vCISOs for SMEs

Get a [virtual] Cyber Security Specialist dedicated to your business from one of the first organisations in Australia to achieve ISO 27001:2022

Our vCISOs are experienced [virtual] Chief Information Security Officers—Cyber Security Specialists—who provide strategy and guidance to organisations serious about maturing their cyber security. 

ISO 27001 Certification
cyber essentials certification
IASME cyber assurance certification

The MyEmpire Group difference

"We’re big enough to support all manner of businesses, from ma and pa’s to enterprise, but small enough to still obsess over detail."

We don’t obsess over detail to the point of paralysis, but we do take great pride in delivering exceptional work. And it’s not just because we get a thrill receiving elated client feedback, although that’s something we all share in common. Primarily it’s because we genuinely care about building cyber security systems that protect businesses. That means really learning your business and your people so we can develop a cyber security strategy suited to you, not a close-enough template pulled from a file. That’s what makes us different; we only feel satisfied when we know a job’s been done right. 

"The biggest benefit to working with MyEmpire Group is having access to cyber expertise on an as-needed basis. We're able to access skills and knowledge across a broad range of [cyber security] areas, and without having to hire in-house."
Jenelle Schultz
Chief Operating Officer, Business Fitness
"The MyEmpire Group team’s technical understanding of Essential 8 and ability to cut through all the techno-speak and explain things to us in layman's terms made the process so much more streamlined."
Lisa Saunders
Group Executive – Governance Risk & Compliance, REI Superannuation

Our People

Our cyber security specialists are a mixture of seasoned veterans, many with 30+ years’ experience in IT, management and security. We also have young faces on the team, our rising stars–those whose talents we recognised early and chose to invest in. 

Beyond being experts in their fields, our people share a few things in common, a result of how we hire. Prior to any skills being tested in an interview, we look for personable people. Authentic, honest people who are passionate about their field and good communicators. In other words, we look for people who light up when they talk about their line of work. People whose passion is contagious. Only candidates who meet this criteria are taken through the typical interview steps where we probe skills and work history.

ISO 27001

Leadership Team

Alex Woerndle, MyEmpire Group

Alex Woerndle


Alex is an experienced director, IT consultant and infosec professional. He provides security management and leadership to a range of organisations from start-ups through to governments and ASX50 listed enterprises. He has also served over 10 years in voluntary roles as a Non-Executive Director of the Australian Information Security Association,.au Domain Administration Ltd and the Australian Conservation Foundation’s Finance, Audit and Risk Committee.

Carl Woerndle


Carl has more than three decades’ experience in IT, security and business leadership. Prior to MyEmpire Group, he and Alex built DistributeIT which held approx. 10% market share of domains. As well as a business owner and manager, Carl has worked as a Cyber Security Advisor consultant for Deloitte. He is a regular keynote speaker on cyber security.

Chris Self


Chris is a highly experienced information security principal. He has worked as a senior cyber security consultant for KPMG, CQR Consulting (now part of CyberCX) and Deloitte. Prior to starting with MyEmpire Group, he was the Information Security Manager at Adelaide Airport where he led a full rebuild of the airport’s cyber security processes and infrastructure. Chris holds a master’s in information systems security and a number of information security certifications, including CISSP and CRISC.

Talk to a Cyber Security Specialist

Combining their deep understanding of the cyber space with an intimate understanding of your organisation, a vCISO can lead the way in uplifting your security effectively and efficiently. 


Be proactive, not reactive 

A vCISO service plants a strategic, security-minded person in your business whose role is to think several moves ahead when it comes to cyber security. This places your business on the front foot of security, reducing the chances of being caught off guard. 

Strategy tailored to you

Our vCISOs are dedicated to building the most practical security strategy for your business. Through routine engagements our experts become intimately aware of your organisation’s unique operations, systems, people etc., as well as your security weaknesses and gaps. The result is you get a strategy and roadmap tailored to your nuanced ways of working. So not just a strategy that looks good on paper, but something practical—useable for your people. 

Leadership and guidance 

Our vCISOs are well versed in having conversations with managers and business leaders on what to do with their cyber security. So, thinking and presenting at a high-level. They answer questions like where are we with cyber security, where should we be with cyber security, and how do we get where we want to go. Our experts are equipped to present to leaders, even Boards, to keep everyone informed and invested in the direction. 

Ready to mature your cyber security?

Our vCISOs also help with...


Guiding operational security teams

Leading internal security teams through the steps required to mature cyber security.


Cyber decision-making

Understanding risk and supporting decision-making relevant to cyber security. 


Risk assessments

Undertaking organisation and asset risk assessments, and assessments against specific vendors to understand your greatest threats and vulnerabilities. 

Writing security policy

Leading the way in documenting your cyber security policies and integrating these into your business.  

Communicating with vendors and customers

Handling communication with IT providers, vendors and customers related to your business’ cyber security.   

Employee training

Supporting the definition and implementation of programs and systems to train employees, managers, stakeholders etc., on security protocols. This includes running the training sessions.

Board / leadership presentations

Present to Boards, managers, leaders etc., on high-level cyber security and answer any questions from stakeholders on cyber strategy and direction.

Guide security vendor decisions

Guide the selection process for new vendors. This includes understanding the supply chain risk of using specific vendors and overseeing the deployment to reduce cyber risks. 


Guide alignment to your business’ compliance obligations and supporting audit processes. 

Resiliency planning and exercising

Conduct tabletop exercises with Boards, executives and first responders to assess your organisation’s ability to respond to a cyber incident or data breach. The vCISO can then build incident response and business continuity plans to mitigate these risks.

How we work

Talk to a senior vCISO today