Secolve Update: August 2024

It has been an exciting time for growth at Secolve as we welcomed two new team members in August. Rhiana Cooke and Hamza Qamar bring their wealth of knowledge and experience to the Secolve team and are pivotal to furthering our mission of protecting critical infrastructure from cyber threats.

A reminder to all organisations who must adhere to obligations under the SOCI Act – there is just over one month left to submit their Critical Infrastructure Risk Management Program (CIRMP) Annual Report. Here's a quick refresher for what you need to remember. Please reach out if you need any support.

Looking ahead to October’s Cyber Security Awareness Month, we have developed some exciting OT-SAT initiatives. To kickstart your awareness month, we are offering a selection of specially curated OT cyber security training content and other bonuses to help you raise OT security awareness across your organisation at scale. Get in touch to find out more!?

And lastly, we also had a great lunch event in Perth to meet with local owners and operators of critical infrastructure. It was an enlightening session that allowed us to understand the common challenges organisations are currently facing, and we are looking forward to hosting more around Australia soon.?

? - Belinda??

26 June - 13 November?

The Critical Infrastructure Security Excellence Workshops are being held in capital cities across Australia and these in-person events will include the latest information and practical advice relating to the protection of Australia’s critical infrastructure through panel discussions and collaborative activities. Find your relevant dates for a city near you and register here.?

4-5 September?

OT-SAC Summit 2024 is coming up in Singapore soon. This year's summit theme aims to provide a deeper understanding of AI's transformative impact in the OT/ICS cybersecurity realm, addressing the potential benefits and emerging challenges.??

26-28 September?

BSides Canberra returns in Spring 2024 with 3 full days at the National Convention Centre, Canberra. This conference will offer a unique opportunity to expand your knowledge, gain practical insights, and stay ahead of the cyber security curve.?

There’s a lot that's happened in the OT security space, this month. Here is a summary of some of the latest news articles and industry news.?

An earlier cyber security advisory has been updaed by CISA to notify of a rebrand of ‘Royal’ ransomware actors to ‘BlackSuit.’ The update includes recent and historically observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and detection methods related to BlackSuit ransomware. Read more about it here.?

ACSC recently released new guidance for Best practices for event logging and threat detection. The guidance outlines best practice for event logging and threat detection for cloud services, enterprise information technology (IT) networks, enterprise mobility and operational technology (OT) networks.?

The IEC published IEC 62443-2-1:2024 addressing security for industrial automation and control systems outlining the necessary policies and procedures for security programs that asset owners must implement to protect industrial automation and control systems (IACS) during operation.?

Cyber Security Agency of Singapore?have released an updated Operational Technology (OT) Cybersecurity Masterplan as part of continuous efforts to enhance the security and resilience of organisations operating ICS/OT technologies. The updated Masterplan 2024 reflects the evolving maturity of the OT ecosystem and the dynamic nature of cyber threats targeting OT systems in the wake of geopolitical and technological shifts.?

Australian organisations under the SOCI Act have until September 28 to submit their Critical Infrastructure Risk Management Program (CIRMP) Annual Report covering the 2023-2024 Australian financial year. The Annual Report must be approved by the Entity’s board, council or other governing body, and must be submitted using this form.?