CYBERSECURITY FOR GOVERNMENT & COMMERCIAL SECTORS

Arrpwere Cyber

Arrpwere Cyber has a team of security cleared knowledge leaders who have led complex programs across all security classifications in the cybersecurity domain, including:

• Security architecture services
• Threat modelling
• Cyber security assurance assessment against Five-Eyes Frameworks
• Security hardening roadmap
• Cyber awareness and education, including an MBA in Cybersecurity
• Cyberworthiness & assurance
• Research & development

THE ARRPWERE CYBER ASSURANCE LIFECYCLE

The Arrpwere Cyber Security Assessment helps organisations identify their cyber security posture and obtain a tailored cyber resilience strategy, giving them the confidence and capability to deal with increasing risk.

Our comprehensive assessment allows organisations to identify potential gaps and risks in their environment so they can ultimately implement a cost-effective cyber security plan. We are able to provide a customised cyber resilience approach by taking into account an organisation’s unique risk profile and understanding the digital assets at stake.

In developing the framework and methodology for the Arrpwere Cyber Security Assessment, we have combined international information security standards with best practice processes in cyber security, risk management, compliance, governance and people.

The Arrpwere Cyber Security Assessment is offered through Cyber Assurance Platform (CAP), an Arrpwere Cyber flagship system that provides a comprehensive view of an organisation’s cyber maturity, leading to a full Information Security Registered Assessors Program [IRAP] assessment.

NB: The Information Security Registered Assessors Program (IRAP) is an Australian Signals Directorate (ASD) initiative to provide high-quality information and communications technology (ICT) security assessment services to government.

CYBER CASE STUDIES

NETWORK SUPPLY CHAIN ASSESSMENT

Arrpwere’s CEO was engaged to conduct supply chain assessments of Telstra’s and Optus’ core infrastructure. The supply chain assessment included consideration of original equipment manufacturers, location of manufacture, re-seller supply chains, maintenance arrangements, remote access by 3rd parties and carrier inter-supply chain security and testing processes.

THREAT MODELLING

Arrpwere was engaged by a client that traditionally used a compliance-based assessment model. A threat-modelling approach was proposed with focus on integration into current processes. In doing so, we ensured that the cyber security program integrated with waterfall and agile methodology, as well as infrastructure, integration and software development projects.

BUSINESS RISK MANAGEMENT

Arrpwere was engaged to conduct a thorough technical risk assessment of an client’s IT environment to enable risk identification, prioritisation and decision-making for investment in security management. We conducted document reviews, configuration reviews and interviews. Following this, we used threat modelling to identify a set of agency-specific and general feasible threats, and documented risks where the model identified inadequacies in the security controls.

For further information on any of these case studies (and more)

CONTACT ARRPWERE CYBER