The key component of the revised Guidelines is reinforcing the “importance of incorporating security controls” in technology development and delivery lifecycle, as well as in the deployment of emerging technologies. It spells out that third-party services are to be assessed and managed ongoingly.

Detexian is not my first rodeo in a start-up. Back in 1999 after only 1 year from Design college graduation, I started my own business in web design and development in Perth, Australia. It was during the dot com boom, I was way too confident back then, thinking that it would be a walk in a park and in a way, for the first few years or so, it did feel like that.  Armed with a design award that I won and multiple job offers from interstate and overseas, my ego was at an all-time high, I thought I knew it all.

If you’re a B2B business looking to or already supplying to large organisations, you will probably have noticed an uptick in the number of questions and the “proof” of information security controls asked of you for systems that host business critical and customer sensitive data.

The topic of discussion was centered around opportunities and challenges arising from fast-paced SaaS adoption across businesses and industries, and how the role of IT has evolved as a result. 

As new information security regulations are coming into effect around the world, the way we do business with regulated industries is also changing. The financial services industry is leading the way in firming up vendor security assurance requirements, from self-attesting to providing evidence of accountability, processes, systems and controls in place.