education
As the quantity of customer data being collected increases, so too must the degree of vigilance being paid to prevent a Privacy Breach. We recommend that all staff who are in any way connected with the collection and storage of personal information, undertake training so they are familiar with their obligations under the current Privacy Act.
The Office of the Privacy Commissioner offers a suite of online Privacy learning modules including Privacy 101, Health Information, Employment and Privacy, Credit Reporting, Privacy Impact Assessments and Information Sharing Agreements.
There are also several accompanying guides to the modules which can be downloaded. We encourage you to sign up and start obtaining your own certificate(s) here.
OWASP New Zealand Day 2019
The recent introduction of the General Data Protection Regulation (GDPR), and the requirement for Privacy by Design, requires organisations to consider “data protection through technology design”.
To keep abreast of security design requirements, training is available globally, online and locally. One local example was the tenth OWASP (Open Web Application Security Project) New Zealand Day conference which was held at the University of Auckland on 22 February 2019. OWASP New Zealand Day is a one-day conference dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.
Presentations from the event can be viewed here on YouTube.
Cybersecurity Toolkit for Small to Medium-Sized Businesses
As reported in countless surveys and whitepapers, organisations generally accept that Cyber is now a key risk. So, what should you do next to mitigate this risk? First you should select a suitable set of security controls, then you need a programme of work with suitable resources.
If you are not sure where to start, a good example is the Global Cyber Alliance (GCA) which has built a toolkit for small to medium-sized businesses. The GCA has aligned to the Center for Internet Security Controls (CIS Controls). Select the controls most relevant to your critical assets and start making improvements using the free tools, practical tips and guides located here.
About the Bulletin:
The NZ Incident Response Bulletin is a monthly high-level executive summary containing some of the most important news articles that have been published on Forensic and Cyber Security matters during the last month. Also included are articles written by Incident Response Solutions, covering topical matters. Each article contains a brief summary and if possible, includes a linked reference on the web for detailed information. The purpose of this resource is to assist Executives in keeping up to date from a high-level perspective with a sample of the latest Forensic and Cyber Security news.
To subscribe or to submit a contribution for an upcoming Bulletin, please either visit https://incidentresponse.co.nz/bulletin or send an email to bulletin@incidentresponse.co.nz with the subject line either “Subscribe”, “Unsubscribe”, or if you think there is something worth reporting, “Contribution”, along with the Webpage or URL in the contents. Access our Privacy Policy.
This Bulletin is prepared for general guidance and does not constitute formal advice. This information should not be relied on without obtaining specific formal advice. We do not make any representation as to the accuracy or completeness of the information contained within this Bulletin. Incident Response Solutions Limited does not accept any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, when relying on the information contained in this Bulletin or for any decision based on it.
Incident Response Solutions 