Chris Arceo
Jul 2, 2026 / Cybersecurity & Compliance
What the Essential Eight retirement means for your DISP membership
Australian Signals Directorate confirmed it is retiring the Essential Eight and replacing it with a broader set of guidance called the Essentials series. For most businesses that...Chris Arceo
Jun 25, 2026 / Cybersecurity & Compliance
The ASD is retiring the Essential Eight. Here’s what it means for your business
The ASD has confirmed it will retire the Essential Eight within two years, replacing it with a new Essentials series. What is changing, why, and why your current E8 investment...Greg Markowski
Jun 17, 2026 / Cybersecurity & Compliance
Essential 8 Maturity Level 1: the requirements, the gaps, and why insurers care
Essential Eight Maturity Level 1 is the level the ACSC suggests for SMEs and the floor insurers now expect. What ML1 actually requires across all eight strategies, the five gaps...Greg Markowski
Jun 15, 2026 / Cybersecurity & Compliance
Essential 8 Maturity Level 3: what it actually takes and who genuinely needs it
Essential Eight Maturity Level 3 is built for adaptive, well-resourced adversaries, and most businesses chasing it do not need it. What ML3 actually requires across all eight...Greg Markowski
Jun 9, 2026 / Cybersecurity & Compliance
Penetration testing vs vulnerability scanning: what is the difference?
The confusion is understandable. Both look for weaknesses. But one is an automated list of possible problems, and the other is a skilled human, or increasingly a skilled human...Greg Markowski
Jun 8, 2026 / Cybersecurity & Compliance
Security awareness training in the age of AI phishing
The old advice was to teach staff to spot typos, dodgy sender addresses, and too-good-to-be-true offers. That advice is now close to useless…Greg Markowski
Jun 7, 2026 / Cybersecurity & Compliance
Data classification: the control that actually makes Copilot safe
Before you let an AI assistant loose on your business, there is one question that matters more than which model you chose: does your AI know which of your files are confidential?Chris Arceo
Jun 6, 2026 / AI & Automation
SMB1001 Gold now requires an AI use policy. Here is what goes in it.
Buried in the SMB1001:2026 Gold control set is a requirement most businesses have not noticed: a written policy for the responsible and secure use of AI. Here is what the control...Greg Markowski
Jun 5, 2026 / Cybersecurity & Compliance
Data governance for small business: why your AI risk is really a permissions problem
Most small businesses we talk to think they have an AI problem. They have a data governance problem wearing an AI costume…Greg Markowski
Jun 4, 2026 / Cybersecurity & Compliance
Privacy Act 2026: 12 things every Australian SMB needs to do
Most AU SMBs we work with want a checklist they can actually run against, not another summary of what changed…Greg Markowski
Jun 3, 2026 / Cybersecurity & Compliance
Cyber insurance for Australian SMBs in 2026: what underwriters actually want
Premiums are up, cover has narrowed, and underwriters now ask much harder questions. Here is what Australian SMBs need in place before renewal to avoid a declined claim or a...Chris Arceo
Jun 1, 2026 / AI & Automation
Why no single tool wins: AI and the whole security ecosystem
There is no AI silver bullet. Every security layer has a gap another layer exists to cover. Here is the whole ecosystem, layer by layer, and the part the tool vendors leave out.