Risk Management

Fraud Detection in the Era of Hyper-Evolving Channels. An IBRS Special Report

On the 9th of March 2023, IBRS moderated an in-depth peer roundtable on the challenges and future of fraud detection. The session was conducted as part of the Australian Cyber Security Leadership Summit and sponsored by Confluent. The session was attended by senior cyber security and fraud specialists from Australia’s top enterprises and conducted under Chatham House rule. Following is a summary of the key observations discussed and recommendations shared by the participants.

Read More »

That’s Not Our Policy: Differentiating Policy, Standard, Guideline and Procedure

ICT executives need to establish guardrails to govern and manage the use of technology for their organisation and its stakeholders. Policies are the tool that comes immediately to mind when doing so, but they are not the only way. Use this handy IBRS model to help decide if a policy is the best solution, or whether a simpler guideline, standard or procedure could be a better fit.

Read More »

Approaching ICT Policies Systematically

There are frequent calls for yet another ICT policy, often overlapping existing ones. A holistic view – an ICT policy framework – can reduce the effort to create and maintain policies, and deliver benefits through increased compliance.

Read More »

Can Password Managers Still Be Trusted?

From data breaches to identity theft, enterprise users have lost confidence in the capabilities of password managers to ensure their security given the multiple incidences of hacking. IBRS explores the relevance of these tools where the growth of threats and vulnerabilities undermine organisations’ safety.

Read More »

Corruption Prevention and Response

Recent, highly-publicised cyber incidents have made IT-related criminal acts of all types newsworthy, and severely tested the tolerance of the market (customers, regulators, and insurers) with organisations that suffer from them. As a result, organisations can no longer be satisfied with stopping or reacting to IT crime in ways that previously sufficed.

Read More »