OVERVIEW
Effective cyber security is absolutely essential in today’s day and age. This includes the ability to anticipate incidents, watch for threats, and withstand & recover from security breaches. Anchoram Consulting offers multiple services across these domains, helping your organisation do what you do best, with confidence
Protective Security Services
Governance, Risk, and Compliance Services
It is imperative that a clear protective security strategy is based on a strong governance framework which fits within the organisation’s overall enterprise risk management structures. We start with undertaking a thorough analysis to identify protective security legislative and regulatory requirements, ranging from government policies to provisions in other specific legislative instruments relevant to your organisation.
Our services in this area cover a range of activities, which include:
- Clarification of your organisation’s security objectives based on a holistic and specialised threat and risk analysis
- Identification of your organisation’s assets that require protection
- Development of a comprehensive protective security management framework, including roles and responsibilities and policy and procedural frameworks
- Assessing the effectiveness of your organisation’s security compliance management systems, from both design and operating effectiveness points of view
- Organisational security culture and maturity assessments
- Assessment of your organisation’s security monitoring and reporting systems, and
- Executive training and mentoring.
Crisis Management and Resilience
In our view, legal and regulatory compliance is just the beginning. World class organisations go beyond a basic conformance approach to understand their exposure to risk. This enables an intelligent risk management approach through protection, monitoring, and resilience measures. Therefore we have heavily invested in our capabilities around business continuity planning and disaster recovery services.
Whether you already have a business continuity framework in place or want to build one, we have a comprehensive capability to assist you. Our associates are experts in undertaking business impact analyses, risk assessments, and plan development, including detailed implementation roadmaps, training, and exercises.
Our services include:
- Assessment of existing business continuity plans and disaster recovery arrangements
- Assisting with business cases for funding to uplift business continuity capability
- Development of artefacts, which include the business continuity plan and procedures, ICT disaster recovery plan and procedures, training modules (including e-learning), and other related tools and templates, and
- Conducting business continuity, emergency and crisis management, and disaster recovery exercises.
Why Anchoram?
Anchoram have capability in strategic planning and advisory services that cover the end to end project lifecycle. Our associates are appropriately qualified with senior practitioners who can help public and private sector organisations with all aspects of protective security. This extends from development of policy and guidance to detailed implementation, frameworks, and processes.
Integrated Security Services
The importance of staying one step ahead of developments in cyber is paramount for security today. Transformative technologies demand constant vigilance to achieve the confidence and resilience necessary for progress.
Penetration testing provides assurance that systems and their respective security controls are working as intended, and are not susceptible to exploitation.
Attack simulations are designed to test the strength of your security mechanisms by simulating an attack on your infrastructure.
Security reviews identify existing vulnerabilities and provide insight into how they may have manifested, as well as determining strategies and techniques to avoid future vulnerabilities.
Operational Technologies like ICS and IoT are both highly specialised and highly targeted, so managing the threats to these systems is essential.
A clear and robust protective security strategy avoids reactive and expensive decisions. Securing your reputation is a key to ensuring both operational and financial prowess.
The security of transport systems is an important part of keeping passengers, operators, and expensive cargo safe from malicious threats. Know your risks.
The Australian Signals Directorate (ASD) administer the Information Security Registered Assessors Program (IRAP) to ensure that entities can access high-quality ICT assessment services. We are experienced and trusted IRAP assessors, fully endorsed under the recently renovated scheme.
Practice Lead
Craig Petrie CSC
Lead Partner
Integrated Security
Craig is sought after for his whole of security approach to protective security. With an extensive career in military and law enforcement security, he is internationally qualified and recognised for his service. Having been the Security Manager for a key national security agency he brings a deep understanding of security threats and risks to his clients.
As Lead Partner Integrated Security, Craig leads multi-disciplinary teams in the delivery of security risk management services to clients in government and industry. Experienced in a range of security compliance frameworks he is able to assist clients in meeting security obligations, and uplift their security across the cyber, personnel, and physical policy security domains ensuring organisations and their stakeholders are better protected.