How we identify, monitor, and report security issues
Detecting potential security risks, even before they happen, is one of our Security team’s most crucial tasks. By proactively monitoring our environment to identify security threats and vulnerabilities in real-time, we can act immediately should a hacker try to break into our network and steal sensitive information.
To help us in our fight against cyber threats, we’ve deployed various scanning tools to assist with the search, identification and validation of vulnerabilities. These can effectively inform us of the potential impact to the organisation. These scans are performed at least monthly to ensure that any new weaknesses are reported as soon as possible. It also allows us to gauge the effectiveness of the countermeasures that we’ve deployed to protect our systems.
Vulnerability management provides continuous checking and verification of security risks to our business. It allows us to act fast and carry out quick fixes to any short-term issues, and focus on bigger, more critical risks to the organisation.
Event log management
IT systems within Southern Cross are configured to perform event logging. Event logging is performed to ensure we can carry out troubleshooting and trend analysis. It also helps us better understand irregular system behaviour.
By being able to view potential issues, which are correlated and entered into a central log management system, we can better understand how our systems are functioning and if they’re performing as expected. Where multiple irregular events are identified, we investigate and address this as part of the incident management process.
Our security team are supported by third-party security consultants, and together they ensure all our systems and applications have been configured appropriately to ensure that if there is any unusual behaviour on our system, we’ll likely detect it.