Stay up-to-date with Artefakt’s newsroom: expert insights, thought leadership, and practical guidance to strengthen your cyber posture.
In a recent LinkedIn post, I outlined four simple questions to help leaders assess whether Post Quantum Cryptography (PQC) warrants a place on their agenda, and how urgently. The piece draws on Mosca’s theorem and covers the practical realities most organisations have not yet confronted. You can read the full post below. If your organisation hasn’t yet had this conversation,
A Standards Reference Model organises security standards into topic-aligned collections that correspond to organisational reality. These create coherence across regulatory, contractual, and policy requirements. Well-drawn topic boundaries enable teams to identify relevant requirements and understand accountability directly. This publication opens Artefakt’s Enterprise Security Architecture series. It explores structural and organisational decisions that deliver clear, navigable, and actionable security outcomes. Download
Supply chain contracts are one of the most consequential opportunities an organisation has to shape its security posture across the extended enterprise. The value of well-constructed security obligations lies in shaping supplier behaviour throughout the engagement, long before an incident tests them. The first in our GRC series, this short paper examines the principles and provisions that give supplier contracts
More than ever, the IRAP assessment and report is a commercial prerequisite for suppliers entering Australian government and critical-infrastructure markets. As government buyers increase their scrutiny of IRAP reports, depth and quality are shaping buyer confidence and market access. Our discussion paper examines the commercial value of engaging with the IRAP program as a supplier, and why both assessor and report
Although IRAP and Essential Eight assessments aren’t yet formal mandates for the private sector, their steady rise signals an emerging standard for Australian cybersecurity practices. As someone who’s spent many years working with information security frameworks, I keep an eye on the subtle but meaningful shifts in our industry. Recently, one observation has stood out: The Australian Information Security Manual