Telstra | Breaking Cybersecurity News | The Hacker News

Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security officer for the Asia Pacific region,  said . "And no customer account data was involved." It said the breach targeted a third-party platform called  Work Life NAB  that's no longer actively used by the company, and that the leaked data posted on the internet concerned a "now-obsolete Telstra employee rewards program." Telstra also noted it became aware of the breach last week, adding the information included first and last names and the email addresses used to sign up for the program. It further clarified that the data posted was from 2017. The data was "basic in nature," Devine said.  The company did not reveal how many employees wer

According to a secret agreement it signed in 2001 with the FBI and US Department of Justice - Telstra, Australia's largest phone company is storing huge volumes of electronic communications it carried between Asia and the US for potential surveillance by US intelligence agencies. The contract was prompted by Telstra's undersea telecommunications joint venture called Reach . Undersea cabling " physically located in the United States, from which Electronic Surveillance can be conducted pursuant to Lawful US Process. " The document also specifies the facility should be run exclusively by US staff.  The document was signed by Douglas Gration, a barrister who was then Telstra's company secretary and official liaison for law enforcement and national security agencies. The venture also guaranteed it would be able to provide U.S. authorities with copies of stored data, call logs, subscriber information, and billing data, according to the document. Those were to be stor

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.