Cyber Security Services

3na provide holistic Cyber Security Health Checks using the NIST Cyber Security Framework. Our Cyber Security Health Checks are designed as a faster, high level alternative to detailed cyber security audits, and provide a means to quickly identify problem areas in the cyber security posture of your organisation, system or busines process.

Areas assessed include:

• Cyber security awareness, including risks, assets, and interdependencies
• Existence of policy, procedural and technical security controls
• Ability to detect an incident
• Ability to respond to, and recover from, an incident

3na provide Cyber Risk Assessments in accordance with AS/NZS ISO 31000 – Risk Management. Using our purpose-built tool, we capture, assess and report cyber security risks and can provide a platform for ongoing risk management activities.

On completion of a Cyber Risk Assessment 3na deliver a report containing:

• A risk register identifying and rating cyber risks
• A control register identifying which risk(s) each control mitigates
• Recommendations for addressing risks assessed as unacceptably high
• Optional access to our platform for ongoing risk management

3na provide independent audits and advisory services to support your organisation working toward compliance with industry recognised cyber security frameworks, including:

• The National Institute of Standards and Technology Cyber Security Framework (NIST CSF)
• The Australian Signals Directorate Essential Eight
• The Australian Government Information Security Manual (ISM)
• ISO/IEC 27001 Information Security Management

We use a purpose-built tool for cyber security assessments, which can be used as a platform for ongoing monitoring, reporting and management of remediation and compliance activities.

On completion of an audit 3na deliver a reporting containing:

• Summary of status against cyber security framework
• Analysis against key areas of chosen framework
• Key areas requiring attention
• High level roadmap for addressing problem areas

3na works with organisations to develop tailored and effective cyber security strategies and roadmaps.

When developing a cyber security strategy, we consider factors including:

• Business drivers
• Risk appetite
• Key assets
• Security awareness
• Regulatory and legislative requirements

When developing a cyber security roadmap, we take a holistic and incremental approach with considerations including:

• Roles and responsibilities
• Budget
• Metrics and KPIs
• Existing skills and capabilities
• Existing business processes and frameworks (e.g. ITIL, ISO 9001)
• Existing tools and technologies
• Supply chain
• Vendor relationships