sb-eu logo
Story image

RSA responds to increasing A/NZ regulations with new updates

RSA, a cybersecurity company specialising in integrated risk management, has released new updates to its RSA Archer Suite offerings to meet changing regulatory demands of Australia and New Zealand.

The new data protection and privacy management capabilities will help business in the A/NZ region to better ensure data protection and privacy regulations and compliance, according to the company.

RSA states that around the world regulators are enforcing more rules around how organisations use, manage and protect personal information.

This includes, for example, the introduction of the General Data Protection Regulation (GDPR), and locally the Notifiable Data Breaches scheme (NDB).

These changes can be seen in the recent updates to the Australian Privacy Act, the Australian Prudential Standard CPS 234 on Information Security, and the New Zealand Privacy Act.

Following these compliance changes, RSA has extended the RSA Archer Suite to include new regulatory content as well as enhanced Privacy Management use cases, to assist local customers with their Privacy and Regulatory Compliance practices.

The RSA Archer Suite is designed to help organisations manage multiple aspects of business risk using an integrated risk management platform, and solutions built on industry standards and best practices.

RSA director of integrated risk management (APJ) Sam O'Brien, says, “Our local customers are coming up against new regulations and standards to help keep data secure. It's elevating risk, security and compliance issues to the attention of the c-suite more than ever before.

“But risk is multifaceted. Operational risks, compliance risks, cyber risks and third-party risks all overlap. That''s why it's essential to look at a unified, phased approach to integrated risk management, especially if a business is trying to protect data at scale.”

The RSA Archer Authoritative Source library has been extended to include:

Australian Privacy Act Authoritative Source

  • The Privacy Act 1988 (Privacy Act) is an Australian law which regulates the handling of personal information about individuals. Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.
  • The Australian Privacy Act Authoritative Source is available with the use of the RSA Archer Policy Program Management, RSA Archer Controls Monitoring Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.

Australian Prudential Standard CPS 234 on Information Security Authoritative Source

  • The Australian Prudential Standard CPS 234 on Information Security aims to ensure that an APRA-regulated entity takes measures to be resilient against information security incidents (including cyberattacks) by maintaining an information security capability commensurate with information security vulnerabilities and threats.
  • The Australian Prudential Standard CPS 234 Authoritative Source is available with the use of the RSA Archer Policy Program Management, RSA Archer Controls Monitoring Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.

New Zealand Privacy Act Authoritative Source

  • The New Zealand Privacy Act 1993 promotes and protects individual privacy in general accordance with the Recommendation of the Council of the Organisation for Economic Co-operation and Development Concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data.
  • The New Zealand Privacy Act Authoritative Source is available with the use of the RSA Archer Policy Program Management, RSA Archer Controls Monitoring Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.

This is in addition to recent updates to RSA Archer Regulatory Compliance use cases including:

  • The RSA Archer Data Governance use case, designed to assist organisations in documenting data governance requirements to improve support for data-centric regulations, such as HIPAA, GLBA and GDPR.
  • The RSA Archer Privacy Program Management use case, designed to enable organisations to manage privacy programs and align processes with regulations, including privacy assessments and regulatory case tracking.
  • The RSA Archer Cyber Incident and Breach Response use case, designed to align security to business risk, providing a measure of control efficacy and centralising the process for responding to business-impacting security incidents.
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
Radware issues security alert, warning of global rise of DDoS-for-hire
Efforts from corporations, law enforcement and independent researchers around the world have attempted in the last two years to curb this growth – but the industry keeps growing says Radware information security researcher Daniel Smith.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More
Story image
GCloud updates capabilities with Anthos enhancements
Google Cloud has announced improvements for hybrid compatibility, services, development, migration and identity security with updates to Anthos.More