Get a Cyber Security Gap Assessment
From one of the first organisations in Australia to achieve ISO 27001:2022
Our cyber security specialists can benchmark your organisation’s cyber security to your preferred framework. We’ll identify gaps in your defence and provide recommendations how to plug these gaps.
The MyEmpire Group difference
"We’re big enough to support all manner of businesses, from ma and pa’s to enterprise, but small enough to still obsess over detail."
We don’t obsess over detail to the point of paralysis, but we do take great pride in delivering exceptional work. And it’s not just because we get a thrill receiving elated client feedback, although that’s something we all share in common. Primarily it’s because we genuinely care about building cyber security systems that protect businesses. That means really learning your business and your people so we can develop a cyber security strategy suited to you, not a close-enough template pulled from a file. That’s what makes us different; we only feel satisfied when we know a job’s been done right.
Our People
Our cyber security specialists are a mixture of seasoned veterans, many with 30+ years’ experience in IT, management and security. We also have young faces on the team, our rising stars–those whose talents we recognised early and chose to invest in.
Beyond being experts in their fields, our people share a few things in common, a result of how we hire. Prior to any skills being tested in an interview, we look for personable people. Authentic, honest people who are passionate about their field and good communicators. In other words, we look for people who light up when they talk about their line of work. People whose passion is contagious. Only candidates who meet this criteria are taken through the typical interview steps where we probe skills and work history.
Leadership Team
Alex Woerndle
HEAD OF OPERATIONS
(CO-FOUNDER & DIRECTOR)
Alex is an experienced director, IT consultant and infosec professional. He provides security management and leadership to a range of organisations from start-ups through to governments and ASX50 listed enterprises. He has also served over 10 years in voluntary roles as a Non-Executive Director of the Australian Information Security Association,.au Domain Administration Ltd and the Australian Conservation Foundation’s Finance, Audit and Risk Committee.
Carl Woerndle
HEAD OF SALES AND MARKETING
(CO-FOUNDER & DIRECTOR)
Carl has more than three decades’ experience in IT, security and business leadership. Prior to MyEmpire Group, he and Alex built DistributeIT which held approx. 10% market share of .com.au domains. As well as a business owner and manager, Carl has worked as a Cyber Security Advisor consultant for Deloitte. He is a regular keynote speaker on cyber security.
Chris Self
HEAD OF SERVICE DELIVERY
Chris is a highly experienced information security principal. He has worked as a senior cyber security consultant for KPMG, CQR Consulting (now part of CyberCX) and Deloitte. Prior to starting with MyEmpire Group, he was the Information Security Manager at Adelaide Airport where he led a full rebuild of the airport’s cyber security processes and infrastructure. Chris holds a master’s in information systems security and a number of information security certifications, including CISSP and CRISC.
Let our Cyber Security Specialists help
We provide Gap Assessments against the following cyber security frameworks:
A cyber security Gap Assessment involves evaluating your organisation to assess whether the needed controls are in place and being implemented to align to your chosen standard.
A Gap Assessment can support your organisation in achieving compliance to any of the cyber security frameworks listed above.
As well as helping your organisation to meet a standard, which can open up new business opportunities, comparing your organisation’s current cyber security position to best practice industry standards gives you valuable insights on weaknesses or gaps in your defence. It allows you to clearly see how good your cyber security measures are and what additional measures are needed to fill these security gaps.
A Gap Assessment to a specific cyber security framework also gives you an understanding of the work and timeframes involved to comply or align to standards.
How we perform a typical Gap Assessment
1. Identify the relevant cyber security framework
First we’ll get to understand which cyber security framework you want to align your organisation to. For instance, ISO 27001, NIST, Essential 8 etc.
2. Critical assets, people and processes
Next, we’ll understand your critical assets to gain context on the business and the security controls implemented. This involves talking to the key people responsible for cyber security, but also often management, HR, procurement etc. We’ll also analyse your current systems, documentation and security policies.
3. Gap Assessment
The next stage we’ll conduct the Gap Assessment itself where our cyber security specialists do a deep dive review to see how you measure up to the certification/framework you’ve chosen to align to.
4. Reporting and Roadmap
We consolidate the findings of this review in a formal report. The report includes recommendations on security controls, processes and the people required to improve your cyber security. We’ll also provide a roadmap that provides an indication of timeframes, priorities and where focus and investment need to be made in order to fill these gaps.
What is the difference between a Risk Assessment and Gap Assessment?
A Risk Assessment in cyber security aims to highlight areas where your organisation is most vulnerable to cyber attacks. This includes threats to your operations, information systems or data. The assessment helps organisations identify security risks, the likelihood of these risks occurring, and the impact of these risks if they were to occur.
A Gap Assessment focuses on finding gaps in alignment to a specific cyber security framework. It involves choosing a cyber security framework and assessing whether the needed controls are in place and being utilised to meet the requirements of this framework.