Cybersecurity impacts your entire environment. This means your compliance activities can be complex with many overlapping areas. Compliance can be self-imposed or mandated through regulation or other stakeholder requirements.
It is common to handoff some of your IT requirements to third parties such as cloud providers or IT support companies. Whilst you may have contractual controls in place, how do you really know they are meeting your cybersecurity expectations?
There is no one-size-fits-all model, and your compliance requirements are unique to your organisation.
We can help you understand your compliance requirements and work with you to achieve the level of compliance that you need for your environment.
We work with you wherever you might be in your journey – whether you are wanting to assess your environment and identify where compliance gaps exist, develop a roadmap to close those gaps, or prepare for certification. We also have a service that can help you manage your compliance activities saving you time and money!
We’ll also work with you to provide an independent assessment of those ‘trusted’ third parties.
Your executives can be assured that your cybersecurity processes have been independently assessed so you have objective feedback and know your true cybersecurity status.
This service is designed to help you manage your control compliance lifecycle. It offers a single repository for all your compliance information so that you can more efficiently track control assessment information, undertake compliance activities, and better understand and mitigate your gaps. It is designed to save you time and money and provide you with visibility and a foundation so you can implement a consistent process.
Business managers and technical teams don’t always have a clear understanding of what is required to protect both their business and its information assets in an increasingly connected operational environment.
This service provides you with an objective view of your current level of cybersecurity maturity and a pragmatic roadmap to help you raise the bar. Our consultants have extensive experience with various frameworks.
Our service includes the following:
Organisations may need to demonstrate a level of cyber maturity by becoming certified.
A cybersecurity certification readiness assessment provides you with greater knowledge and understanding of your system’s cybersecurity posture before you involve the certification auditor.
Our consultants work to assist you with the following activities:
If you can’t measure it, you can’t improve it!
This service provides you with a detailed assessment to determine the efficacy of information security controls, as a standalone review and report, or as part of formal review of your information security management system (ISMS).
For these engagements we work within your controls framework, risk management, and treatment methodologies.
You will receive:
There is a misconception that cybersecurity threats are limited to technology and online activity, however your physical environment could be equally at risk. When staff are distracted, they may not pay attention to unauthorised people attempting to access restricted areas, or they may leave their unattended computer unlocked.
Our team has significant experience simulating unauthorised access to restricted areas during office hours.
This service assesses how easy it is for an unauthorised person to access your environment.
The three main assessment areas include:
Following the assessment, we provide you with a report of our findings and recommendations.
Penetration testing is important in helping you understand your application, network, and perimeter-based vulnerabilities that hackers could exploit. Understanding what these gaps are, is the first step towards remediation.
We have partnered with ZX Security to provide you with the following services:
“During our recent CIS assessment, I was amazed at how quickly Dave L was able to build rapport with my team, and how comfortable and open they were with him whilst he was essentially “picking through their dirty laundry”. This resulted in many valuable deep dive discussions, and a more thorough review of our environment.”
NZ Automobile Association