When people think about ransomware, they usually picture malicious software, criminal gangs and technical countermeasures. Patching, backups and multi-factor authentication all matter, but recent moves by the UK’s National Health Service suggest that healthcare organisations are beginning to focus on a more fundamental problem, that of supplier risk. In May 2025, NHS England warned suppliers
Artificial intelligence has arrived in most organisations long before the organisation has had a chance to govern it. AI governance and information intelligence have therefore become inseparable disciplines. Before an organisation can manage AI risk, it must first understand what information it possesses, where that information resides and who can access it. AI governance depends
Security frameworks and risk management help organisations navigate a complex world. They provide structure, establish common language and reduce overwhelming problems into manageable pieces. The Australian Cyber Security Centre’s Essential Eight, ISO 27001 and the Information Security Manual (ISM) all serve this purpose. They help organisations make sense of cybersecurity. Yet every framework carries an
The Australian Cyber Security Centre’s Essential Eight has become one of the most influential cybersecurity frameworks in Australia. Government agencies reference it, consultants recommend it and organisations of every size use it to guide investment decisions. The framework enjoys a strong reputation because it focuses on practical controls that reduce exposure to common attack techniques.
