Welcome to the debut issue of Terms & Breaches—where Cyber Security holds the line, and cyber insurance picks up the pieces when things go sideways. This is your weekly catch-up for the chaos you missed last week. From Australians being urged to clean up their cyber hygiene after high-profile hacks, to Krispy Kreme’s servers getting glazed by ransomware, we’re here to keep you informed and just paranoid enough to stay prepared. Let’s dive in.
Australia & New Zealand
Endeavour Energy Boosts Cybersecurity with CyberCX Partnership, 2 January 2025
Good news—Endeavour Energy (NSW) has decided not to let hackers turn the lights out. By partnering with CyberCX, they secured ISO 27001:2022 certification for their security management systems.
Implications of the US Treasury Hack for New Zealand, 31 December 2024
Turns out New Zealand might be easier to hack than a college Wi-Fi network. After the US Treasury breach, Kiwi experts are sweating over what this means for their own systems. Psst, “not immune” is the polite way of saying “extremely vulnerable.”
Australians Told to Clean Up Their Cyber Mess, 30 December 2024
After hacks on Ticketek and Ticketmaster, experts are practically begging Australians to ditch ‘password123′ and stop treating cybersecurity like optional sunscreen. Weak passwords and outdated software made hackers’ jobs easier than finding a snag at a Bunnings sausage sizzle. MSPs, now’s the time to give clients the cybersecurity lecture they’ve been avoiding.
Rest of the world
Amit Yoran’s Legacy in Cybersecurity, 5 January 2025
Cybersecurity lost a big player. Amit Yoran, CEO of Tenable, left behind a legacy of pushing for stronger defences and fewer excuses. If the industry listens to what he preached, we might stand a chance against what’s coming next.
US Sanctions Chinese Cybersecurity Firm Over Alleged Hacking, 4 January 2025
The US just called out China for hacking critical infrastructure, proving that international cyber drama is alive and well. Sanctions have been slapped, and now everyone’s waiting to see what Beijing does next. Pro tip: MSPs should double-check their vendor lists—before someone else does.
Krispy Kreme Hit by Ransomware Attack, 31 December 2024
Hackers went after Krispy Kreme’s online ordering system, proving no one’s safe—not even your donuts. Stores stayed open, but customers had to order the old-fashioned way (with human interaction). It’s a sweet reminder to patch vulnerabilities before ransomware turns your servers into jelly donuts.
Cyber Insurance
Australia & New Zealand
Australian CFOs and Cyber Risk Mitigation, January 2025
CFOs, meet your new side hustle: cyber defence strategist. Palo Alto Networks says Australian finance chiefs need to think less about budgets and more about breaches in 2025. Translation? More spreadsheets, more insurance policies, and more sleepless nights.
Rest of the world
Generative AI’s Impact on Cyber Insurance, 3 January 2025
AI is the new MVP in cyber insurance—both a solution and a problem. It’s helping insurers automate claims while also giving hackers better tools to create chaos. Balancing innovation and risk management just got a lot harder.
EU Strengthens Cyber Rules for Critical Infrastructure, 3 January 2025
The EU just upped the stakes for critical infrastructure security. The rules are tougher, the compliance checks scarier, and businesses are scrambling to get insured before regulators start knocking.
MSSPs Expand Services to Meet Insurance Requirements, 2 January 2025
MSSPs are cashing in on compliance services, bundling audits with security tools to meet insurance demands. Basically, if you want coverage, you’d better prove you can survive the next attack.
Cyber threats don’t take breaks, and neither should your defences. From geopolitical hacking tensions to AI-driven risks, the battle is heating up. MSPs need to stay sharp, stay paranoid, and ensure your clients’ cyber resilience with insurance. See you next week, assuming you have chosen to follow us (and if the hackers don’t get us first).