ISO Blog Series Part 4: Road to ISO27001 – Document, Document and More Documenting

If you have been reading our blog series you will be following our journey to becoming ISO 27001 certified, which we achieved in February this year! In Part 3 we discussed how we utilised lockdown to get our advantage with some extra time on our hands. At that stage in our ISO journey, our ISMS was running with a high level of governance, however, it was not yet ready to get us ISO certified. There were still some pieces we needed to complete to get us over the line to achieve ISO 27001 certification. Let’s take a close look at the next stage we took on our journey to become ISO certified – one which involved a fair bit of documenting!

Read More

Are the latest cyber attacks just fuelling the new buzz on security?

Stop, drop, and roll, is everything on fire?

Now that the media hysteria has abated on the topic of DDoS, it seems timely for us to provide some commentary on this long standing topic from the perspective of security professionals.

The recent Distributed Denial of Service (DDoS) attacks on NZX, Stuff, RNZ, and many more have had the media bombarding us with updates and semi-new information aimed to keep us, the general public informed. Reading some articles on RNZ, Stuff, and NZHerald provide similar information on the attack.

There is no denying that the threat of sophisticated cyber-attacks are real, and while raising awareness about what is currently happening is a good thing, doing so without care may not be helpful. Read More