Mathew Clark

Passionate, results-driven IT Security Professional. I mature cybersecurity practices in organisations, and help clients defend their business data. I work with clients to build governance, risk management, and compliance (GRC) based on Essential 8, ISO, NIST. I develop and implement successful Cyber Security practices.
Find me on:

Recent Posts

September '21 in Review - Vulnerabilities, Exploits and Zero Days

Posted by Mathew Clark on 29 September 2021 14:13:33 ACST

Hello everyone.

September '21 had a lot going on in the land of Cybersecurity - seeing the release of 3 major vulnerabilities and exploit Proof Of Concepts (POCs) for Apple IOS (iPhone), Exchange Autodiscover, and VMWare vCenter Bad Packet. We'll go into some depth of these exploits, but I would like to first make an announcement.

Read More

Topics: Security, ransomware, Cybersecurity

ACSC Cyber Threat Report - How to build a resilient cybersecurity practice

Posted by Mathew Clark on 22 September 2021 12:30:00 ACST

In the previous blog, we analysed the key trends that emerged out of ACSC Annual Cyber Threat Report (2020-2021). To summarise, in the last financial year, ACSC reported an increase in the number of reported cyber crimes perpetuated by individuals, groups and state actors alike, including:

  • Over the course of 2020 - 2021 financial year, the ACSC received over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year.
  • The increase in volume of cybercrime reporting translated to one report of cyberattack every 8 minutes compared to one every 10 minutes reported in 2019 - 2020 financial year. 
  • Self-reported losses from cybercrime totalled more than $33 billion. 
  • ACSC received over 22,000 calls on the Cyber Security Hotline – an average of 60 per day and an increase of more than 310% from the financial year 2019 - 2020.
  • A higher proportion of cyber security incidents reported in the financial year 2020 - 2021, was categorised by the ACSC as ‘substantial’ in impact.
Read More

Topics: Security, ransomware, Cybersecurity

State of Cybersecurity - What we learnt from ACSC Cyber Threat Report (2020 - 2021)

Posted by Mathew Clark on 16 September 2021 10:15:57 ACST

They say hindsight is 2020, and in this case, we're glad that 2020 is behind us. Fires and Viruses and Explosions (oh my!). During the course of the (ongoing) pandemic Australians, businesses and individuals saw an increased dependence on the internet - Working from home, accessing information and staying in touch with colleagues, friends and family. We saw many people lose their jobs and certain sectors struggle with the change and others collapse entirely. Due to the increased reliance on the internet, we also saw an increased attack surface and an increase in cybercrime activity. On a year-on-year basis the ACSC saw an increase in cybercrime reports of 13%, totalling some 67,500 reported incidents, roughly translating to 1 attack every 8 minutes and impacting every business sector and government agencies at all levels. An important takeaway is these are only the events we know about. The pandemic saw an acceleration in Cybercrime, but also in the sophistication of the attacks. Subnet has been developing a defence in depth strategy in alignment to ISO27001, ISM & Essential 8, and NIST frameworks to help our partners develop and grow their security through a step by step maturity journey.

The ACSC report identifies a couple of key attack trends and threats as follows:

Read More

Topics: Security, ransomware, Cybersecurity