We are struggling to make sense of Cybersecurity in our organisation. Can you help ?
MOST LIKELY SIGNALS
Your IT and/or InfoSec and Board have a failure to communicate. Your IT/InfoSec is suffering assessment fatigue. Board discussions on cybersecurity are vague and difficult to action. The Board are not taking clear and meaningful actions as a result of cybersecurity risk reporting. You are losing competitive bids. The Regulator, or B2B customers are not satisfied with your current cybersecurity programme.
BOOK AND PAY $250 DEPOSIT
AGREE DELIVERABLE & DETAILS IN SESSION
EXPERT SUBMITS DIGITAL STATEMENT OF WORK
YOU DECIDE GO/NO-GO
NO-GO = DEPOSIT RETURNED TO YOU
GO = PAY REMAINING $, WORK STARTS
AU$ 9,950 excl. GST
HOW WE WILL HELP YOU
Following the discovery call and your confirmation of the Statement of Work, Simon will ask you to provide essential information which needs to include; company strategy, IT and cybersecurity organization diagram, current cyber risk reporting and associated risk statements, cybersecurity strategy and programme plan, security policy and controls framework description, third party risk management reports.
Simon will then spend 4 days reviewing your inputs.
Following the review, Simon will set up a 2-3 hour video workshop session with your key stakeholders and ask questions about your information.
Following the review Simon will set up two 2-3 hour video workshop sessions.
One workshop will be with your key Executive stakeholders to ask questions about your current cybersecurity governance and the wider risks and dependencies created by cyber including vendors, employees, and customers.
One workshop will be with your IT and cybersecurity team to review internal IT and cybersecurity operations structures, platforms and reporting activities.
Over the next 5 days, Simon will develop a cybersecurity risk governance and reporting strategy.
During a final 2-hour video session, Simon will present a governance assessment against 6 key maturity metrics, presented as imagery and copy, and improvement recommendations that prioritise attitude to risk over new expenditure.
RESULTS & OUTPUT
You will have a tangible and practical guide for the Board on the governance of cyber risk (avoiding the jargon that typically surrounds the threat).
Your IT and Cybersecurity practitioners will understand better the reasons for previous lack of action on cybersecurity risk.
You will be able to immediately prioritise and implement more useful cybersecurity risk reporting.
I WILL BE HELPING YOU
developing digital resilience strategies, rightsizing cybersecurity and privacy programmes, securing cloud and on premise infrastructure, cybersecurity assessment testing and due diligence, managing third party cyber risk, automating security operations, securing DevOps and agile SDLCs, fusing financial crime and cybersecurity operations
Cybersecurity & Digital Resilience
Simon has over 15 years of experience of what good cybersecurity looks like in a range of industries, and the processes and structures required to achieve it.
He understands the chain of causation, knowing what elements need to be revised or revisited, in order to get the best out of cybersecurity and IT teams with the resources available.
Staying one step removed from the Executive, he acts as a critical friend and mentor to cybersecurity risk owners, voicing constructive criticism where necessary and providing an expert lens on matters of cybersecurity risk.
He understands that when it comes to cyber security, boards have a difficult job to do. On the one hand they need to ensure their companies are at the forefront of digital transformation so as not to be left behind; on the other hand they need to make sure that their companies are resilient to the cyber attacks which digital transformation will amplify.
He ensures that the debate around cybersecurity is as healthy as that concerning other areas of the business, helping create a safe environment where the overall vision of the board trumps any personal agenda