Everyone is at risk of a cyber-attack. Is your business information secure?
But it’s not the only one.
Too many businesses think of cyber-security as a ‘silver bullet’ for information protection. The reality is cyber-security is a methodology and toolset to triage, investigate and remediate gaps and issues in the security framework.
The correct methodology is the use of information management principles.
- Perform a gap assessment against a suitable security framework (NIST, ISO27001 or the ASD Essential 8 maturity model.)
- Produce a security strategy and roadmap.
- Provide technical advice that is prioritised so that you know which cyber security practices to implement first for best results.
- Arrange a cyber-security firm to roll out the recommendations against the strategy.
Here's where we can help you
- Setting the information governance agenda
- Building the information governance framework
- Data audits, data access governance assessments and recommendation
- Critical information asset registers
- Business classification schemes
- Information protection strategy, framework and architecture
- Information security classification frameworks/data classification
- DLP and rights management – sensitive data assessment
- Business impact analysis.
- Enterprise security: strategy, design, planning, awareness.
- PCI compliance.
- Security policy compliance: assessment, frameworks, compliance.
- Vulnerability management: assessment, engineering, deployment, SEIM.
- DLP/RMS: architecture and implementation.
IdM: assessment, strategy, architecture implementation.
- Incident management: incident classification event analysis and design, SIEM, SOC, incident response.
- ISO 27001/27002: ISMS assessment, framework, procedure and implementation, awareness.
The vast majority of Australian Small Business' are unprepared.
70% of organisations are rated ‘novice’.
Almost half of Australian small business consider themselves ‘average’ or worse in their cyber maturity.
In 2019, ACSC received 1 report of cyber-crime every 10 minutes – equating to over $680million of lost revenue.
Australian Enterprise is only marginally better.
16% of large Australian large business can’t identify who is accountable for IoT security.
Only 38% of large business will invest in aligning business objectives with information security needs.
There are a greater number of attacks than ever before, also causing a greater disruption and lost revenue to business.