Blog Archives - Page 2 of 20

Axenic Lightning Talks Series – March 2025

By Axenic Team, on 28 March, 2025

A few years back, we kicked off our own internal lightning talks—our way of having a good old geek-out over cybersecurity topics that get our Governance, Risk, Assurance, and Compliance brains buzzing. Think of it as a slightly more structured version of those deep and meaningful yarns we used to have around the office coffee machine… before COVID did its thing and made us all experts in online meetings awkwardness instead.

These blogposts are not written by one team member. The content is provided to you by the whole Axenic Team – or whomever attended on the day.

From iced matcha tea to qualification: The rollercoaster ride to becoming a Qualified Security Assessor (QSA)

By Kinza Sarwar, on 13 February, 2025

Always remember this -> Without ambition, one starts nothing. Without work, one finishes nothing. The prize will not be sent to you. You have to win it – Ralph Waldo Emerson.

If you’re reading this blog, you probably already have some experience with security standards and certifications – maybe you even hold a few yourself. In this blog, I will shed some light on my own journey to gain the QSA qualification and break down the steps I took to make this happen.

New year, new cybersecurity!

By Jan Richardson-Tsoy, on 14 January, 2025

“New year, new you”, lets flip this and look at “New year, new cybersecurity”.

What are some of the assumptions and unconscious biases about cybersecurity that we can pull out and look at?

Plus ça change

By Jim, on 30 May, 2024

When Chris Blunt and I started Axenic back in 2009, John Key was Prime Minister, Barack Obama had just become President of the USA and told Benjamin Netanyahu that he should freeze settlement construction in Gaza to enable movement towards a two-state solution, and a Royal Commission recommended that the 8 Auckland region local government bodies merge to form a “supercity”.

The CSRB, Microsoft, China and You

What does the recent report on Microsoft security mean?

By Doug Newdick, on 7 May, 2024

In May-June 2023 a hacking group affiliated with the Chinese Ministry of State Security (known as Storm-0558) breached the email of several of Microsoft’s customers including the US State Department, the US Department of Commerce, several UK government organisations as well as customers in other countries. They also compromised the personal email accounts of key individuals involved in US relations with China. Read More

The New NIST Cyber Security Framework Is Coming

By Doug Newdick, on 8 August, 2023

We think that the new version of NIST’s Cyber Security Framework is a significant improvement. There’s one big change, but it is the lots of little changes that add up to a massive overall improvement. New Zealand organisations will still need to do some work to plug some of its idiosyncratic gaps, however. Read More

The Blog

Category: Blog