This community-centered NFP based in regional Victoria sought assistance from Dog and Bone to conduct a high-level review of their current security position, processes and practices. Using the six key cyber security management functions – Govern, Identify, Protect, Detect, Respond and Recover, along with a number of industry security frameworks, Dog and Bone identified opportunities for the client to improvement their security posture.
The client
This organisation is dedicated to prioritising the safety and well-being of individuals facing challenges such as family violence and homelessness in a regional setting. Through outreach services and recovery programs, they offer support to those in need within the community.
Background
The client recognised the critical importance of safeguarding highly confidential client data within their systems. Faced with concerns regarding potential security vulnerabilities and compliance with information security legislation, regulations, and contractual obligations, they enlisted the expertise of Dog and Bone. Tasked with reviewing their current security position, Dog and Bone provided comprehensive recommendations to strengthen their security capability and mitigate risks effectively.
Goals and objectives
The primary goal of the project was to assess and appraise the client's security posture, identify necessary uplifts, and ensure that their security measures align with industry standards and regulatory requirements. Dog and Bone’s broad review included an assessment of their IT security posture and identification of required uplifts, along with a set of recommendations aimed at enhancing IT security capability and mitigating associated risks. Additionally, the evaluation determined if the current level of security protection is adequate to meet their IT security obligations, while also providing valuable input into the development of the clients' broader IT strategy.
Our approach
Dog and Bone conducted a broad assessment of the client's policies, practices, current systems, devices, and Office 365 environment. The assessment results were analysed against established cyber resilience and business standards, including the Essential Eight Maturity Model, Victorian Protective Data Security Framework (VPDSF), and Microsoft Secure Score. Dog and Bone provided a detailed report identifying potential risks and offering recommendations aligned with the security management functions: Govern, Identify, Protect, Detect, Respond, and Recover.
Key deliverables
· Analysis of the assessment against cyber security standards and practices.
· A summary report presenting findings and recommendations for approval
· Comprehensive report identifying potential risks and recommendations for improving the security position and reducing risk
Outcome
The primary outcome of the security review was the client’s ability to mitigate their risks by following a series of recommendations targeting the assessment findings. Dog and Bone's report(s) provided actionable recommendations aimed at enhancing the client's security position to be more closely aligned with industry best practices. Following this successful engagement the partnership between the client was broadened to include strategic advisory services. This has allowed for additional guidance and prioritisation as recommendations are implemented
Get in touch
We'd love to chat with you on how we can help through technology and telecommunications strategy, procurement and management.
Comments