Services

Home » Services

With more than a decade of experience across New Zealand organisations large and small, we provide security, privacy and data protection services tailored to your needs and business risks.

We can deliver cost effective security and privacy uplift aligned to the New Zealand government’s Protective Security Requirements and NZISM or an international information security management system (ISMS) or control framework of your choice including CIS, NIST and the ISO 27000 series.

Our aim is to deliver business resiliency and continuity of operations and minimise the impact of common information security risks.

Security Culture

  • Structured security and data protection awareness and education programmes based on pre/post analysis of incidents and baseline problem behaviours
  • Risk profiling of your workforce using our Security Quotient model to deliver targeted, evidence-based education focused on early intervention
  • Experiential and multi-modal training content and live events delivered as a service to an agreed cadence
  • Phishing simulations delivered as a service focused on current localised threats and campaigns
  • Security culture workshops and employee surveys to identify tailored training opportunities
  • Cybercrime prevention education programmes linked to our Cyber Self Defence Framework and suited to work/life risks

Security Services

  • Executive business risk briefings that cut through the cyber jargon
  • Virtual Chief Information Security Officer (vCISO) provided on a fractional basis for short remediation projects or longer term security maturity programmes
  • Pre and post audit or pentest information security strategies tailored to your needs and budget
  • Design and delivery of third party risk management or supply chain security assurance programmes to bring visibility to your third and fourth party risks
  • ISO27K certification gap analysis and implementation of effective governance, policies and controls to help you certify
  • Security incident response planning and exercising
  • Enterprise wide or focused threat and risk assessments to drive prioritised security uplift and deliver ‘bang for buck’
  • Crown jewels assessments to identify business critical services and highlight dependencies and key risks
  • Lifecycle security assurance/certification and accreditation tailored to your business needs, SDLC approach and risk appetite
  • Physical security assessments to produce detailed site security plans that can be linked to existing Health and Safety investments

Privacy Services

  • Readiness assessments for the Privacy Act 2020 and assessing harm for mandatory breach notifications
  • Privacy incident response planning and exercising
  • Privacy programme gap analysis and maturity assessments
  • Privacy programme design and delivery alongside your DPO
  • Data asset inventorying, international data flow mapping and assistance building a record of processing activities (GDPR)
  • Privacy Impact Assessments to identify risks, evaluate potential harms and determine effective privacy engineering mitigations
  • Privacy culture workshops and surveys to identify tailored training opportunities

Home » Services