Our operation

How we identify, monitor, and report security issues

Vulnerability management

Detecting potential security risks, even before they happen, is one of our Security team’s most crucial tasks. By proactively monitoring our environment to identify security threats and vulnerabilities in real-time, we can act immediately should a hacker try to break into our network and steal sensitive information.

To help us in our fight against cyber threats, we’ve deployed various scanning tools to assist with the search, identification and validation of vulnerabilities. These can effectively inform us of the potential impact to the organisation. These scans are performed at least monthly to ensure that any new weaknesses are reported as soon as possible. It also allows us to gauge the effectiveness of the countermeasures that we’ve deployed to protect our systems.

Vulnerability management provides continuous checking and verification of security risks to our business. It allows us to act fast and carry out quick fixes to any short-term issues, and focus on bigger, more critical risks to the organisation.

Event log management

IT systems within Southern Cross are configured to perform event logging. Event logging is performed to ensure we can carry out troubleshooting and trend analysis. It also helps us better understand irregular system behaviour.

By being able to view potential issues, which are correlated and entered into a central log management system, we can better understand how our systems are functioning and if they’re performing as expected. Where multiple irregular events are identified, we investigate and address this as part of the incident management process.

Our security team are supported by third-party security consultants, and together they ensure all our systems and applications have been configured appropriately to ensure that if there is any unusual behaviour on our system, we’ll likely detect it.

Incident management

Incident management helps us prepare for unexpected security threats that may impact or harm our environment. These threats can relate to hardware, software, and other services.

All our IT systems and applications have triggers enabled which alert our security team to any unusual system behaviour or known security threats. We also work with third-party service providers who support us by monitoring our network and systems. They collect logs of generic events using various scanning tools, analyse, and flag any suspicious activity to our security team for investigation.

 

Responding to potential threats

To help us respond to security incidents, we’ve implemented an Incident Response Plan (IRP). The IRP outlines the procedures we use to detect and respond to unauthorised access or disclosure of private information. It also defines:

• roles and responsibilities of the teams responsible for security
• measures to be taken to address the incident
• tools for managing the incident
• steps on how the incident must be investigated, communicated, resolved, and closed
• communication among affected stakeholders
   

Continuous development

After a security incident is resolved, we’ll perform root cause analysis. This allows us to document complete details of the incident to prevent it from happening again.

In addition, we implement practices designed to proactively reduce the risk of a privacy or data breach. These include training our team members on compliance requirements and putting in place appropriate physical security and environmental controls for our IT infrastructure.

Change management

Implementing IT changes without any interruption to our services is crucial, so our change management process ensures all changes are logged and assessed for impact, cost, benefit and risk.

We perform pre-deployment activities, and these include developing a business justification, planning and scheduling of changes, as well as obtaining prior approval from a change manager and the change advisory board. This ensures changes are reviewed, deployed, and closed in a controlled, effective manner.

Privacy breach

A privacy breach occurs when there is unauthorised access or disclosure of private information from IT systems and applications.

We constantly monitor our environment and have security controls in place aimed at preventing privacy data breaches. However, if a breach does occur, the focus becomes on minimising the reach and impact of the breach.

A privacy breach occurs when there is unauthorised access or disclosure of private information from IT systems and applications. We constantly monitor our environment and have security controls in place aimed at preventing privacy data breaches. However, if a breach does occur, the focus becomes on minimising the reach and impact of the breach.

---

Tell us about our security

Although it’s highly unlikely that any gremlins will get into our system, we want to hear about them if they do. So, should you come across anything that seems fishy when you’re using our products and services, please contact us.