In today's digital landscape, where cyber threats loom large and data breaches dominate headlines (think Optus and Medibank), effective cyber security compliance is no longer optional – it's essential.
For technology companies like Felix, entrusted with safeguarding the sensitive data our customers share, this responsibility is paramount. That's why we've built a robust cyber security compliance program, and in this blog post, I'll delve into how it safeguards customer data.
At Felix, our Cyber Security Compliance program has developed a set of policies, procedures, and controls across all aspects of the business to protect against cyber threats.
Our policies, procedures, and controls are specifically designed to conform to ISO 27001, SOC 2, and the EU's GDPR to provide peace of mind for our customers across the world. The combination of these frameworks formed the core of Felix's Cyber Security "prime directives" to ensure our platform's confidentiality, integrity and availability in managing our cyber security risks.
An effective cyber security compliance program can provide several benefits to our customers:
The cyber security threat landscape is constantly evolving and becoming more sophisticated. According to the Australian Signals Directorate (ASD), both state and non-state actors continue to show the intent and capability to compromise networks (ASD 2023).
The numbers paint a stark picture:
The professional, scientific and technical services sector reported the highest ransomware-related cyber security incidents.
Additionally, the ASD reported that over 92.6% of the cybercrime incidents were from small businesses with annual turnovers below $2 million. These small businesses commonly form a portion of our customers' supply chain and interact on the Felix platform as vendors.
Cybercrime types. Source: cyber.gov.au
Felix has implemented a wide range of security measures to keep customer data safe, including:
We have also recently fortified our defences, collaborating with leading security partners to strengthen our Security Information and Event Management (SIEM) capabilities. This advanced system identifies and addresses potential threats before they disrupt business operations.
Furthermore, recognising the increased vulnerability of small businesses in our customers' supply chains, Felix has been hard at work to bolster several security features offered to our vendor users.
Since October, we've proactively equipped select vendor users with an extra layer of defence against account takeover attempts. With Okta's multi-factor authentication and dynamic geo-location blocking in place, vendors are significantly less vulnerable if compromised by email phishing attacks.
We will be rolling these enhancements out progressively to all vendor users in the coming months, and we strongly encourage everyone to enable these features as soon as they become available, maximising their protection and contributing to a stronger overall security ecosystem.
At Felix, we see cyber security compliance as more than just a box to tick; it's the cornerstone of our commitment to protecting customer data.
Our processes, procedures, and controls, validated and audited against ISO 27001, SOC 2, and GDPR standards, demonstrate this dedication. We take data security seriously, no matter where our customer or their supply chain operate.
Felix's vigilance never sleeps. We keep a pulse on the evolving cyber landscape, staying ahead of the latest threats and trends. This commitment, not just to meet industry standards but to surpass them, is what truly builds trust.
In August 2023, Felix achieved SOC 2 Type 1 certification and GDPR compliance, an exciting moment for us as we continue to hold ourselves to the highest standards for data security.
The year 2023 was a dynamic one for the construction and infrastructure sectors in Australia. While challenges like project cost blowouts and workforce shortages dominated headlines, there were also positive developments, including renewed investor interest and significant progress in sustainability. Let’s look back on the key themes that shaped the industry this year.
It was a great pleasure to host Gavin Levinsohn, Chief Growth Officer at Eftsure, as he presented to our audience an insightful and informative session about the growing rate of cybercrime and risks exposed to your organisation and supply chain.
Gavin’s presentation was brought to life with real case studies and examples, highlighting the fact the threat of cybercrime is a real and a good strategy is essential to keep your employees knowledgeable and your organisation safe. As Gavin explains in his webinar, a good cybercrime strategy is broader than Felix and Eftsure but the tools we offer are key components in that journey.
Get the monthly dose of supply chain, procurement and technology insights with the Felix newsletter.