Cyber Security Services

3na provide a variety of cyber security services tailored to suit the individual needs of each organisation we work with.

Cyber Security Health Checks

3na provide holistic Cyber Security Health Checks using the NIST Cyber Security Framework. Our Cyber Security Health Checks are designed as a faster, high level alternative to detailed cyber security audits, and provide a means to quickly identify problem areas in the cyber security posture of your organisation, system or busines process.

Areas assessed include:

  • Cyber security awareness, including risks, assets, and interdependencies
  • Existence of policy, procedural and technical security controls
  • Ability to detect an incident
  • Ability to respond to, and recover from, an incident

Cyber Risk Assessment

3na provide Cyber Risk Assessments in accordance with AS/NZS ISO 31000 – Risk Management. Using our purpose-built tool, we capture, assess and report cyber security risks and can provide a platform for ongoing risk management activities.

On completion of a Cyber Risk Assessment 3na deliver a report containing:

  • A risk register identifying and rating cyber risks
  • A control register identifying which risk(s) each control mitigates
  • Recommendations for addressing risks assessed as unacceptably high
  • Optional access to our platform for ongoing risk management

Cyber Security Audit

3na provide independent audits and advisory services to support your organisation working toward compliance with industry recognised cyber security frameworks, including:

  • The National Institute of Standards and Technology Cyber Security Framework (NIST CSF)
  • The Australian Signals Directorate Essential Eight
  • The Australian Government Information Security Manual (ISM)
  • ISO/IEC 27001 Information Security Management

 

We use a purpose-built tool for cyber security assessments, which can be used as a platform for ongoing monitoring, reporting and management of remediation and compliance activities.

On completion of an audit 3na deliver a reporting containing:

  • Summary of status against cyber security framework
  • Analysis against key areas of chosen framework
  • Key areas requiring attention
  • High level roadmap for addressing problem areas

Cyber Security Strategy and Roadmap

3na works with organisations to develop tailored and effective cyber security strategies and roadmaps.

When developing a cyber security strategy, we consider factors including:

  • Business drivers
  • Risk appetite
  • Key assets
  • Security awareness
  • Regulatory and legislative requirements

 

When developing a cyber security roadmap, we take a holistic and incremental approach with considerations including:

  • Roles and responsibilities
  • Budget
  • Metrics and KPIs
  • Existing skills and capabilities
  • Existing business processes and frameworks (e.g. ITIL, ISO 9001)
  • Existing tools and technologies
  • Supply chain
  • Vendor relationships