Cyber Security

We work with your organisation to assess the likelihood of a security incident and the true consequences should one occur. We will help you identify the data that really matters to you and will help you through the process of selecting appropriate security controls that maximise protection and enhance your digital opportunities.

We measure the effectiveness of your organisation’s security controls and processes against baseline standards outlined in the New Zealand Information Security Manual (NZISM) and Protective Security Requirements (PSR). Through our tailored approach, we can help you establish visibility and understanding of cyber risks across the technology landscape. This provides your security team and information owners with a clear and business-focused view of the risks they need to consider in making certification and accreditation decisions.

We can perform regular health checks of an agreed set of security controls and processes for your organisation to measure their ability to manage risk. We then track this effectiveness over time, allowing us to work with you to define and track a security-improvement programme.

We are uniquely positioned to help you rapidly respond to, investigate and remediate security incidents. We help to identify the source, location and nature of the incident, assess the business risk and customer impact, and provide assistance to remediate vulnerabilities to minimise the impact and to prevent future occurrences. What sets us apart is our ability to combine technical skills and business strategies to protect your brand value.

We can work with your organisation to create and deliver security awareness training tailored to the roles within your company or department. Our security awareness training considers the current threat landscape and we perform real-world testing to help your organisation measure the effectiveness of the education.

The management, maintenance and preservation of privacy is a fundamental component of establishing and maintaining trust. We provide support across all stages of your privacy lifecycle – from the privacy strategy, governance structure, information inventory, processes and privacy framework. Through this methodology, we can assess your privacy environment in terms of maturity and regulatory requirements, safeguards and the information protection culture to identify control gaps and benchmark results.

We can work with you to be your virtual security capability, either through a co-source partnership or access to dedicated, experienced security resources. This is a longer-term approach where we provide the best skills to help you manage your risk, allowing you to focus on your business. We work with you to understand your organisation and integrate with your internal team to provide pragmatic security advice and guidance on what will work and what won’t for your organisation.

We can assist you in defining or refining a strategy based on your level of risk and how you want it to be managed. Examples of this include implementing an uplift in security capability. We work with you to understand the level of capability needed, then co-create your strategy and support you through to execution. Our process includes ensuring that the realisation of the strategy is sustainable by making sure the most appropriate governance is in place to support the uplift.

We can augment your existing team to assist the development and design of systems and networks. Ranging from project inception and planning through to detailed design and implementation, we can work with you, bringing in our previous experiences in security design, deployment and operational management so that any design is practical and able to be cost-effectively managed in line with your risk profile.

Emerging technologies such as cloud computing, mobile, social networks, Big Data and AI expand the way you do business and interact with stakeholders, including customers, employees and business partners in the digital world. Enabling business agility while securing the critical identity data has become more challenging.

Identity and Access Management (IAM) refers to a set of business processes and supporting technologies that can help you to create, maintain and use digital identities within your organisation. The impact of IAM on user communities, application portfolios, and information resources is extensive. IAM services are enabled through governance, people, process and technology. Our Cyber team includes identity specialists with international experience in delivering the IAM capabilities from strategy through to execution and operation.