Advisory &
strategy

Cyber Essentials

Guard your business against the most common threats with the Cyber Essentials program. Rapid, thorough and effective, Cyber Essentials is perfect for businesses—particularly SMEs.

With Cyber Essentials, you can showcase your credentials and demonstrate your security commitment to customers, boards, suppliers and staff.

The program assesses and identifies the five fundamental technical security controls you need to defend against internet-borne threats.

1. Boundary firewalls and internet gateways
2. Secure configuration
3. Access control
4. Malware protection
5. Patch management

Our expert consultants will join your team onsite for one day to assess your system setups, use, security and process controls.

We’ll identify your security gaps and review specific issues like digital invoice fraud, phishing, hacking and insider misuse where necessary.

During our review, we’ll take you through our GASP process (Generally Accepted Security Practices) and recommend security improvements for your business-critical information systems and access control.

National Institute of Standards and Technology Cyber Security Framework (NIST CSF)

NIST CSF is a globally recognised cyber security framework used by companies of all sizes for tangible, long-term improvement.

We use the program extensively to help our clients manage their cyber capability and maturity.

NIST CSF uses a common language for all levels of your organisation or supply chain. It also applies a risk-based approach to security and integrates industry standards and best practices.

Payment Card Industry Data Security Standard (PCI-DSS)

PCI-DSS is the global security standard for increased and consistent controls that reduce credit card fraud.

Our PCI-DSS-quality certified assessors will work with your team to pre-audit and enhance your cardholder data security.

ISO27001

Keep your assets secure with the ISO/IEC 27000 family of standards.

The ISO27001 standard elevates the security of your financial information, intellectual property, employee details or third party information.

Our consultants will help you to comply with the standard with an initial gap analysis and a full audit.

Essential8, Australian Signals Directorate (ASD)

Essential8 is a well-known prescriptive approach for rapid cyber security improvement.

Protect your company against a range of adversaries with Essential8’s baseline of eight mitigation strategies, which can be customised to your risk profile.

Holistically implementing the strategy improves your security posture and saves you the cost and effort of responding to large-scale incidents.

We run a three- to six-month improvement program designed to align your organisation with Essential8’s technical requirements.