Story image

Security firm Cyber Toa launches virtual CISO for Kiwi businesses

12 Jun 2017

New Zealand businesses struggling to deal with the torrent of security threats now have help at hand - in the form of a virtual chief information security officer (vCISO).

Wellington-based security company Cyber Toa launched the vCISO last week, and chief executive Mandy Simpson says it's a tool for businesses to help concentrate resources to where they are needed most.

“To be honest, all indications are that cyber-crime is growing in New Zealand. Requests for assistance to the National Cyber Security Centre were up 66 percent in the year to April 2016 and global security provider Symantec put the cost of cyber-crime in New Zealand at $US200 million last year,” she says.

She says that security failures can cause not only financial losses but also reputational damage. In the case of personal data, if it gets stolen suddenly criminals have control.

“It’s easy for companies to be overwhelmed with the number of things they must do to stay safe. While some companies can afford a full time chief information security officer (CISO) to deal with the growing risks, not every organisation has resources at their disposal. A virtual CISO allows companies to access our Cyber Toa expertise in a flexible way," she adds.

That vCISO will be able to help conduct a company-wide risk assessment, develop breach response plans and develop awareness programmes for employees.

“And of course, if an incident occurs, a virtual CISO can lead the response, including accessing our specialist team to help. We provide everything required for the virtual CISO to act quickly and protect the company," Simpson says.

Behind the scenes, Cyber Toa's technical team is responsible for the vCISO project.

“Our technical team is led by Tony Grasso, with decades of experience in the New Zealand intelligence community, and GCHQ. The virtual CISO service gives companies access to expertise that would be very difficult for them to directly employ,” Simpson concludes.

Chillisoft rounds out portfolio with file integrity vendor
Tripwire is the fourth vendor for Chillisoft in six months, adding critical security controls, vulnerability management and file integrity monitoring.
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Optic Security Group celebrates Axis accolade
Auckland-based business security systems provider Fortlock has picked up an award at Axis Communications’ annual Oceania Axis Partner Summit 2019.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.