Trusting a third party cyber security partner with your organisations most valuable assets – your IT infrastructure – isn’t a decision that should be taken lightly. On top of technical capability, there are lots of considerations you should take into account. We asked our National Capability Manager for Cyber Security what his advice would be for organisations looking to bring on board a partner. 

“My heart dropped when we found the ransom note last May. The attackers wanted $3.6 million in bitcoin within five days. An employee had opened an email on their laptop. And because they were VPN’d into our network, the malware attached to one of our servers and spread from there. The virus had spread to 150 of our 600 servers before we physically disconnected everything.”

Those are the words of Nathan Thompson, CEO of data storage company Spectra Logic, speaking to inc.com on the companies cyber-attack experience. It was following the attack, that Thompson’s organisation hired a cyber security company. The disruption to business was felt for two weeks, with another six weeks spent determining the scale of damage.

Unfortunately, experiences like this aren’t uncommon. In the financial year 2020-21, the ACSC observed a 13% increase in cyber-attacks, with an attack reported every 7.8 minutes on average.

Adam Misiewicz, National Capability Manager for Cyber Security at ASG, says, “In the current digital environment, where we are producing volumes of data, adding new technologies, and supporting remote working, attacks are inevitable.

That peace of mind we all seek in our jobs, is not so easy when you are a leader in an IT department, or of a company, and you’re challenged with a skills gap on top of the ever-changing shapes of cyber threats. I can imagine it’s hard to sleep well at night.”

That’s why many organisations are leaning on the expertise of specialist partners, to both uplift their cyber security capability, and manage it.

The 9 questions you should ask to ensure you select the right cyber security partner

“When choosing a cyber security partner, you are investing in peace of mind. You are leveraging the knowledge of experts who study trends, practice daily, and have the time to analyse your environment, identify your current cyber security maturity level, and plot the required course of actions,” says Misiewicz.

Size, experience, approach, and level of agreements offered, are all factors to consider when analysing the various cyber security providers.

The selected partner needs to integrate well with the company and be aligned to your values. This is essential to how you will work together.

Misiewicz says, “Trust needs to be mutual. Communication needs to flow both ways and regular assessments and tests should be carried out to always check for holes, weaknesses and vulnerabilities in systems, applications and infrastructure, and at an end user level.

As part of your selection process, the following are the main things you should ask when choosing your cyber security partner.

    • What methodologies does the partner follow?
    • What is the structure of the team behind the brand? Certifications and the number of engineers forming part of the team, are usually good, determining indicators.
    • Do they have well-defined procedures and good internal governance?
    • Can they show a proven track record in various sectors, especially yours?
    • Do they have secure facilities within Australia?
    • What is the status of their DISP membership and ACSC partnership?
    • Do they offer SLAs congruent with your requirements (up to 24×7)?
    • What would integration within your team look like?
    • Do they offer end-to-end services should you need assistance on various other projects?

Why choose ASG?

ASG has a proven history of working with Australian government agencies, commercial organisations, and national infrastructure providers, while ensuring their strict security standards and compliance protocols are met at every stage.

Our services cover an organisations end to end needs, from strategy and risk assessments, to managed services. You can download a copy of ASG’s Security Services brochure using the form below.

RELATED INSIGHTS

ESSENTIAL TECHNOLOGIES FOR YOUR ESSENTIAL EIGHT STRATEGIES

To help guide organisations in choosing the right technologies to achieve the appropriate level of Essential Eight maturity, ASG Group have provided a collection of recommended vendor technologies mapped to each of the eight strategies. Under its list of duties, the Australian Cyber Security Centre (ACSC) provides proactive advice and assistance to government, businesses, and […]

Read More

DIGITAL FOR MINING IN A CHANGING WORLD

Digital services in the mining industry were traditionally driven by occupational safety and the need to increase productivity and efficiency. Industry 4.0 has already resulted in the automation of many practices, introducing devices to capture and provide a real time view of operations. This resulted in organisations digitising their operational data and enabling faster machine […]

Read More

DETERMINING CYBER SECURITY SPEND: WHAT’S ENOUGH?

Cybercrime can affect businesses of all sizes in every sector. In our inherently digital world, it is no longer a question of “what if”, but “when?”   Still for many Australian businesses, defences fall short – a survey of 1400 global IT decision makers showed that 76 percent were hurt by their lack of cyber preparedness in […]

Read More