Get expert guidance completing Cyber Essentials

We provide UK organisations with leadership and guidance completing Cyber Essentials. We make assessment, and implementing your cyber plan, straightforward and stress-free.

ISO 27001 Certification
cyber essentials certification
IASME cyber assurance certification
Get expert guidance completing Cyber Essentials Penetration Testing

The MyEmpire Group difference

"We’re big enough to support all manner of businesses, from ma and pa’s to enterprise, but small enough to still obsess over detail."

We don’t obsess over detail to the point of paralysis, but we do take great pride in delivering exceptional work. And it’s not just because we get a thrill receiving elated client feedback, although that’s something we all share in common. Primarily it’s because we genuinely care about building cyber security systems that protect businesses. That means really learning your business and your people so we can develop a cyber security strategy suited to you, not a close-enough template pulled from a file. That’s what makes us different; we only feel satisfied when we know a job’s been done right. 

"The biggest benefit to working with MyEmpire Group is having access to cyber expertise on an as-needed basis. We're able to access skills and knowledge across a broad range of [cyber security] areas, and without having to hire in-house."
Jenelle Schultz
Chief Operating Officer, Business Fitness
"The MyEmpire Group team’s technical understanding of Essential 8 and ability to cut through all the techno-speak and explain things to us in layman's terms made the process so much more streamlined."
Lisa Saunders
Group Executive – Governance Risk & Compliance, REI Superannuation
MyEmpire Group have been outstanding in helping us prepare for and obtain our ISO 27001 certification. Their personalised and considered approach to truly understanding our business needs really sets them apart.
Peter Bell - Co-Founder, Techno Global Team
Peter Bell
Co-Founder, Techno Global Team

Our People

Our cyber security specialists are a mixture of seasoned veterans, many with 30+ years’ experience in IT, management and security. We also have young faces on the team, our rising stars–those whose talents we recognised early and chose to invest in. 

Beyond being experts in their fields, our people share a few things in common, a result of how we hire. Prior to any skills being tested in an interview, we look for personable people. Authentic, honest people who are passionate about their field and good communicators. In other words, we look for people who light up when they talk about their line of work. People whose passion is contagious. Only candidates who meet this criteria are taken through the typical interview steps where we probe skills and work history.

ISO 27001

Leadership Team

Alex Woerndle, MyEmpire Group

Alex Woerndle

HEAD OF OPERATIONS
(CO-FOUNDER & DIRECTOR)

Alex is an experienced director, IT consultant and infosec professional. He provides security management and leadership to a range of organisations from start-ups through to governments and ASX50 listed enterprises. He has also served over 10 years in voluntary roles as a Non-Executive Director of the Australian Information Security Association,.au Domain Administration Ltd and the Australian Conservation Foundation’s Finance, Audit and Risk Committee.

Carl Woerndle

HEAD OF SALES AND MARKETING
(CO-FOUNDER & DIRECTOR)

Carl has more than three decades’ experience in IT, security and business leadership. Prior to MyEmpire Group, he and Alex built DistributeIT which held approx. 10% market share of .com.au domains. As well as a business owner and manager, Carl has worked as a Cyber Security Advisor consultant for Deloitte. He is a regular keynote speaker on cyber security.

Chris Self

HEAD OF SERVICE DELIVERY

Chris is a highly experienced information security principal. He has worked as a senior cyber security consultant for KPMG, CQR Consulting (now part of CyberCX) and Deloitte. Prior to starting with MyEmpire Group, he was the Information Security Manager at Adelaide Airport where he led a full rebuild of the airport’s cyber security processes and infrastructure. Chris holds a master’s in information systems security and a number of information security certifications, including CISSP and CRISC.

Cyber Essentials helps protect UK organisations against the most common cyber threats.

The UK National Cyber Security Centre (NCSC) designed Cyber Essentials to protect organisations against some of the most common cyber threats. Organisations can certify to Cyber Essentials—a self-assessment questionnaire assessed by approved Certification Bodies.

Our Cyber Security Specialists can help with assessment preparation, managing the certification process through to successful completion, and even implementing the requirements for Cyber Essentials.

Improve your organisation’s cyber security

The goal of Cyber Essentials is to give UK organisations a clear path to improve cyber security. Implementing the technical controls within the framework ensures businesses have the fundamentals in place, making it easy for them to build a solid defence against the most common cyber threats.

Get expert guidance completing Cyber Essentials Penetration Testing
vCISO

Increase your business opportunities

As well as actually improving your cyber risk posture, Cyber Essentials demonstrates this fact to other businesses, consumers and regulators, which can lead to new business opportunities. For instance, in 2014 the UK government made Cyber Essentials mandatory to all organisations wishing to engage in central government contracts.

Ideal for small businesses

Cyber Essentials is suitable for any sized organisation, but is particularly valuable to small to medium sized businesses looking to achieve a base level of cyber security. The framework allows organisations who don’t have the budget, size or need for a certification as comprehensive as ISO 27001 or SOC2 to level up their cyber security and evade the most common cyber attacks.

vCISO

Levels to fit any organisation

All 5 Cyber Essentials controls are designed to enable multiple ways to achieve the same outcome. This makes the framework accessible to businesses of all sizes. i.e. It allows you to customise your cyber security strategy to your business size and technology complexity. A small organisation will likely have a smaller, less complex cyber security plan than a large organisation.

Let us help you uplift your cyber security to align to the Cyber Essentials framework.

The 5 controls of Cyber Essentials... the bases we help you improve:

1. Firewalls

Put controls in place so only necessary network services can be accessed over the internet. We’ll also make sure inbound and outbound traffic is secured and monitored. 

2. Secure Configuration

Configure all computers and network devices to reduce vulnerabilities and ensure they are set up to only provide services necessary to the business. It also involves making sure things like inbuilt prepackaged software is removed when no longer needed, ensuring all updates are installed, ensuring there aren’t open ports that may lead to common attacks etc.

3. Security Update Management

Make sure all devices and software are protected from known vulnerabilities. So, installing patches on all operating systems and software packages. 

4. User Access Control

Ensure only authorised users have access to the systems within your organisation. So, making sure users are only given access to networks when they’ve been approved. It also involves ensuring users only have access to the information they need to complete their work. For instance, staff who aren’t part of the finance team don’t need access to financial systems, general staff members don’t need access to IT services etc. 

5. Malware Protection

Put controls in place to restrict the execution of malware or untrusted software on a network. So, making sure your business has up-to-date antivirus software running on all your machines which does live scanning and blocks the execution of any potentially malicious files. Also, scanning web pages to prevent staff from clicking on potentially malicious website links posted in emails etc.