View this email in your browser
Dear Valued Subscriber, 

Welcome to the fourth edition of the Tannhauser Monthly Newsletter, for August 2021. 

The word of the month is “Threat Landscape”. Leading organisations have a good understanding of existing threats to their business and practices to monitor the threat horizon, what’s coming next. This is called intelligence-led risk management which prioritises security defence methods and investment. 

This month has been an interesting period helping one of our key mining clients enhance their end-to-end Cyber and Information Risk Management practices. It’s always interesting learning about new business and the secure journey the company is on. 
At the start of the month we had a really insightful design and prototyping session to kick start our Third Party Risk management platform: GATE. 

Steve has been participating in a 9 week program: SME Surge, from Agility Shift. This is aimed at existing business owners and operators with high growth potential and ambitions. The program concludes with a business plan for international business growth in line with Tannhauser’s existing ambitions. 

Carl concludes his 8 week Cyber Leadership Institute: Cyber Leadership Program. Phil, Jan (my former PwC colleague) and Darren have provided Carl valuable lessons in how to build a cyber resilience strategy and how to get buy-in key stakeholders. 

Two Work Integrated Learning (WIL) students started at the end of June for a 13 week placement from Edith Cowan University (ECU). These students will support research into our risk assessment product (RUNNER) that is under development whilst getting hands-on cyber security consulting experience.  

Last but definitely not least, we welcome our new starter this month (to be formally announced later this month). This signifies the growth we have been through over the last 12 months and continue to see in our clients and service areas. There will be a number of roles coming live in the coming months, keep an eye out on our careers page.  

Best Regards,

Michael Woods
Founder & CEO Tannhauser
Each month we ask a question with the results published in our monthly newsletter

How do I start measuring Cyber Risk?

ISACA Perth Chapter (ISACA is an international professional association focused on IT governance), invited Michael to speak with their members regarding Cyber Risk Quantification (CRQ): How do I start measuring Cyber Risk?

APRA Insurance Risk Management (IRM) Self-Assessment
APRA have released details of the requirements for certain insurers to conduct a risk management self-assessment exercise due 30th November 2021. APRA acts as the independent statutory authority that oversees insurance companies, banks, and superannuation.

Reforms to Protect Critical Infrastructure and Systems of National Significance
Would you consider your organisation a part of Australia’s critical infrastructure? Do your cyber security practices meet the standard you’d expect for systems of national significance?

Work Integrated Learning
One of our Tannhauser values is “Community”, and one of the ways we demonstrate this is by providing opportunities for students to gain industry experience.  Last week we welcomed two ECU cyber security students, who have joined our team as part of their Work Integrated Learning program.
  • The “PrintNightmare” bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code-execution attacks.
    threat post
  • REvil gang asks for $70 million to decrypt systems locked in Kaseya attack.
    The Record
  • Cyber agency confirms Australian firms hit by supply chain attack
    Financial Review
  • NSW Department of Education struck by cyber attack.
  • Saudi Aramco data breach sees 1 TB stolen data for sale
    Bleeping Computer
Other News
  • New Website Aims To Shine A Light On Where Ransomware Payments Go.
  • Private Israeli spyware used to hack cellphones of journalists, activists worldwide.
    Washington Post
Forward look at legislation, regulation or other threats and opportunities ahead.

The Australian Prudential Regulation Authority (APRA) released requirements for general insurers to conduct an Insurance Risk Management (IRM) self-assessment exercise critical to maintaining financial system resilience. The self-assessment is due 30th November 2021 with results available early 2022. APRA (19th July 2021)

‘Real and present danger’: Government considers making company directors personally liable for cyber attacks The Sydney Morning Herald  (13th July 2021) 

Operation Orcus, a multi-agency taskforce, has recently been established by the Australian Government to help beat back the tide of ransomware.  The Australian (18th July 2021) 

United States
U.S. Accuses China of Hacking Microsoft - The Biden administration organized a broad group of allies to condemn Beijing for cyberattacks around the world, but stopped short of taking concrete punitive steps. NY Times (20th July 2021) 

The Biden administration is laying the groundwork to spend roughly $52 billion on semiconductor research and manufacturing even as it’s awaiting congressional approval of the funding, Commerce Secretary Gina Raimondo said. Bloomberg

All event details are kept up to date on our website:

FAIR Institute Perth Chapter Event, August 2021:

Western Australia Internal Audit Conference 2021, 16 - 17 September 2021, Duxton Hotel: 

BSides Perth 2021  September 18th, 2021 (Hacker Conference):

WA Mining Conference Wed 22 - The 23 Sept, Perth Convention and Exhibition Centre: 

AISA PerthSEC, Friday 15 October 2021:

ISACA SecureIT Conference 2021 28th October 2021:

ACISP 2021 The 26th Australasian Conference on  Information Security and Privacy, 1 - 3 December 2021 Perth, Australia:
Our job opportunities are kept up to date on our website:

Work Integrated Learning Students.
Joel and Paul (third and fourth from the left) have joined the Tannhauser team this semester as part of Edith Cowan University's Work Integrated Learning Program. Joel has a unit or two to finish off his
Bachelor of Science (Cyber Security), while Paul is completing his Master of Cyber Security degree.

We look forward to learning from the students at the same time as providing opportunities for them to practise their cyber skills.


Your feedback matters to us, to ensure we are providing value in our services, newsletters, or resources, please take a few minutes to leave your feedback on Google.

From your browser, log into your Google account and search for Tannhauser. Find the review button under the Tannhauser name in the side box. Click on the number of stars and write about your experience. Click "Post" when you're done.

From the Google Maps application on your phone, search for Tannhauser. Find the review section at the bottom. Click on the number of stars and write about your experience. Click "Post" when you're done.

About Tannhauser
Tannhauser is a cyber security and privacy consultancy. Our team specialise in Cyber Security Strategy Consulting, virtual Chief Information Security Officer staff augmentation, Cyber Risk Quantification, Cyber Security Assurance, Cyber Resilience, Privacy Engineering and Digital Transformation. Tannhauser, helping Australia to become the safest place to do business online. Security in Sync.

Facebook - Tannhauser
Twitter - tannhausersec
Copyright © 2021 Tannhauser Pty Ltd, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp