Blog

June 2024 Updates to the Australian ISM and What That Means for You

The Australian Government's Information Security Manual (ISM), the standard that governs the security of government ICT systems, was updated in June 2024 as part of its regular revision cycle managed by the Australian Cyber Security Centre (ACSC). These updates reflect ongoing efforts to adapt to evolving cybersecurity threats and improve the resilience of information systems. Here’s a comprehensive look at these updates and what they mean for organizations.

Continue Reading...
What’s New in CIS Controls v8.1?

The Center for Internet Security (CIS) Critical Security Controls offers a practical and cost-effective approach, boasting a comprehensive set of best practices for strengthening organizational cybersecurity. It recently released version 8.1 of its Critical Security Controls.

Continue Reading...
In the Heart of Cybersecurity: Insights from my First RSA Conference

Last week marked a significant milestone in my career as I had the opportunity to attend the 2024 RSA Conference, a cornerstone event in the cybersecurity world, held annually in the city of San Francisco. As a first-timer venturing beyond the shores of Australia, I found myself immersed in a whirlwind of innovation and thought-provoking discussions alongside over 41,000 attendees from across the globe.

Continue Reading...
Navigating the AI Governance Landscape with Avertro

The advent of generative AI has been nothing short of a revolution, embedding itself deeply into the fabric of almost every industry. From healthcare innovations to financial services, generative AI has unlocked new potentials, made processes more efficient, and sometimes, even redefined the way businesses operate. However, as organizations embrace these advancements, they also grapple with significant challenges, particularly in managing cybersecurity risks and ensuring regulatory compliance. Herein lies the crucial role of AI governance—a framework not just for leveraging AI's capabilities but doing so securely and ethically. This is where Avertro, a pioneering solution provider, comes into play, offering robust tools and insights to navigate the complex landscape of AI governance.

Continue Reading...
How to Effectively Implement AI Governance

In the rapidly evolving landscape of artificial intelligence (AI), the significance of AI governance has never been more pronounced. Following our exploration of AI governance's crucial role in cybersecurity, it's imperative to address how organizations can practically implement these governance frameworks. Effective AI governance ensures AI technologies are used ethically, securely, and efficiently, safeguarding data and aligning AI initiatives with organizational values. This blog aims to demystify the process of implementing AI governance, providing a roadmap for organizations ready to navigate this essential journey.

Continue Reading...
Why Is AI Governance Important?

In the wake of generative AI's transformative impact across various sectors, the dialogue around AI governance has intensified. Building on the foundational understanding that AI governance, as Gartner outlines, ensures the responsible, ethical, and secure deployment of AI technologies, we delve deeper into its broader implications. The significance of AI governance transcends mere cybersecurity measures, embedding itself into the ethical fabric, legal integrity, innovation strategies, and trust mechanisms of organizations employing AI.

Continue Reading...
What is AI Governance?

The integration of generative AI across various sectors has been nothing short of revolutionary, offering both unparalleled opportunities and new challenges in data security. This technological surge has propelled industries into a new era of innovation and efficiency, but it has also exposed them to vulnerabilities that were previously uncharted.

Continue Reading...
How Avertro Can Assist With NYDFS Compliance

The New York Department of Financial Services (NYDFS) has set forth rigorous cybersecurity regulations, underscoring the critical need for financial institutions to bolster their cyber defenses. These regulations are designed to protect the financial services industry and its consumers from cyber threats and to ensure the safety and soundness of the institutions within this sector. Avertro, a cybersecurity leadership platform, stands out as a key solution for companies striving to comply with these demanding standards. This guide explores the functionality of Avertro and how it can assist companies in navigating the NYDFS cybersecurity regulations effectively.

Continue Reading...
Navigating Compliance: Effective Implementation of the NYDFS Cybersecurity Regulations

With the increasing sophistication of cyber threats targeting the financial sector, the New York Department of Financial Services (NYDFS) cybersecurity regulations have become a critical blueprint for safeguarding financial institutions. For Class A companies, these regulations are not just guidelines but mandates for ensuring robust cybersecurity measures are in place. This blog post explores strategic approaches to effectively implement the NYDFS rules, ensuring not only compliance but also a fortified cybersecurity posture.

Continue Reading...
The Critical Importance of NYDFS Cybersecurity Regulations

In the digital age, where financial transactions and data flow seamlessly across global networks, cybersecurity has emerged as a cornerstone of financial stability and integrity. The New York Department of Financial Services (NYDFS) cybersecurity regulations represent a pioneering effort to establish a robust framework for protecting the financial services sector from cyber threats. This blog post explores the importance of the NYDFS rules, emphasizing their role in safeguarding the financial ecosystem and fostering trust in an increasingly interconnected world.

Continue Reading...
Understanding NYDFS Cybersecurity Regulations: A Primer for Class A Companies

In the rapidly evolving landscape of digital finance, cybersecurity has become a paramount concern for regulatory bodies and financial institutions alike. The New York Department of Financial Services (NYDFS) has been at the forefront of addressing these concerns through the implementation of comprehensive cybersecurity regulations. This blog post delves into the essence of the NYDFS rules, their core components, the challenges they present, and the best practices for navigating these regulations effectively.

Continue Reading...
How Avertro Can Help With SEC Cybersecurity Rules Compliance

In an era where cyber threats loom larger than ever, the U.S. Securities and Exchange Commission (SEC) has stepped up its game by introducing stringent cybersecurity regulations. These rules aim to enhance the resilience of public companies against cyber threats, ensuring they are better prepared to protect investors and the broader financial system. For companies scrambling to meet these new standards, Avertro offers a beacon of hope. This blog explores how Avertro's cybersecurity leadership platform can be a pivotal tool in navigating and complying with the SEC's latest cybersecurity mandates.

Continue Reading...
Effectively Implementing the SEC Cybersecurity Rules

Navigating the compliance landscape of the U.S. Securities and Exchange Commission (SEC) Cybersecurity Rules presents a formidable challenge for companies, yet it also offers an unprecedented opportunity to strengthen cyber defenses and enhance corporate governance. Effective implementation of these rules requires a strategic approach, integrating robust cybersecurity frameworks with clear communication channels and an educated board of directors. This blog outlines actionable strategies for companies to not only comply with the SEC mandates but also to leverage these requirements as a catalyst for comprehensive cybersecurity improvement.

Continue Reading...
The Importance of the SEC Cybersecurity Rules

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Rules play a pivotal role in the evolution of the digital age, marking a watershed moment for corporate America. These regulations underscore the critical need for transparency, accountability, and proactive management of cyber risks, setting a new standard for how companies approach cybersecurity in the regulatory landscape.

Continue Reading...
Announcing Support for NIST CSF 2.0 in CyberHQ® less than 12 hours from its release

The National Institute of Standards and Technology (NIST) released the latest iteration of its landmark Cybersecurity Framework, NIST CSF 2.0 today. This represents a significant milestone in the ongoing effort to strengthen cybersecurity practices across industries. We are proud to announce that within 12 hours of release, we have added support for the new framework in CyberHQ®.

Continue Reading...
NIST CSF 1.1 vs 2.0 Public Draft vs 2.0 Official Release Circuit Board

The National Institute of Standards and Technology (NIST) officially released version 2.0 of their Cybersecurity Framework today. Here's what's changed.

Continue Reading...
Understanding the SEC Cybersecurity Rules

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Rules mark a significant step forward in reinforcing the need for good cyber governance for public companies. These rules underscore the importance of cybersecurity in the regulatory landscape, aiming to safeguard investor interests, enhance market integrity, and foster a culture of transparency and accountability in the face of evolving cyber threats.

Continue Reading...
Cyber Governance: The Gap

In the realm of cybersecurity, traditional program management approaches often fall short, plagued by fragmented data, manual processes, and subjective assessments. This not only hampers the ability to defend budgets but also challenges cybersecurity leaders to justify the necessary funding for initiatives aimed at meeting stakeholders' expectations and goals. The cybersecurity landscape today is in dire need of solutions that not only address the operational aspects but also bolster governance, enabling leaders to present their strategies in terms understandable to senior management and boards.

Continue Reading...
6 Steps to Effectively Implement Cyber Governance

Implementing effective cyber governance within an organization is a critical step towards safeguarding its digital assets and ensuring operational resilience. This process, far from being a static set of rules, requires a dynamic and ongoing commitment to adapting cybersecurity practices in line with evolving threats and business objectives. This comprehensive guide outlines the essential steps and strategies necessary for the practical establishment and maintenance of a robust cyber governance framework.

Continue Reading...
Why is Cyber Governance Important?

In today's digital age, understanding and implementing effective cyber governance has become a critical component of an organization's overall health and resilience. Cyber governance goes beyond mere compliance and risk management; it represents a strategic asset essential for safeguarding sensitive data and digital assets against increasingly sophisticated and pervasive cyber threats. This comprehensive blog explores the significance of cyber governance in today's organizations, highlighting its role in protection against cyber threats, ensuring compliance, fostering a culture of security awareness, bolstering business continuity, and aligning cybersecurity with business objectives.

Continue Reading...
What is Cyber Governance?

Navigating the complex landscape of cyber governance is crucial in today's digital era, where the security and integrity of digital assets are paramount. This comprehensive blog delves into the essence of cyber governance, its core components, challenges, and leading practices for building a resilient organization. Understanding what cyber governance truly entails is the foundation of this journey. It goes beyond basic cybersecurity compliance to create a management framework that not only ensures the security and integrity of digital assets but also aligns with the organization's overall objectives and risk appetite.

Continue Reading...
How to get ahead of what cyber regulators are doing

I’d never felt the need to snap a selfie in front of a regulator’s headquarters before, until last week. When I was in Washington DC, I visited the cybersecurity industry’s favorite regulator: The U.S. Securities and Exchange Commission (SEC).

Continue Reading...
What's new in the amended New York State Department of Financial Services cybersecurity requirements

The New York State Department of Financial Services recently amended their cybersecurity requirements. The updates are effective starting this month (November 2023).

Continue Reading...
October marks the 20th Cybersecurity Awareness Month

As the leaves change color and temperatures drop, October brings more than just pumpkin spice lattes and Halloween festivities. It's also been designated as Cybersecurity Awareness Month. This annual observance has been celebrated for nearly two decades, serving as a reminder of the ever-increasing importance of protecting our digital lives.

Continue Reading...
NSB Cyber Partners with Avertro

We are proud to announce that we will be partnering with NSB Cyber, an Australian-founded and privately owned cyber company with a mission to assist Australian businesses in building and maintaining their cyber resilience and defend themselves with confidence against the potential for cyber attacks.

Continue Reading...
NIST CSF 1.1 vs 2.0 Public Draft Circuit Board

NIST released the public draft of the NIST CSF 2.0 last week. Many have noticed there's a brand new function: Govern.

Continue Reading...
A Closer Look at SEC's Cyber Risk Management Rules

Following the US Securities and Exchange Commission (SEC) publication of its highly anticipated “Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure” rules, Dr. Ivano Bongiovanni and Ian Yip delved into the key components and reflected on implications for organisations.

Continue Reading...
Decrypting NIST CSF 2.0: Unlocking the Power of AI in Cybersecurity

The National Institute of Standards and Technology (NIST) remains instrumental in cybersecurity. Their recent release of the Discussion Draft for NIST Cybersecurity Framework (CSF) 2.0, marks a significant milestone in updating this influential framework.

Continue Reading...
My Executives Don't Listen to Me: Why Your Cybersecurity Team is Struggling

We’ve been saying that cybersecurity is a board-level issue now for years. However, cybersecurity teams continue to struggle to get the attention that cyber risk deserves from directors and executives.

Continue Reading...
Cyber Audit Team Partners with Avertro

We are proud to announce that we will be partnering with Cyber Audit Team (CAT), a leading provider of cyber security solutions, to deliver strategic cyber security guidance for clients to enhance effective decision-making and planning. 

Continue Reading...
Avertro announced as part of the Tampa Bay Wave’s latest CyberTech Accelerator cohort

Avertro joins startups across the U.S., Israel, Mexico, and Singapore as part of the Tampa Bay Wave’s 2023 CyberTech Accelerator cohort.

Continue Reading...
Cybersecurity and the Australian Federal Budget: October 2022 Edition

As with the past few budgets, I looked for the cybersecurity line items so you don’t have to.

Continue Reading...
Announcing CyberHQ® support for the AICD CSCRC Cyber Security Governance Principles

The Australian Institute of Company Directors (AICD) and Australian Cyber Security Cooperative Research Centre (CSCRC) released their Cyber Security Governance Principles on Friday. Our team spent some time analysing it and can proudly claim to be the first SaaS platform to support it.

Continue Reading...
How to find us at AISA CyberCon 2022

The Australian Information Security Association (AISA) is holding its marquee Australian Cyber Conference 2022 (CyberCon) in Melbourne from the 11th to the 13th of October 2022. Here are all the ways you'll be able to find us there.

Continue Reading...
Happy third birthday to us!

Less than half of businesses make it to their third birthday. We're proud that we've beaten the odds and going from strength-to-strength.

Continue Reading...
ASIC finally has the fangs to ensure companies actively manage their cyber resilience

The Australian Securities and Investments Commission (ASIC) just released its latest Corporate Plan, which outlines their “priorities over the next four years to achieve a fair, strong and efficient financial system for all Australians”.

Continue Reading...
What is Phishing? And How to Protect Your Tech Startup From Them

Phishing ranks #2 as the most expensive causes of a data breach. Priyal explains what Phishing is, the motives behind attackers and how you can protect your organisation.

Continue Reading...
How to Respond if Your Business Is Impacted by a Cyber Attack

Have you fallen victim to a cyber attack? Here's 10 steps on how to respond.

Continue Reading...
What’s the Bare Minimum Security You Need as a Technology Startup?

Are you a technology startup and aren't sure what security you need? We break down the basics.

Continue Reading...
Are You a Tech Startup? Set up Your Cybersecurity Processes in 4 Quick Steps

Not sure where to start? Here are 4 quick and easy steps to setting up your tech startup's cybersecurity.

Continue Reading...
The Keys to Effective Cyber Leadership

What are the keys to effective cyber leadership? Based on an industry study, this article aims to provide insights in answering that question.

Continue Reading...
What’s the ART to creating an authentic culture in organisations?

The right culture in an organisation is critical. What are the keys to success? Sophia Pace, Priyal Bhosale, and Ian Yip explore.

Continue Reading...
A World First

Our CEO Ian uncovers why our product is a world first.

Continue Reading...
The Cyber-Why Company

Who is Avertro? And what problems do we actually solve?

Continue Reading...
Cyber Strategy and Leadership: The key to delivering real cyber resilience for our nation and allies

Avertro's Executive Advisor, Jamie Norton breaks down the missing links for improving our nation’s cyber resilience .

Continue Reading...
Avertro has been accepted into the NSW Going Global Export Program

Avertro has been accepted specifically into the Singapore-focused part of the program, where Global NSW will provide tailored trade services with Singapore technology ecosystem experts, mentors and partners to identify business opportunities and implement a Singapore export strategy.

Continue Reading...
2020 in review

It’s been a tough year, and enough has been said about it. So, I’m going to focus on some of the positive aspects.

Continue Reading...
Relaunching our website

Avertro's been around for over a year now, and we've had the same simple website that's been up since day one. It's time to refresh our web presence.

Continue Reading...
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.