Open to new opportunities
For me, this sadly means that my role will stop to exist at the end of January 2021, so I will be looking for a new position shortly.
Thank you in advance for any connections, advice, or opportunities you can offer.
You can contact me by email or via Linkedin.
Xinja is closing deposit accounts
It is a sad time for all of us at Xinja. We have worked hard to get there. But we have a lot to be proud of. We demonstrated to all that it was possible to build a bank from scratch, based on a modern cloud-based tech stack.
Some said we were the crazy ones. Maybe we were. But we created momentum. We lead the way. Other will come and continue what we started. Creating better banking, and better tomorrows.
On a personal note, I am proud that Xinja has been rated the most secure bank in Australia for 6 out of the last 12 months (and as per how Dec. is going so far, still is ππ). Not a small achievement for the small team we were.
Thanks to all past and present #xinjasecurity team members. It would not have been possible without you.
Kudo to Aron, Priyal, Richard, Will, Nicole, Gary, Jeremy & Greg. You guys rock! π€
For more information about the closure of Xinja accounts, visit https://xinja.com.au/xinja-bank-accounts-and-stash-accounts-being-discontinued/
In a time of change, identity has become the key to security - Webminar
Check out the full video on GoToStage.
π‘ Defence in Depth
"Defence in depth", sometime also called “layering” is a central concept in information security. It relates to the idea that security components should be designed so they provide redundancy in the event one of them was to fail.
This article explores the concept of defence in depth, and how it applies to modern technology stacks and in the cloud.
Xinja emails get maximum security score
Incident Response and Breach Impact Minimisation Panel
More than ever, Government, industry and businesses have been under increasing attacks. The Australian Cyber Security Centre (ACSC) recently published a report stating it had responded to approximately 2300 cyber security incidents between July 2019 and June 2020. But in these times with many staff working from home, if your business was to suffer from a cyber breach, would you be able to respond effectively?
We will discuss best practices in incident response and how to manage and minimise the impact of a breach on your business.
More information at https://app.livestorm.co/forefront-events/incident-response-1
Xinja is now PCI DSS compliant certified
It is a huge milestone for us and, if you ever got through such a certification process, you would know how challenging it is!
To mark the event, we published a short article on how we designed our environments to get compliance. So read more about it below:
Future of Security Conference
If you were not able to attend, you can still catch these sessions on the conference website.
Future of Security Conference
I am very honoured to be one of the speakers. I will be discussing the Australia Consumer Data Right (CDR), and how it can be used to champion privacy while spurring innovation.
I will also be part of a panel discussing how emerging technologies are reshaping cyber security risks and controls, strategies to infuse security culture into financial services’ enterprise DNA.
Find out more on the conference website.
Understanding the Payload-Less Email Attacks Evading Your Security Team
How to become a Fierce Female Leader in Cybersecurity Meetup
Security GRC Manager role @ Xinja
Future of Security Conference, Sydney
I am very honoured to be one of the speakers at the next Future of Security conference in Melbourne on 24/03 and in Sydney on 26/03. I will be discussing the Australia Consumer Data Right (CDR), and how it can be used to champion privacy while spurring innovation.
On the 26/03 (Sydney), I will also be part of a panel discussing how emerging technologies are reshaping cyber security risks and controls, strategies to infuse security culture into financial services’ enterprise DNA with Wayne Bozza, Sarah O'Brien and Sumeet Kukar and Larkin Ryder.
CPS 234 NSW Morning Briefing
Thank you to Jason Anderson and Wayne Bozza for their insightfull perspectives. And thanks to Paul Schofield for his fantastic facilitation and direction.
π‘ Digital Identity and Authentication
Time to go through the concepts of Digital Identity and Authentication, and how they are generally implemented in IT environments to automate access to websites, services and applications.
While this article does not require any specific technical knowledge, it is not a trivial topic, and I have purposely tried to not oversimplify some of the concepts. I have done my best to keep it easy to read, but feel free to send some feedback if some parts are too complex and you would like further clarifications.
CPS 234 NSW Morning Briefing
With the passing of the July 1st deadline, ARPA regulated entities must meet the mandatory Prudential Standard CPS 234. The Standards have been created to improve resilience against information security threats, and those entities need to put the correct implementation strategy in place to safeguard themselves in the information age.
A key objective is to minimise the likelihood and impact of information security incidents on the confidentiality, integrity or availability of information assets, including information assets managed by related parties or third parties.