Cyber Security Policy and Framework Development
From one of the first organisations in Australia to achieve ISO 27001:2022
We have a team of cyber security specialists, a mixture of strategists, auditors, engineers, privacy experts etc, who can lead the development of your cyber security policies and frameworks, provide compliance guidance, and generally uplift your security.
The MyEmpire Group difference
"We’re big enough to support all manner of businesses, from ma and pa’s to enterprise, but small enough to still obsess over detail."
We don’t obsess over detail to the point of paralysis, but we do take great pride in delivering exceptional work. And it’s not just because we get a thrill receiving elated client feedback, although that’s something we all share in common. Primarily it’s because we genuinely care about building cyber security systems that protect businesses. That means really learning your business and your people so we can develop a cyber security strategy suited to you, not a close-enough template pulled from a file. That’s what makes us different; we only feel satisfied when we know a job’s been done right.
Our People
Our cyber security specialists are a mixture of seasoned veterans, many with 30+ years’ experience in IT, management and security. We also have young faces on the team, our rising stars–those whose talents we recognised early and chose to invest in.
Beyond being experts in their fields, our people share a few things in common, a result of how we hire. Prior to any skills being tested in an interview, we look for personable people. Authentic, honest people who are passionate about their field and good communicators. In other words, we look for people who light up when they talk about their line of work. People whose passion is contagious. Only candidates who meet this criteria are taken through the typical interview steps where we probe skills and work history.
Leadership Team
Alex Woerndle
HEAD OF OPERATIONS
(CO-FOUNDER & DIRECTOR)
Alex is an experienced director, IT consultant and infosec professional. He provides security management and leadership to a range of organisations from start-ups through to governments and ASX50 listed enterprises. He has also served over 10 years in voluntary roles as a Non-Executive Director of the Australian Information Security Association,.au Domain Administration Ltd and the Australian Conservation Foundation’s Finance, Audit and Risk Committee.
Carl Woerndle
HEAD OF SALES AND MARKETING
(CO-FOUNDER & DIRECTOR)
Carl has more than three decades’ experience in IT, security and business leadership. Prior to MyEmpire Group, he and Alex built DistributeIT which held approx. 10% market share of .com.au domains. As well as a business owner and manager, Carl has worked as a Cyber Security Advisor consultant for Deloitte. He is a regular keynote speaker on cyber security.
Chris Self
HEAD OF SERVICE DELIVERY
Chris is a highly experienced information security principal. He has worked as a senior cyber security consultant for KPMG, CQR Consulting (now part of CyberCX) and Deloitte. Prior to starting with MyEmpire Group, he was the Information Security Manager at Adelaide Airport where he led a full rebuild of the airport’s cyber security processes and infrastructure. Chris holds a master’s in information systems security and a number of information security certifications, including CISSP and CRISC.
Talk to a Cyber Security Specialist
Policy Development
A cyber security policy outlines in detail all of the controls, systems and guidelines put in place by your organisation to protect your technology and information assets from cyber threats. The policy also outlines the roles and responsibilities of team members to help them better understand what they need to do to mitigate risks. As well as protection against cyber threats, a cyber security policy helps ensure you remain compliant with regulators.
A cyber secuirty policy typically covers the following areas:
- Password requirements
- Email security measures
- Processes and controls for storing and handling sensitive data
- Protocols for using technology
- Standards for social media and internet access
- Incident response preparation etc.
Framework Development
There are many types of cyber security frameworks, including a custom framework developed uniquely for your organisation. That said, typically a cyber security framework refers to an existing set of guidance controls and/or principles, such as ISO 27001, Essential 8 or the NIST framework.
We can build you a cyber security framework from scratch, help with assessing and improving a current framework, or even guide you through the process to achieve compliance or certification. As a business who has completed and upholds many cyber security frameworks ourselves, including ISO 27001, Cyber Essentials, and IASME Cyber Assurance, we’re very familiar with the process of assessing and improving policies and processes to meet framework compliance.
We’ve helped many organisations achieve certification and compliance in ISO 27001, Essential 8, the Australian Security of Critical Infrastructure Act 2018 (SOCI Act), NIST, APRA CPS 234, and more.