How We Work:

Have your own cyber security outcomes in mind? Or need help defining outcomes and making a plan? We can help.

Here's our typical consultation process...

(1) We talk to you to learn the cyber security outcomes you want to see in your organisation.

(2) We tie activities, time-frames and hours with our Cyber Specialists to these outcomes.

(3) We provide a cyber security plan/roadmap with fixed monthly hours (which our Cyber Specialists will use to execute the plan).

Engagements run month-to-month, quarterly, and longer, depending on your requirements.

Let's chat...

This consult is commitment free. Talk to one of our Cyber Specialists and ask any burning questions you have.

"The biggest benefit to working with MyEmpire Group is having access to cyber expertise on an as-needed basis. We're able to access skills and knowledge across a broad range of [cyber security] areas, and without having to hire in-house."

Jenelle Schultz

Chief Operating Officer, Business Fitness

Our 5-Steps to an Effective Cyber Security Program

When we start work with an organisation, we’ll typically follow the same 5 steps–Plan, Align, Implement, Operate, and Assure. It’s our key to cyber security fortification for any size business.

1. Plan

Gap Assessments
Health Assessments
Risk Assessments
Strategy and Roadmaps

At the beginning, we take time to understand your organisation’s environment as a whole. Not just your cyber risk landscape, but your general business risk landscape. This means really getting to know your business’s people, processes, goals etc. We’ll ask questions like: Does your organisation have a risk management framework? Do you need us to build one? Do you understand what the important elements of your business are? Do you have a process for managing risk and controls day to day? etc.

Once we have a strong understanding of your business in general and the risks attached, we start to get more specific about cyber security. We’ll look at your risks, assets and controls through a cyber lens with a focus on protecting the confidentiality, integrity and availability of these assets.

From here, we can apply a risk methodology across your business, paving the way for cyber security roadmaps.

2. Align

Once we understand your business’ risk landscape, we look to align practices and controls to an industry framework or standard that benefits your organisation. A formal, documented, and practiced approach to information security is a good baseline for improving your cyber security. It’s a methodical way to go through your business step-by-step and put a structure in place to improve your security online.

We can also look for a certification or compliance pathway to align your cyber security uplift to. Alignment with industry certifications has the added benefit of proving to other organisations, third parties, consumers etc, you’ve deeply considered your cyber security risks and have put a plan in place to mitigate risk. Certifications often open up new partnerships, contracts, markets etc, because they offer proof that you’ve taken steps to mitigate your cyber risk.

3. Implement

Application Control
SASE
GRC tools

Once we have a framework or tailored roadmap to follow, we begin supporting the delivery of the framework requirements. This can be as simple as prioritising initiatives from the roadmap, or as complex as setting up a governance framework which steers everything, including all the tools and parties involved in developing your cyber security infrastructure.

We can provide licensing, implementation and management support for technical solutions for Application Control, SASE, and GRC tools.

We’ll then get to work doing all the related documentation. This can be as simple as providing you with tailored templates you can build upon, or we can go as far as running detailed workshops focused on really teasing out specific requirements.

4. Operate

Our team can be high touch or low touch when it comes to operations—it depends how much support your organisation needs. We provide leadership, strategy, guidance, and oversight, backed by a team of Cyber Security Specialists. The big benefit to you is the breadth and depth of cyber security capabilities you have access to when you partner with us. Instead of leaning on one or two in-house jack-of-all-trade cyber security experts, you have access to an entire team of niche cyber security experts for all the different pieces, e.g., strategy, GRC, privacy, auditing, technical security etc.

Once your cyber security practices begin to be put in place, we can conduct regular testing of your ability to respond to cyber security and data breach incidents and create playbooks for safely navigating common scenarios. We can also help with transferring knowledge across your business, training your people directly or train-the-trainer style. We can even chair your meetings for the cyber security sections and take the minutes. It depends on the needs of your organisation.

5. Assure

Audits
Vulnerability testing
Penetration testing

To help organisations level up their cyber security as their business scales, we can provide ongoing support and leadership. This runs the full gamut from helping your organisation measure and maintain your cyber security systems to being involved in vendor conversations, threat monitoring, delivering components of audits, presenting at committees, even being involved in more general conversations about business risk, beyond cyber risk.

We have the breadth of skills and bandwidth to support you with whatever specific cyber security needs arise within your organisation. So, if your business suddenly scales and needs additional cyber security support, we can scale our support with you. And because we have niche Cyber Security Specialists in all the related fields (strategy, privacy, engineering, auditing etc), we can provide guidance no matter where your organisation finds itself.

How We Work