Problem Statement:

Often an organisation’s employees, particularly those working on or in the business’s IT environment have a solid understanding of their own IT environment and believe they can overlay that experience in the cyber security world and cover themselves off on cyber security risks. While there will always be a strong case for this to be true, how much safer would one feel if they brought in an expert at the very least to validate their perspective. Some recent notable ransomware attacks over the last two years include attacks on Toll Transport in Australia(twice), Garmin GPS systems and JBS Meat Works, an international meat processing firm across Australia and North and South America. The latter two paid the ransom, $10MUSD and $14MUSD respectively, however, Toll did not and were hit again after their first attempt to restart. Statistically, 70% of organizations hit by ransomware don’t last six months after the event and 80% don’t last 12 months after the event.

Service Description:

AUSCSEC’s consulting services are primarily focused on cyber security matters whereby they can advise on the behaviour of potential attackers; what types of attacks are in vogue and how best to defend.

AUSCSEC consultants are particularly good at seeing what weaknesses and vulnerabilities there are in your environment and determining how best to strengthen systems to prevent cyber criminals from exploiting those vulnerabilities.

Additionally, AUSCSEC consultants can help you prepare compelling business cases to win funding for almost any IT related initiative.

AUSCSEC consultants will always advise you on technology but emphasise that no matter how good your technology is, it is your staff that will generally be responsible for leaving doors open for any cybercriminal to sneak in.

AUSCSEC consultants have a broad skill set in the IT environment and can also provide advice on Executive IT Management, IT Infrastructure Management and Operations Management consequently, AUSCSEC offers CIO, COO and CISO as a service where there is a shortage of those skills within your organisation, for example after a sudden departure and while an executive search is underway.


The benefits of having an AUSCSEC cyber security consultant advise on these matters is that you will get frank, fearless and unbiased view of just how cyber resilient your organisation is and where your weaknesses lie. The value in that is then, should you choose to do so, being able to work with AUSCSEC consultants to jointly design a pathway to maximized cyber security resilience at a cost that suits your budget and timeframe.

Real Life Example:

At a recent Cyber Awareness Training event given by AUSCSEC’s consultants in regional Australia an IT service provider proudly proclaimed that all his clients were protected by his cyber secure email system which was highly efficient at diverting suspect emails to quarantine for his clients to examine later and give the nod to release the email or not. The AUSCSEC consultant asked; “Do you know if anything got through?”. The obvious answer is no but the IT service provider was adamant that his cyber security software was the number one in the world and his virus signature file was updated every few days, furthermore the massive volume of emails that were quarantined was testament to its success. The AUSCSEC consultant simply replied “Oh OK. I assume then none of your clients surf the internet so the chance of bringing something in from a “dodgy” web site is low.” The moral of the story is – if you want your plumbing fixed call a plumber, if you want your desktop infrastructure or software to be upgraded call an IT Service Provider, but if you want your cyber security to work effectively – call a cyber security specialist. Knowledge of IT is not automatically knowledge of cyber security.