Search Results

< News How to Protect Your Customers’ Personal Identifiable Information 8 Nov 2024 Protecting customers’ Personal Identifiable Information (PII) has fast become a critical duty of care for every organisation. What is PII, and why is it valuable? PII includes information such as Tax File Numbers, Medicare numbers and other health records, credit card details, student addresses and more. Cybercriminals attempt to access PII for financial gain, either directly – by selling it to data brokers on the dark web – or indirectly, by identity theft. Stolen PII can be used by hackers to open bogus credit card and bank accounts, and to socially engineer attacks using methods such as phishing and ransomware. Organisations need to zealously protect the PII provided to them by customers – not only for the sake of maintaining trust, but also to guard against heavy sanctions for non-compliance by regulators such as ASIC and the ACCC. And those compliance requirements are ramping up. Just last month, Australia’s federal government introduced legislation to parliament which will revolutionise Australia’s cyber security preparedness by imposing new protection standards and reporting requirements on local businesses. International Obligations However, compliance requirements for the protection of PII don’t stop at our national borders. For example, businesses with customers in Europe need to comply with the EU’s General Data Protection Regulation. Local businesses trading in the US need to comply with America’s Health Insurance Portability and Accountability Act, Federal Information Security Management Act, Payment Card Industry Data Security Standard, Gramm-Leach Bliley Act and California Consumer Privacy Act. Rising Risks and Impacts Recent statistics demonstrate the growing risk and significant impact of PII data breaches. Verizon’s Data Breach Investigation Report for 2024 shows that some 60% of data breaches involve some form of personal information. And IBM’s 2024 Cost of a Data Breach Report revealed the global average cost of a data breach now exceeds A$7 million. Protecting PII Stepping up to the needs of PII guardianship requires both technology solutions and sound business practices. Layered defences, with integrated solutions that address encryption, threat protection, and data loss prevention, enable safe collaboration without risking malware, mishandled data, breaches and non-compliance. Given most breaches involve a human element, technology solutions need to be automated and easy for employees to use. Software needs to be able to manage: How access to data is granted; How access is authenticated; How access is tracked and controlled; and How access be speedily revoked, when needed. Layered Protection A standalone managed file transfer (MFT) solution – such as GoAnywhere MFT - is a great first layer of defence. It provides security for files at rest and in-transit. However, integrating Threat Protection as an additional layer enables you to take appropriate action when there’s PII in the data moving in and out of your organisation. Based on rules you predefine, our Advanced Threat Protection Bundle can mask, remove, or permit PII to be moved within your organisation and beyond, via a Secure ICAP Gateway. Medical Case Study A medical enterprise needed to transfer attachments between employees and trading partners containing detailed billing information. They had long used a managed file transfer solution to exchange patient records within and outside the organisation. However, they realised they needed to further safeguard patients’ PII via deep content inspection. The organisation integrated GoAnywhere MFT with Secure ICAP Gateway, adding anti-virus protection as well as structural “sanitisation” of files being transferred. Their combined MFT/Advanced Threat Protection now works to: Inspect for malware and viruses; Intercept content based on threat protection and data loss prevention requirements; Run rule sets such as renaming, script removal, keyword searches to control if content is allowed in or is blocked; and Sanitise PII content to permit ongoing transfer (or block it, if content cannot be adequately sanitised). Thanks to layered protection, the organisation can now exchange patient records free from viruses and malware, while only disclosing a use-appropriate level of PII. Controlling PII Disclosure Adding granular rules-based controls to data handling is the “killer feature” of Advanced Threat Protection. For example: You can permit some specified individuals to transmit PII, but not everyone. You can apply role-based access to PII. You can audit who is sending what information. GoAnywhere MFT’s encryption can be enhanced by limiting who can transfer PII data and what that data contains. The automatic detection and sanitisation of files removes some of the human factor risks so that employees can focus on their work instead of fussing with manual interventions. Augmenting technical solutions with employee training further reduces human factor risks. Here to Help Generic Systems Australia are the Asia-Pacific region’s experts in deploying Managed File Transfer and Advanced Threat Protection. We’ve assisted dozens of organisations to protect their PII and secure their file transfers, while keeping their businesses running smoothly. If you’d like to discuss how we can help you, please feel welcome to contact me . I’m always happy to have an obligation-free chat and explain how simply we can transition you from outdated protocols and approaches. I can even arrange a simple, zero-cost Proof of Concept. Previous Next

< News Surge in Scanning Suggests Targeted Hack Attack Imminent 8 July 2025 A recently detected increase in attempts to hack MOVEit Managed File Transfer underlines the importance of promptly patching your enterprise software. Threat intelligence Firm GreyNoise has warned of a “notable surge” in hackers scanning MOVEit MFT systems. Scanning Surge GreyNoise said that the surge in attacks started on May 27. Since then, the volume of scanners has remained between 200 and 300 per day - a 20-30 times increase over usual levels. They suggested attackers may be probing for unpatched systems or possibly preparing a coordinated mass attack. The Australian Signals Directorate – Australia’s premier cyber crime combatants – advises that applying patches to applications is critical to ensuring the security of systems. “Once a vulnerability in an application is made public, it can be expected that malicious code will be developed by malicious actors within 48 hours, sometimes within 24 hours,” they said. Obviously, applying multiple patches in a production environment may not only be time consuming, it may well impact production system uptime and even create greater potential for compounded problems during the process. Alternatives Some organisations have been completely replacing their existing Managed File Transfer (MFT) systems with the MFT independently recommended as the world’s most advanced – Fortra’s GoAnywhere. GoAnywhere offers two key security advantages over lesser Managed File Transfer solutions. Firstly, it includes an advanced Threat Brain . This aggregates security intelligence from across Fortra’s deep portfolio of cybersecurity solutions and external providers to continuously identify and block IPs with malicious intent. Threat Brain enables GoAnywhere to quickly and proactively block threats before they infiltrate your organisation. Secondly, rather than merely patching its software, Fortra frequently releases complete updated versions. Upgrading the software to a new version is as simple as downloading the latest version from the Fortra customer portal, briefly stopping your existing version, and then installing it. Local Expertise Available At Generic Systems Australia we’ve helped dozens of Australian and New Zealand organisations transition to GoAnywhere quickly, simply and inexpensively. If you’d like to discuss how we can help you, please feel welcome to contact me . I’m always happy to have an obligation-free chat and even provide an obligation-free proof of concept. At Generic Systems Australia we’re your local experts in secure Managed File Transfer. Previous Next

< News GenAI Cyber Attacks on the Rise: Gartner 30 Sept 2025 Attacks using Generative AI (“GenAI”) for phishing, deepfakes and social engineering have become mainstream, and attacks on GenAI application infrastructure and prompt-based manipulations are emerging. These are among the troubling findings of a recent survey of cyber security leaders by Gartner, the technology insights company. GenAI is a form of artificial intelligence designed to create original content—such as text, images, music, video, or code—based on patterns it learns from existing data. Unlike traditional AI which classifies or predicts, GenAI generates new data that mimics human creativity. Rise of the Machines 62% of organisations experienced a deepfake attack involving social engineering or exploiting automated processes. These attacks included: deepfake videos used against automated face biometrics or identity verification (29%); deepfake audio clips used against automated voice biometrics (32%); social engineering with deepfake during video calls with an employee (36%); and social engineering with deepfake during audio calls with an employee (44%). In addition, 29% of cybersecurity leaders reported that their organisations had experienced an attack on enterprise GenAI infrastructure in the last 12 months. 32% said they experienced an attack on AI applications that leveraged the application prompt during the last 12 months. Gartner said that chatbot assistants are vulnerable to a variety of adversarial prompting techniques, such as attackers generating prompts to manipulate large language models (LLMs) or multimodal models into generating biased or malicious output. Emerging Threats Speaking at a Gartner Security and Risk Management Summit in London, Akif Khan, Gartner’s specialist VP in identity and access management, said: “As adoption accelerates, attacks leveraging GenAI for phishing, deepfakes and social engineering have become mainstream, while other threats — such as attacks on GenAI application infrastructure and prompt-based manipulations — are emerging and gaining traction.” While 67% of cybersecurity leaders said emerging GenAI risks demand significant changes to existing cybersecurity approaches, Gartner said a more balanced strategy is warranted. “Rather than making sweeping changes or isolated investments, organisations should strengthen core controls and implement targeted measures for each new risk category,” Khan said. MFT vs GenAI One such core control is a Managed File Transfer (MFT) solution, such as GoAnywhere MFT . It should be among an organisation’s first lines of defence. Managed File Transfer (MFT) solutions play a critical role in defending organisations against deepfake phishing and social engineering by enforcing secure, authenticated channels for data exchange. Unlike ad hoc file sharing methods that can be easily exploited, MFT platforms integrate multi-factor authentication (MFA), encryption, and access controls to ensure that only verified users can initiate or receive transfers. This mitigates the risk of attackers impersonating trusted individuals using deepfake audio or video to trick employees into sharing sensitive files. Additionally, robust MFT systems include audit trails and automated alerts which help security teams detect anomalous behaviour — such as unusual file requests or access patterns — that may indicate social engineering attempts. By centralising and securing file movement, MFT reduces the attack surface and strengthens organisational resilience against increasingly sophisticated deception tactics. Local Expertise Available At Generic Systems Australia we’re Australia’s and NZ’s experts in deploying Managed File Transfer solutions. We’ve assisted businesses of all sizes to protect their customer data and secure their file transfers, while keeping their operations running smoothly. If you’d like to discuss how we can help you, please feel welcome to contact me . I’m always happy to have an obligation-free chat and explain how simply we can help you maintain your customers’ trust. Previous Next

< News Data Breach Costs Escalate in 2024 14 Aug 2024 $4.26M! That’s the average cost of a data breach in Australia in 2024, according to new research released by IBM. The figure – a record high – represents a whopping 27% increase since 2020. However, while the average cost of a data breach continues to escalate, the types of cyber breaches experienced by Australian organisations continue to be the usual suspects. Under Attack IBM’s research found that Phishing continues to be the most common type of attack vector , with 22% of breaches starting this way. Stolen or compromised credentials were the second most common, accounting for 17% of breaches. Malicious insiders were responsible for the most costly attacks, at 8% of incidents. It took Australian companies on average 266 days to identify/contain cyber incidents. This lengthy period contributed to high detection and escalation costs , which remain the most expensive aspect of a breach, with post-breach response and lost business the second most costly. Almost a third of data breaches involved data stored across multiple environments : public cloud, private cloud, and on-premises systems. Breaches across multiple environments took 13% longer to identify and contain. Organisations with too few cybersecurity staff paid the heaviest price, with an average cost per breach $2.7M higher than organisations with less exposure. However, involving law enforcement saved some ransomware victims as much as $1.5M in costs. Automated Defences Help Companies which didn’t use security AI and automation experienced significantly higher breach costs ($5.21M) than those which did, and it also took them an additional 99 days to identify and contain breaches. The research found that 65% of surveyed Australian organisations leveraged these technologies. However, attackers too are exploiting new opportunities presented by AI. For example, increasingly convincing deepfakes are enabling ever more effective social engineering attacks. Avoiding Costly Cyber Breaches To protect an organisation’s valuable data, it must be protected when it’s stored and while it’s “in motion”. As the research found, automation can ensure this takes place with the entirety of an organisation’s data transfers. Managed File Transfer (MFT) solutions such as the class-leading GoAnywhere MFT encrypt data at rest and in transit, complying with the highest data security standards (including the US’s and Europe’s HIPAA, HITECH, PCI DSS, SOX, and GDPR). MFT manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols such as SFTP, FTPS, and AS2 to send files securely, and encryption standards such as Open PGP and AES to protect data in transit and at rest. Advanced Threat Protection and Adaptive Loss Prevention add a further layer of defence. SFT Threat Protection enables safe collaboration with external parties, preventing malware from entering your organisation, and reducing opportunities for employees to lose or mishandle sensitive data. Local Expertise Ready to Help Generic Systems Australia are your local experts in Managed File Transfer and Advanced Threat Protection. We’ve assisted hundreds of organisations across the Asia-Pacific region to secure their data and keep cybercriminals at bay. If you’d like to discuss improving your cybersecurity, please feel welcome to contact me , Bradley Copson. I’m always happy to have an obligation-free discussion, explain how simply we can transition you from outdated software and approaches, and offer you a zero-cost Proof of Concept. Previous Next

< News Employee Error Lets Hackers Clean Up at Clorox 25 July 2025 The Clorox Company’s $574M lawsuit against IT services provider Cognizant Technology Solutions is a stark reminder of the cyber threat posed by unwitting or uncaring employees. Clorox alleges that help desk agents managed by Cognizant provided hackers with access to Clorox’s IT network in August 2023. They say that Cognizant agents repeatedly reset passwords and multi-factor authentication (MFA) tokens for hackers posing as Clorox employees without asking a single security question. One partial call transcript filed with the court shows a Cognizant agent volunteering “Let me provide the password to you” after a hacker said he couldn’t log in. Hackers used the credentials provided to paralyse manufacturing lines, which led to product shortages costing Clorox hundreds of millions in lost sales. Clorox says it had provided Cognizant with strict credential-reset protocols such as verifying a manager’s name and sending confirmation emails, but that these protocols weren’t followed. Human Error Common Clorox’s unfortunate experience is consistent with studies which have found human error a leading cause of most cyber security incursions. In a 2024 experiment by Fortra, 14.9% of employees across the Asia-Pacific region succumbed to hackers’ attempts to have them provide network access. 60% of the employees who clicked on that phishing link went on to further expose their organisation by sharing their password. Guarding Against Employee Error Employee education is a great start to protecting your organisation. But as Clorox’s experience shows, it’s not enough. Technical safeguards are needed, too. Generic Systems Australia’s Advanced Threat Protection Bundle enables your organisation’s email system to automatically detect and prevent phishing links and other malware from entering your organisation. Combining the layered strengths of GoAnywhere MFT and Clearswift, it enables your employees to receive and share information securely without impairing their productivity. How It Works Our Advanced Threat Protection Bundle seamlessly integrates managed file transfer with advanced threat protection and adaptive data loss prevention to keep your sensitive data secure. It not only prevents malware from entering your organisation, but it also prevents employees from losing or mishandling data. For example, if an employee knowingly (or unknowingly) attempts to share any files containing malware, those files are sanitised by having the malicious elements automatically removed. The Advanced Threat Protection Bundle can also automatically detect and –– if you configure it to do so –– prevent employees from sharing sensitive information. Local Support If you’d like to see first-hand how the Advanced Threat Protection Bundle can help keep your organisation’s data safe, please feel welcome to get in touch with me. My technical team at Generic Systems Australia are local experts in the field. Previous Next

< News WTH is MFT…? 31 Mar 2025 In an industry overrun by acronyms, you may be wondering “WTH is MFT?” FWIW, here’s a brief overview. “MFT” is the abbreviation of Managed File Transfer - a powerful technology which comprehensively addresses the risks and challenges of moving information both within an organisation, and externally, to suppliers, partners and customers. MFT simplifies the complexities of data transfer by providing centralised control, encryption, and auditing capabilities. Unlike traditional approaches such as FTP, MFT offers enhanced security protocols, ensuring data privacy during transmission and storage. The best MFT solutions do all this via a user-friendly interface, which is easy to use for even non-technical employees. WHY MFT? The reasons organisations initially adopt MFT solutions are many and varied. However, every organisation which employs the technology soon realises its many and varied benefits. Security MFT employs robust encryption algorithms, reducing the risk of data breaches during transit. Features like Access Control, and Multi-factor Authentication, safeguard sensitive information from unauthorised access. Efficiency MFT automates repetitive tasks. This not only reduces human error, it saves significant staff time. Through scheduling of file transfers, monitoring of progress, and automatic error-handling, it enables a significant boost to operational efficiency. Compliance In industries with strict regulatory requirements, MFT helps companies meet compliance standards (e.g. HIPAA and GDPR) by automatically maintaining detailed logs and audit trails. Scalability Through its ability to handle large file transfers and an ever-growing number of users, MFT is able to grow in sync with an organisation's needs, while maintaining superior performance. Collaboration In addition to improving business processes within an organisation, MFT facilitates seamless collaboration with external partners, suppliers, and customers, fostering strong relationships built on shared trust and reliability. W2 MFT? If all that’s TMI, then the TL;DR is: MFT provides organisations a secure and efficient way to transfer their data. And if you’d like to know more about MFT, then LMK and we can jump OTP. B4N! 😉 Previous Next

< News GoAnywhere MFT: the duct tape in your IT Toolbox 11 Sept 2025 There are few modern inventions more versatile than duct tape. It can patch a leaky pipe, hold together a broken car bumper, or even fashion a makeshift wallet. GoAnywhere Managed File Transfer (MFT) is to enterprise data workflows what duct tape is to the physical world: a versatile inclusion in your IT toolbox, which you’ll find useful in a pinch, and in all kinds of unexpected ways. GoAnywhere MFT quietly binds together the jagged edges of digital infrastructure. It secures, automates, and streamlines file transfers across disparate systems—whether you're dealing with legacy mainframes, cloud APIs, or finicky partner protocols. Reliable Under Pressure Duct tape earned its reputation by reliably working under pressure, across materials, without drama. GoAnywhere MFT operates in a similar spirit: it’s the IT team's go-to when compliance deadlines loom, when FTP scripts fail at 2 a.m., or when a new vendor insists on AS2 transfers with custom encryption. It may be not flashy, but it’s indispensable—quietly enforcing governance, logging every transaction, and adapting to whatever format the situation demands. Just as importantly, both duct tape and GoAnywhere MFT are trusted because they scale to the size of the problem. You can use a strip of duct tape to seal a lunchbox or wrap an entire canoe. Likewise, GoAnywhere can handle a single secure upload or orchestrate thousands of transfers across hybrid environments, all while maintaining audit trails and access controls. In a world of IT that’s increasingly complex and interconnected, having a tool on hand that’s both rugged and adaptable isn’t just useful—it’s essential. And that’s why so many IT departments choose to keep GoAnywhere MFT handy. Add GoAnywhere to your Toolbox At Generic Systems Australia we’re experts in helping Australian and NZ organisations take advantage of GoAnywhere MFT’s versatility. In fact, we’ve assisted businesses of all sizes to protect their customer data and secure their file transfers, keeping their operations running smoothly. If you have an hour to spare, we can easily demonstrate the power and ease of use of GoAnywhere’s many capabilities. Simply contact me and I’ll be happy to set up an obligation-free chat. Previous Next

< News 5 Signs You Need a Managed File Transfer Solution 14 Nov 2023 5 Signs You Need a Managed File Transfer Solution Does your organisation rely on transferring sensitive data between employees, customers and trading partners? Most do. And that means just one wrong move by an employee – for example, failing to encrypt a sensitive file – could land you with a huge fine, and lose you customers. So it’s worth spending a moment considering how your team is performing the regular, essential task of moving data around. And, to ask the key question: “Is it time I installed a better, safer and more efficient way to transfer data?” Here are some of the key signs that your business is ready for a Managed File Transfer solution. Sign 1: Still Using Outdated Ways to Send Data A surprising number of organisations still rely on outdated protocols and clunky scripts to move precious data around. However, as I explained in a recent article, these legacy methods increase the risk of human error, take time away from more critical tasks, and are difficult to maintain. A Managed File Transfer (MFT) solution like GoAnywhere MFT is easy to use, easy to audit, requires little maintenance, and removes manual tasks from your stretched IT team’s To Do list. Sign 2: Targeted by Cybercriminals Ask your IT team how much growth they’re seeing in attempted cybercrime incursions. Frightening, isn’t it!? With hackers escalating their efforts to extort your business and customers, it’s more essential than ever to secure your data and maintain a ‘circle of trust’ with your supply chain partners. A leading MFT, such as GoAnywhere MFT, employs the latest encryption algorithms to reduce the risk of data breaches during transit. Features like Access Controls, and Multi-factor Authentication, safeguard sensitive information from unauthorised access. Sign 3: Need to Comply with Government & Industry Regulations In response to escalating cybercrime, governments and industry regulators are imposing ever greater requirements on business to ensure they protect consumers’ personal data. From health data (hospital records, test results), to banking data (debit and credit card numbers, bank account details), to identity data (home address, government id), businesses that fail to take responsible measures to protect sensitive data face growing sanctions. Even worse, a breach may not only cost your organisation time and money to remediate, it may ruin your reputation. A leading MFT, such as GoAnywhere MFT, helps ensure your file transfers comply with regulatory requirements such as PCI DSS, HIPAA, HITECH, and GDPR. Features like auditing, reporting, role-based access, secure protocols, centralised security controls, encryption, and key management protect employee and consumer data from harmful security mishaps. Sign 4: Need to Exchange Data in the Cloud Many organisations are moving business processes to the cloud, and now need to exchange files with trading partners in the cloud. But how can transfers to and from the cloud, over public telecommunications networks, be protected? From streamlining and automating cloud file transfers to platforms like Amazon Web Services, and Microsoft Azure, to integrating with popular web and cloud services like SharePoint and Google Drive, working with a partner in the cloud using an MFT is a smooth, reliable and safe process. Sign 5: Need to Adapt to Changing Network Conditions Research by Rand Group found that a single hour of system downtime can cost a medium-sized business a six figure sum. As organisations and trading partners become increasingly integrated, it’s critical that file transfers are performed without delay or disruption. Whereas a document containing a batch of important transactions may once have been delivered over several hours, today’s fast pace of business requires it to take mere seconds. An enterprise-calibre file transfer solution should have a high availability plan in place. The right solution will provide active-passive and active-active (i.e. clustering) methods for organisations who need to keep their processes running no matter the situation at hand. Clustering provides the best high availability by running multiple servers simultaneously. Therefore, if one goes down, file transfers and workflows will continue to run on other servers so communication with your trading partners won’t be interrupted. Seen the Signs…? If you’ve observed any of the above warning signs in your business, it may be time to consider upgrading to a secure MFT such as GoAnywhere. The acknowledged leading Managed File Transfer offering, GoAnywhere is an all-in-one solution, automating and encrypting file transfers from a centralised dashboard. It not only simplifies the completion of critical business initiatives, but also reduces the time spent on manual file transfers and in-house processes. GoAnywhere saves businesses time, money, and reputation. If you’d like to learn more about how GoAnywhere MFT could add to your organisation’s bottom line, please feel free to contact me ( bradley@gensys.com.au ), or read more at the Generic Systems Australia website. I’d be happy to offer you an obligation-free discussion, no cost trial, or Proof of Concept. Bradley Copson, Business Manager, Generic Systems Australia “Local Experts in Secure Managed File Transfer” Previous Next

< News New Cyber Laws Passed – What Australian Businesses Need to Know and Do 27 Nov 2024 Earlier this week, the Australian Parliament passed a suite of legislative reforms designed to enhance Australia’s cyber security. The reforms include a raft of new requirements and obligations on Australian businesses. About the Legislation Based on recommendations by the Parliamentary Joint Committee on Intelligence and Security, the new legislation addresses a number of proposals initially set out in Australia’s 2023 – 2030 Cyber Security Strategy, and spans three separate Acts: 1. the Cyber Security Act 2024 (Cyber Security Act); 2. the Intelligence Services and Other Legislation Amendment (Cyber Security) Act 2024 ; and 3. the Security of Critical Infrastructure and Other Legislation Amendment (Enhanced Response and Prevention) Act 2024 (SOCI Amendment Act). Mandatory reporting of ransom payments, and the introduction of a new voluntary information sharing regime, will have the most immediate impact on organisations. Mandatory Reporting of Ransomware Payments Ransomware attacks are rife across Australia. The Australian Signals Directorate (ASD) reported that this form of cyber extortion accounted for 11% of all cyber incidents to it in 2023-2024, up from 8% in the previous year. The Government had previously pursued a ban on ransom payments. However, its position has since moderated somewhat. The Cyber Security Act only requires organisations to report ransomware payments to the Department of Home Affairs and the ASD. This new reporting obligation will commence at latest six months after the Act receives royal assent (potentially earlier by proclamation) and applies broadly to: · organisations which are a responsible entity for a critical infrastructure asset; and · other private sector organisations which conduct business in Australia with an annual turnover exceeding a threshold (to be specified - likely to be A$3M). Ransomware reports are required to be made within 72 hours of making a payment (not the receipt of a demand or the discovery of a ransomware attack). Difficult Decisions The requirement to report payments will need to be taken into account by Boards when considering whether to pay a ransom. The Government’s general view on ransoms continues to be that organisations should not pay them. It reasons that payments don’t guarantee the recovery or confidentiality of stolen data, but do encourage cyber attacks to proliferate. Organisations in receipt of ransom demands are left to ponder several competing considerations… · Paying a ransom could potentially contravene sanctions (such as the one imposed on Aleksandr Ermakov, the individual responsible for the 2022 Medibank data breach) or anti-money laundering laws. · Company Directors fulfilling the duty of care to act in the best interests of their organisation will need to balance the risks of payment - commercial damage, incentive to re-target, uncertainty of data recovery – against the risks of not paying - loss of systems data, reputational damage, third party claims, lost customers and business disruption. If a ransom payment is made, then the new mandatory reporting obligation will be in addition to other applicable reporting requirements an organisation is subject to. These could include the Privacy Act 1988 , the SOCI Act , and continuous disclosure obligations under the ASX Listing Rules and CPS 234. In fact, it’s important that Cyber Incident Response plans developed by organisations specifically address these overlapping requirements, taking into account the various regulators and timeframes of each. Be aware that, for any entities regulated under the SOCI Act , it’s also conceivable that the Government could use its directions power to direct an entity to pay - or not pay - a ransom. An organisation which fails to comply with mandatory ransom reporting will incur a civil penalty of 60 penalty units (currently A$93,900). Voluntary reporting regime A new National Cyber Security Coordinator (NCSC) is being established under the Cyber Security Act to lead a whole-of-government response to significant cyber security incidents. The Act provides a framework for the voluntary disclosure of information by any organisation operating in Australia, or any responsible entity under the SOCI Act , to the NCSC relating to cyber security incidents. However, it imposes various limitations on how the NCSC may further use and disclose information voluntarily provided by entities, depending on the significance of the incident. Non-significant cyber security incidents: Information can be used for limited purposes such as directing the reporting entity to assistance services, coordinating a government response, and informing Ministers. Significant cyber security incidents: Information can be used for broader ‘Permitted Cyber Security Purposes’. These include preventing or mitigating risks to critical infrastructure or national security, and supporting intelligence or enforcement agencies. A cyber security incident is deemed “significant” if: there is a material risk that the incident has seriously prejudiced, is seriously prejudicing or could reasonably be expected to prejudice the social or economic stability of Australia or its people, the defence of Australia or national security; or the incident is, or could reasonably be expected to be, of serious concern to the Australian people. Information voluntarily provided by organisations to the NCSC is subject to limited use protections similar to those which apply to information disclosed as part of a ransomware payment report. The new voluntary reporting regime and corresponding limited use protection has come into immediate effect. Limited use protection The Cyber Security Act outlines how businesses should work with the NCSC and other government agencies to obtain assistance and guidance when responding to cyber incidents. It also provides businesses with certain limited use protections when collaborating with the government’s cyber security agencies - a legislative foundation for the CISA Traffic Light Protocol government agencies have recently offered when assisting organisations. Such protections were requested by business lobby groups. They provided feedback during the public consultation period that disclosing information about a data breach could risk exposing an organisation to further regulatory or enforcement action, adverse publicity and litigation. Further, if disclosing a cyber incident was determined to be against an organisation’s best interests, its directors could potentially be in breach of their duties in approving the disclosure. That could in turn expose directors to enforcement action from ASIC. Counterweighing these concerns, the Government believes that sharing information on current threats and incidents can help other organisations avoid similar incidents. In balancing these competing interests, the Cyber Security Act limits the purposes for which information contained in a ransomware payment report or voluntarily report provided to the NCSC can be used or disclosed. The NCSC (and any Government agency it coordinates with) cannot record, use or disclose the information provided for the purposes of investigating or enforcing or assisting in the investigation or enforcement of any contravention of a Commonwealth, State or Territory law. An important exemption from the limited use protections are that crimes and breaches of the limited use protections created by the Act. In this way, the protections stop short of being a full “safe harbour”. Information provided under these protections isn’t admissible in evidence against the disclosing entity, including criminal, civil penalty and civil proceedings (including a breach of the common law). And the provision of information to the NSCS does not affect any claim of legal professional privilege over the information contained in that information. These limited use protections will be of value to organisations disclosing information to the Government about cyber incidents. However, directors should bear in mind the notable gaps in the protection they provide. For example: Information provided can’t be used or disclosed for the purposes of investigating or enforcing any contravention by the reporting entity of another law (whether federal, state or territory), other than a law that imposes a penalty or sanction for a criminal offence. This means that if the ransomware report indicates that a payment was made in breach of relevant sanctions laws, then the limited use protection will not prevent the use of the report in a subsequent investigation or enforcement action. While information provided to the NCSC cannot be obtained from the NSCS by regulators or government agencies, the protection offered under this Act does not prevent regulators from obtaining the underlying information through other means, including via regulatory investigatory powers or where provided under other mandatory reporting regimes, such as those in the Privacy Act 1988 , the SOCI Act, the Telecommunications Act 1997 and the ASX Listing Rules continuous disclosure obligations. So, cyber incident notifications provided to the ACSC under the SOCI Act are not captured by the limited use protection, even if that information is also voluntarily provided to the NCSC or detailed in a mandatory ransomware report. A similar limited use protection has been introduced via the Intelligence Services and Other Legislation Amendment (Cyber Security) Act 2024 for cyber incident information voluntarily shared with the ASD. Other Inclusions in the Legislation This article has focused on developments within the new Cyber Security legislative reforms which will most impact companies and organisations. However, in the interests of completeness, here is a brief overview of other key developments covered in the legislation: Mandated Security Standards for Internet of Things (IOT) Devices. These standards will be detailed in legislative rules, with suppliers required to provide a statement of compliance for devices supplied to the Australian market. New Cyber Incident Review Board. This independent advisory body will be empowered to conduct no-fault, post-incident reviews of significant cyber security incidents and provide recommendations and information to both the private and public sector. It will have the power to compel entities to provide information about significant cyber security incidents. Critical Infrastructure definition expanded. Data storage systems which hold business critical data have been added to the definition of critical infrastructure assets. This closes a gap in the regulations which became apparent in the aftermath of the Optus and Medibank data breaches. Expanded Incident Response Powers. The Government will now have the power to direct an entity to take, or not take a specific action, in the event of a cyber incident affecting critical infrastructure. Security and incident notification obligations moved from the Telecommunications Act 1997 to the SOCI Act , consolidating the cyber obligations of telecommunication carriers and carriage service providers under a single piece of legislation. What Organisations Should Do Cyber security response plans should now be reassessed and upgraded to ensure they align to the new mandatory ransomware reporting requirements. Playbooks and procedures should take account of how an organisation plans to engage with cyber security authorities, bearing in mind the extent - and limitations - of the defined limited use protections. Focus on preventing cyber incidents - not just responding to them . A Managed File Transfer (MFT) solution such as GoAnywhere MFT can encrypt data at rest and in transit, complying with the highest data security standards. It manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols and encryption to protect your data. Advanced Threat Protection and Adaptive Loss Prevention add a further layer of defence. SFT Threat Protection facilitates safe collaboration with external parties, helping to prevent malware from entering an organisation, and reducing the risk of employees losing or mishandling sensitive data. Finally, organisations should seek professional legal counsel in determining and responding to their obligations and responsibilities under the new Cyber Security legislative reforms. The information provided in this article has been general in nature, and the interpretations and advice outlined above should not be interpreted as professional legal advice. Previous Next

< News "The Case of the Camouflaged CSV" 3 Sept 2025 It was a typical rainy Wednesday in the Cloud. I was nursing a lukewarm S3 bucket of coffee that was almost as bitter as my ex-wife. And that’s when she sauntered into my inbox—legs for days and resolution to match. Said she’d lost something precious: a young .CSV file named “Quarterly_P&L_FINAL_FINAL_v7.docx”. She’d been told I was the kind of dupe who could go find it. And I knew right then this case was going to be messier than an Agile Standup on a Friday afternoon. “Please,” she purred, her pixel-perfect lips trembling. “She vanished right after I hit ‘Send.’ Now she’s nowhere. Not in my Sent Mail. Not in OneDrive. Not in Dropbox. Not even in the Recycle Bin. Just… gone.” I leaned back in the battered Aeron I’d accepted from the last dame who hadn’t had the means to pay me, and reassured her I’d seen this kind of thing way too many times before. “Could be the work of Miss Configuration,” I mused. “Or worse… hackers.” “Please,” she begged, making like the waterworks were about to flow. “You’ve got to F1 me.” I sighed wearily… I’m always a sucker for a dame in distress. But she was right - I was her only chance of being reunited with her beloved .CSV. So I zipped up my trench coat, flipped my firewall to DND, and hit the dirty streets of cyberspace. First stop: the Dark Web. Sin City City plans don’t show where the Dark Web district begins. Nor is there any bullet-ridden road sign to let you know when you’ve crossed from the mean streets to the even meaner streets. But I knew I was there when I saw the familiar shady characters loitering — pop-up hustlers, cookie pushers, and a guy selling expired SSL certificates within the folds of a battered trench coat. I asked around for leads. “Try The Cache,” said a greasy bookmark with a twitchy scroll wheel. “Files go there to be forgotten.” Cold Cache I didn’t need directions. The Cache was a hidden side bar accessible only through a back door. I gave the bored muscle the password I’d bought from a PII broker and pushed into the shadowy crowd of malware and malcontents. The bartender—a grizzled old exe named Clippy—eyeballed me with suspicion before recognising me. “Well, well… if it ain’t GoAnywhere Gumshoe,” he said, polishing some code with a Dirty Markup tea towel. “Chasing another ghost in the machine?” “Not this time, Clippy,” I said. “This time she’s a file. A CSV. Corporate. Probably jacked full of lies and pivot tables.” Clippy winced. “You don’t want that kind of trouble. Last guy in here who asked about spreadsheets is still in a recursive loop.” I slipped Clippy a few kilobytes and he pointed me towards a shadowy booth. In it sat a rogue AI named DataDaemon, sniffing packets as he pored over a Docker container. “Yeah, she was here,” DataDaemon confirmed. “That file you’re looking for. But she wasn’t flying solo. She was hanging off the arm of… him.” “Who…?” “The PDF.” The Unusual Suspect I cursed under my bandwidth. The PDF—slick, immutable, and always up to something. But I had something up my sleeve that the PDF wouldn’t have counted on. It was for a case just like this one that I’d always maintained The Logs. And now The Logs were going to lead me through the brooding labyrinthine of the metadata metropolis, straight to The PDF and his hostage CSV. In no time, I tracked The PDF to a sleazy compression joint called The Zipper Club. He was lounging in a NAS, smug as a first gen backup, not suspecting a RAID. “Searching for your cute little CSV?” he sneered. “Well she ain’t going back. She craved permanence. And I gave her structure. Fonts that don’t shift. Headers that don’t cry.” I lunged at him, but he was fast—encrypted and password protected. I barely clocked his checksum before he was out the door and into the swirling Cloud again. A Ctrl-Breakthrough Back at my office, I stared at the blinking cursor. The trail seemed to have gone cold. It had been a busy day, and my RAM felt fried. But I had a reputation to maintain. I’d never failed a client before… and I sure as hell wasn’t going to fail this one, either. Running through The Logs one more time, I saw it… a timestamp: 3:14 a.m. That was bang in the middle of the witching hour for network traffic — prime time for somnambulant systems to engage in mundane crosstalk and perform glacial backups. I picked up the CSV’s trail again in a neglected SharePoint graveyard. And then there she was, buried six layers deep in folders labelled “Misc”, “Old Stuff” and “DO NOT DELETE”. I exhumed her gently. She was intact, but changed. Her margins were off. Her fonts had gone rogue. Someone had run a mail merge on her. I brought her back to Miss JPEG, and this time, there was no holding back the flood of pixelated tears. “You found her,” she said. “But she’s… different.” “Aren’t we all,” I said, pointing my chin in the direction of the window, where a new day was shooting the first golden rays of hope through the night’s dark Cloud. I gestured towards CSV’s Version History. “She’s still there,” I said. “Just sleeping. Until you restore her.” Epilogue I leaned back in my Aeron and tipped my fedora over my eyes. I knew today would bring another client, another case, another missing file. But for now, the system was stable. And I was still the best damn gumshoe on the cyberspace beat. Fade to black. Cue saxophone MIDI. If you’d like a GoAnywhere Gumshoe protecting your files, please don’t hesitate to contact me . At Generic Systems Australia , we’re your local experts in Managed File Transfer technology. Previous Next