Most Australian enterprises believe they have identity security under control. Frameworks are in place, policies are documented, and zero trust strategies feature prominently in boardroom presentations and annual reports. On paper, it looks robust. In practice, many organisations are running identity controls that were designed for a world that no longer exists. Over the past few years, the industry has rightly...

Introduction The era of "vibe coding" is officially here, and Asia Pacific is central to this trend, already hosting a rising number of vibe coding start-ups. AI coding has accelerated software delivery to a breakneck pace, but this velocity has come with a steep security tax. While the industry is enamoured with the speed of delivery, those of us in the trenches of Application Security (AppSec) are seeing a...

Introduction During the past decade, one lesson has become unmistakably clear for enterprise leaders: security begins and ends with identity. As organisations continue to digitise operations, shift workloads to the cloud, and experiment with AI-driven automation, identity has emerged as both the gateway to productivity and the weakest link in cyber defence. What was once a relatively contained environment of...

Why the Illusion of Control Is Failing Australian Identity Security Programmes Most Australian enterprises believe they have identity security under control. Frameworks are in place, policies are documented, and zero trust strategies feature prominently in boardroom presentations and annual reports. On paper, it looks robust. In practice, many organisations are running identity controls that were designed for a...

As geopolitical tensions continue to ripple across global markets, cyber activity is following a predictable and increasingly dangerous pattern. Spikes in scanning, probing, and exploitation attempts often occur within hours of international instability, placing organisations far beyond the immediate region at heightened risk. Yet, despite this, many businesses remain slow to adapt their security posture in real...

The digital battle lines are being redrawn. Cyber threats are no longer confined to hacked servers or ransomware incidents affecting corporate networks. They have migrated to the devices in our hands and pockets. Mobile espionage is accelerating in speed, scope, and sophistication, forcing organizations to confront a difficult reality: significant vulnerabilities now lie in everyday communication tools. At the...

Introduction For years, digital assets have been spoken about in extremes. Either as the future of finance, or as a space filled with risk and uncertainty. In my view, the truth sits somewhere in the middle. Over the past decade, digital assets have delivered extraordinary returns. Entire fortunes were built in a relatively short period. Yet many investors entered without the knowledge or protection required to...

Government in Constant Motion Federal government work now extends beyond offices to secure facilities, international forums, temporary work sites and even on the daily commute. Mobility has shifted from a supporting function into a core pillar of daily operations while expectations around security, sovereignty, and regulatory compliance have intensified. This creates tension as officials need to act quickly and...

Introduction A quarter of a century after the Agile Manifesto reshaped the software industry, its legacy is no longer in question. The methodology’s emphasis on speed, adaptability and user-centric design helped redefine how organisations build and deliver technology, enabling faster releases and a closer alignment with customer needs. For many enterprises, Agile has long since moved from disruptive idea to...

When a single compromised communication can disrupt governments, expose intelligence operations, or derail emergency responses, the question isn't whether your organization has secure communications. Rather, it’s whether your communications tools are certified for high-stakes operations. For years, organizations relied on standard end-to-end encryption as their primary defense. However, as threats evolve — from...

In office buildings around the world, the instruction is clear and universally understood: in case of fire, break glass. The act is deliberate, visible and reserved for emergencies only. In cybersecurity, however, the equivalent mechanism, the so-called “break glass account”, is far more controversial. Designed to provide emergency access when normal systems fail, break glass accounts sit at the intersection of...

Introduction Security and governance are no longer back-office concerns, and in Australia, the stakes have never been higher. After a record 1,113 notifiable data breaches in 2024, the OAIC logged more than 530 additional breaches in the first half of 2025, with malicious attacks continuing to dominate. At the same time, major privacy reforms (e.g. updates to the Privacy Act 1988) that took effect this year have...

Dutch intelligence has confirmed what enterprise security architects have long understood: consumer-grade messaging apps, regardless of their encryption implementation, are structurally unfit for sensitive government and military communications. The reason is not cryptography. It is the complete absence of verified identity and controlled device enrollment. A Global Campaign. Consumer Apps. Predictable Results. On...

Introduction Logicalis Australia is calling for a shift in how Australia approaches artificial intelligence (AI), warning that the country risks missing a major global opportunity if it continues to focus primarily on policy and access to compute rather than infrastructure. Peter Cardassis, technical services director, Logicalis Asia Pacific, said, "Australia is having the wrong conversation about AI, and it risks...

The Rise of Stealth Impact Attacks In the past year, cyberattacks have been increasingly focused on “stealth impact”, quietly degrading performance, inflating cloud and AI costs, and eroding revenue over time. This includes tactics such as mass creation of fake accounts, bot-driven abuse of transactions, and the exploitation of AI chatbots to exhaust costly tokens. At the same time, illegal data scraping is on the...

Introduction Australian organisations' technological maturity has grown exponentially in recent years. Hybrid work is the standard, cloud adoption is accelerating, and new innovations keep emerging to provide a productivity and competitive edge. What were once foreign concepts now underpin every business' workflow, communication, and customer interaction.  Yet as the number of technologies and platforms balloons in...

Most Australian enterprises believe they have identity security under control. Frameworks are in place, policies are documented, and zero trust strategies feature prominently in boardroom presentations and annual reports. On paper, it looks robust. In practice, many organisations are running identity controls that were designed for a world that no longer exists. Over the past few years, the industry has rightly...

Introduction The era of "vibe coding" is officially here, and Asia Pacific is central to this trend, already hosting a rising number of vibe coding start-ups. AI coding has accelerated software delivery to a breakneck pace, but this velocity has come with a steep security tax. While the industry is enamoured with the speed of delivery, those of us in the trenches of Application Security (AppSec) are seeing a...

Introduction During the past decade, one lesson has become unmistakably clear for enterprise leaders: security begins and ends with identity. As organisations continue to digitise operations, shift workloads to the cloud, and experiment with AI-driven automation, identity has emerged as both the gateway to productivity and the weakest link in cyber defence. What was once a relatively contained environment of...

Why the Illusion of Control Is Failing Australian Identity Security Programmes Most Australian enterprises believe they have identity security under control. Frameworks are in place, policies are documented, and zero trust strategies feature prominently in boardroom presentations and annual reports. On paper, it looks robust. In practice, many organisations are running identity controls that were designed for a...