The Essential Eight

• Patch applications
• Patch operating systems
• Multi-factor authentication
• Restrict administrative privileges
• Application control
• Restrict Microsoft Office macros
• User application hardening
• Regular backups

For more information about Essential Eight Model, please visit here.

• Other than that, you also need :
• Information security manual
• Strategies to mitigate cybersecurity incidents
• Strategies to mitigate cybersecurity incidents:Mitigation details

Victoria's Cyber Strategy

Our five-year strategy sets the goverment's vision for creating a cyber-safe Victoria. please visit here.

Victorian Protective Data Security Standards V2.0

The Victorian Protective Data Security Standards(VPDSS) established 12 high level mandatory requirements to protect public sector information across all security area including governance, information, personnel, Information Communications Technology(ICT) and physical security. please visit here.

• OWASP API Security Top 10 - 2023
• OWASP Top10 for LLM Apps. 2025

STORIES & INSIGHTS

• 26/12/2025 - Today is my last working day of 2025!Happy holiday ;)
• 23/12/2025 - "You can patch a bug, but you can't patch a brain", AI is creating a security problem most companies aren't staffed to handle.
• 21/12/2025 - For people in northern China, eating dumplings is a traditionl way to celebrate the Winter Solstice ;)
• 18/12/2025 - Identity, AI, and the Collapse of Perimeter Thinking(Author: Torsten George)
• 16/12/2025 - Year-end review wrapped up. Ready to keep moving forward in the year ahead.
• 08/12/2025 - Successfully passed FAIR Foundation 2 certification.
• 25/11/2025 - Happily got Footprint AI Data Security specialist certification.
• 28/10/2025 - We need high-quality software, not just strong cybersecurity!
• 26/10/2025 - Got bad cold after coming back from business trip.[sneeze][sneeze]
• 31/07/2025 - THE FOURTH PARTY - Your supply chain security strategy might be missing the biggest risk.
• 22/07/2025 - Five Ways to Close the Compliance Gap in AI Security.
• 15/04/2025 - Further information on various risk management frameworks and practices can be found here.
• 09/04/2025 - Just in case forget, useful information from ASD - Information Security Manual
• 03/04/2025 - The Art of the 1-page strategy - 4 simple steps
• 14/03/2025 - Equipped with the latest fold-up bike, arrive to work sweaty and out of breath, ready to take on the day!
• 05/03/2025 - Today is Jingzhe, the 'Awaking of insects' solar term.
• 25/02/2025 - Back to work from one day sick leave caused by gastritis.
• 21/02/2025 - OWASP Top 10 for LLM Applications 2025
• 20/02/2025 - Components of an effective Attack Surface Management(ASM) solution should at least be: 1) Asset Discovery 2) Continuous monitoring 3) Change Detection
• 17/02/2025 - Cyber Security Principles are grouped into 5 functions: I)GOVERN - Develop a strong cyber security culture; II)IDENTIFY-Identify assets and associated risks; III)PROTECT - Implement controls to manage risks; IV)DETECT - Detect and analyse cyber security events to identify cyber security incidents; V)RESPOND - Respond to recover from cyber security incidents.
• 14/02/2025 - ♥Happy Valentine's Day!
• 13/02/2025 - The university of Utah's instance of Microsoft Copilot remains the only commercial Artificial Intelligence(AI) platform sanctioned for institutional use at the university.Why?more secure?a good relationship? I am more inclined to believe the former one.
• 6/02/2025 - Top AI Compliance Frameworks and Regulations(2025) - 'EU AI Act', 'NIST AI RMF', 'ISO/IEC 42001/22989/23849/23053'
• 5/02/2025 - 开工大吉！Good luck with my work!
• 26/01/2025 - There is an sheet of SBOM Maturity and Process Flow from SANS for you. Download Here
• 24/01/2025 - Homebrew macOS Users Targeted With Information Stealer Malware. Leon points out that please note the malvertising lurk you to click then jump to a fake site'brewe.sh' instead of the original one - 'brew.sh'
• 22/01/2025 - One in ten GenAI prompts puts sensitive data at risk.Read More
• 21/01/2025 - Checklist: Cloud visibility best practices. !!Download Here!!  NOTE: this is published by Wiz, an commercial company offering security tools and platforms, so it must contains more hard ADs, obtain what parts you are interested.
• 20/01/2025 - TikTok goes dark in the U.S. as Federal ban takes effect 19 January 2025.
• 19/01/2025 - Citi bank investe $11.8 billion in digital innovation, including generative AI coding tools for almost 30k developers and the net income for the year went up nearly 40% to $12.7 billion. What we are doing?lay off employee, cut down budget, saving money and for increasing so called efficiency
• 19/01/2025 - SBOM has become a cornerstone of fedural procurement, but transitioning from SBOM generation to scalable management can be challenging.Watch Now
• 16/01/2025 - Ransomeware is the top organational cyber risk this year, the World Economic Forum said in its Global Cybersecurity Outlook for 2025"