With a focus over the last 18 months on supporting clients with executive cyber advice in Melbourne and Brisbane, we have successfully gained a new director. Rahn Wakeley, an industry veteran of nearly 30 years brings with him a wealth of creative passion and skills.
The new appointment accelerates our plans to expand our footprint into Sydney as well as unique skills and insights into Cyber security strategy, management and operations from Wakeley’s direct experience as a CISO.
Our combined skills and experience will now be directed to assisting clients in tackling cybersecurity challenges in 3 primary focus areas:
Gaining precision and confidence in cyber security investment
We believe that investments in Cyber (including Technology Risk, Privacy and Compliance) at its current levels are, in many cases, unsustainable and misaligned with genuine business needs. Cyber investments must be measurably aligned with reductions in risk or business benefits.
Increasing human-centred cyber resilience
There is a common saying in the industry that humans are your weakest link. We think that this can be flipped around to make people and culture your strongest asset. This requires a shift in thinking to move away from point solutions such as isolated board education, simple developer training and phishing exercises to a whole of business awareness that starts from the top and is driven by measurable metrics.
Addressing supply chain risks sustainably
2022 showed that there is a very real sting associated with supply chain risks. Large scale breaches in Australia and New Zealand highlighted the significant impact to society that arises from the intersection of collecting too much data, keeping it for too long and questionable governance combined with technical control failures.
There is a lot of discussion about uplifting maturity in these areas with suggestions ranging from legislation, greater Board-level accountability, increased funding and many others.
What has not really been addressed is the fact that incidents will continue even with all of the suggested improvements.
We think that there is a significant opportunity to optimise how companies demonstrate their technology, risk and compliance practices to each other as well as to customers and regulators in a simpler and more cost and time-effective way.