Receive occasional news and new articles from Cosive.

Thanks for subscribing to our newsletter
Oops! Something went wrong
Prescott Pym
Prescott Pym
Principal Security Consultant
February 21, 2024

Australia’s New Gateway Security Guidance: What Leaders & SOC Teams Should Know

On 24 July 2025, the Australian Department of Home Affairs released a major update to its Protective Security Policy Framework (PSPF) as part of the Commonwealth Uplift Reforms, overhauling how government agencies secure their internet gateways. Gateways are the boundary systems controlling traffic between an organisation and the outside world. This update replaces the old Gateway Security Policy with a new, mandatory Gateway Security Standard, which sets minimum security standards that Commonwealth entities must apply for gateway capabilities. In tandem, the Australian Signals Directorate’s Cyber Security Centre (ASD’s ACSC) published updated guidance to align with the new standard and reflect modern security practices. As someone immersed in the challenges of government gateway security at Verizon for over 14 years, I believe the recent advice marks a dramatic shift in approach.

Chris Horsley
Chris Horsley
Co-founder & CTO
February 21, 2024

Creating CTI Like a Journalist

I'm going to argue that as CTI analysts, we often get lost in the middle of these technical woods and forget about the ultimate purpose of threat intel: our outputs. These are commonly called threat intelligence products; the reports, alerts, or briefings we send to help others make decisions and take action. So how do we stay focused on the real purpose of CTI: producing useful, actionable outputs? Consider the lessons from an occupation we’ve had lifelong exposure to: journalism.

Prescott Pym
Prescott Pym
Principal Security Consultant
Terry MacDonald
Terry MacDonald
Co-founder & COO
February 21, 2024

CTI-CMM: Improving Cyber Threat Intel Maturity with Colin Connor, Terry MacDonald & Prescott Pym

In this episode of the Cosive podcast, Terry MacDonald and Prescott Pym are joined by CTI-CMM framework co-lead Colin Connor to dive into what the CTI-CMM framework is, why it exists, and how to use it.

Tash Postolovski
Tash Postolovski
Technical Marketing Manager
Prescott Pym
Prescott Pym
Principal Security Consultant
February 21, 2024

Episode #009 - Threat Sharing Communities with Prescott Pym

Cosive Principal Consultant and CTI expert Prescott Pym discusses the how and why of threat sharing communities, including CTIS, the Australian Signals Directorate's national threat sharing program. You'll learn how to get involved in your first threat sharing community, and why you might consider joining a national threat sharing program like CTIS.

Chris Horsley
Chris Horsley
Co-founder & CTO
February 21, 2024

My Washing Machine Refreshed My Thinking on Software Effort Estimation

I recently had a saga with a washing machine that reminded me why one of the most feared and hated tasks for software developers starts with the question: “So how long will it take you to build that?”