We've all seen the headlines.
The security boundary has shifted. It was your network edge. It's now your information edge.
We understand this.
We also understand it is a business problem and not a technical problem.
So while we can help you with your technology, we want to help you with your business.
Protecting the information boundary.
Security Governance is a cornerstone of our practice and we believe strong governance is critical to effective security management.
We can help you with security policy assessment or development.
Our Security Governance services include:
A well-considered and accurate threat position is essential to a properly calibrated risk position. Without it your organisation may struggle to accurately position itself against its threat profile. It can be difficult to justify security programs and expenditure if you do not understand what you are defending against.
Our threat intelligence program will help you to understand who and what is interested in your organisation and why they may be interested. You have a need to protect yourself from malware, but you have a greater need to protect yourself from people.
Our Threat Management services include:
We consider poor risk management as one of the greatest security risks most organisations face. A correctly considered risk assessment is a powerful tool. However, we have seen too many that are cursory, high level, and with a focus on making risks green.
We have no interest in delivering you a high level risk assessment that informs you of a need for anti-virus. We do have an interest in delivering you a properly considered, justified, and targeted risk assessment that is contextual and calibrated against your threat. We want to help you correctly identify your risks that help you make informed and supported security investments.
Our Risk Management services include:
We can help you with all aspects of NZISM and PSR Certification and Accreditation.
Our Partners hold a deep and long term association with the NZISM - some of us have even written or reviewed parts of earlier releases.
If you are seeking a security partner that can provide you with a sensible interpretation and implementation of the NZISM, then look no further. We are quite possibly the only security company to have staff who have held positions as system auditors, owners, Certifiers, and Accreditors of systems at all classifications.
We understand the NZISM.
For our private sector customers who are less interested in NZISM compliance.
We can help you to prepare for ISO27001 audit. For those who do not wish to undertake an audit, but do wish to ensure their security practices are aligned, we can undertake an alignment project to identify any gaps, suggest remediation, and help with your organisational security culture.
Having set up the National Cyber Security Centre (NCSC) Incident Response capability we have the experience to help you with most incident scenarios that you may face.
Our services include:
Our Directors and staff have extensive experience running security investigations. Between us we have been involved with most kinds of investigations including cyber, fraud, theft, and personnel investigations. We are familiar with judicial processes and evidential requirements.
Our security investigative services include:
Digital forensic examination is one of our core services. Our forensic services operate to evidential standards and will meet judicial requirements. Our methods and techniques are drawn from the best of law enforcement and government security experiences.
Our forensic examination services include:
The secret to successfully managing your security is knowing when things have gone wrong and when incidents have occurred. This requires a monitoring solution that notifies you when required.
We have partnered with world leading detection technology companies to bring you an international quality security monitoring service based right here in Wellington, New Zealand. We combined our knowledge of adversaries and attack methodologies, and our previous experiences investigating extremely complex and sophisticated attacks with the right technology. We overlayed this with our detection and analysis techniques to bring what we believe is a world leading, cost effective security monitoring service.
Please talk to us about our vSOC. It could very well be the best security decision you make.
Our backgrounds are drawn exclusively from law enforcement, defence, intelligence and security agencies. All of our directors and consulting partners have engaged in cyber security issues at a global level. Between us we have:
We have considered cyber security at a macro level and enacted cyber security at a micro level.
We believe our assembly of cyber and information security specialists is unique within the New Zealand market, and rare in the global market.
Our people, techniques, and, most importantly, thinking come from the leading edge of cyber security.
We have assembled an executive team that is unrivalled in its cyber security expertise and experience. In previous roles our staff have led our national efforts and contributed to international cyber security efforts. We have a clear sense of what can be done, and more importantly what cannot be done.
As a business advisory, we can help you understand the threat and risks, calibrated to your business, and help you formulate a sensible and appropriate plan to manage these risks.
Ian is widely known for his role as Director of the GCSB, where he led the organisation through great change, including transforming its legislation and core focus to allow for national cyber defence initiatives.
Ian's other initiatives may be less well known, but are no less remarkable. He is a highly experienced organisational leader and diplomat, who is highly regarded for his organisational change management work. He has led organisations as diverse as the GCSB, UK Patent Office, Queensland Department of Employment, Economic Development and Innovation, UK Diplomat to Kosovo, and chaired a G8 committee on intellectual property.
If your governance Board is grappling with cyber security, Ian may be able to help bring the issues into focus and into perspective - and in a business context the board will appreciate. While cyber security is important, Ian understands it is not the only risk your business faces.
With over two decades in the military and GCSB security sector leadership, Jonathon has the knowledge and experience to help you develop and achieve an information security program that is proportional to your business needs. Jonathon has led major system security audits and developed remediation programs that have helped organisations measurably improve their security position.
Jonathon's specialities are Governance, Risk and Compliance with an emphasis on audit to recognised standards such as NZISM or ISO27001.
With a major in forensic investigation and incident response and a minor in policy development and risk management, Marc will be able to help you understand the technical context within a business risk. Having spent 13 years with the New Zealand Police forensic services and around ten years information and cyber security with the GCSB, including establishing and managing the cyber forensic investigation and incident response capability, Marc has the skills and experiences to help develop an appropriate cyber security program.
Our methods are simple. We get to know you, your business, and your (security) needs. We help you achieve these needs. In a way that will enhance your business. We firmly believe security should be an enabler. We don't say 'no'.
We have partnered with some genuine world leaders in the security market. Announcements are coming....