CYBER SECURITY RISK ASSESSMENTS
Cyber security risk assessments for defence-level governance and compliance capabilities
READYING YOUR SITE
Cogito Group’s expert consultants can guide you through the risk decision-making policy, and develop frameworks to align your organisation with global defence standards of risk mitigation strategies. We can assess your current and potential cyber risks, and recommend and develop controls, and behavioural and organisational changes to improve logical and physical security, alongside security awareness culture.
Cogito Group can provide assistance, training, software, and hardware solutions to help align your organisation with international security standards required for defence level security, physical and logical access, documentation, and accreditation. If you are looking to secure your organisation to the standard of ISO 27001, NIST 800-171, or 05-138, Cogito can provide a pre-assessment of your physical and logical security.
Cogito can provide pre-certification assessments, recommendations, and deliver security improvements to organisations looking for a higher level of security. This allows organisations to improve compliance with international standards for information security protection.
Maturity of Current Cyber-Security Practices
Cogito have secured information technology services for the Australian Defence Force and operate as members of DISP. Cogito can assess your current security standards against federal maturity levels of cyber security, and against emerging threats within the cyber security landscape and create a risk assessment treatment plan.
Physical and Logical Access
Cogito Group are expert systems integrators and have specialist knowledge of the convergence of physical and logical access systems, this experience can be used to design both logical and physical systems to improve governance and compliance.
Our consultants have the skills and experience to train your staff to recognise both physical and logical risks and mitigate accordingly through reporting, behavioural changes, or organisational culture transformation.
Cogito offers consultancy services for the development of policy and trusted frameworks within both physical and logical access systems.
We provide expert staff with demonstrable experience in developing improved security posture within both physical and logical access areas.
Cogito works with best-of-breed hardware providers to ensure both the hardware and software employed in your systems is first in risk mitigation technology.
THE CYBER SECURITY RISK LANDSCAPE
As the cyber security threat landscape continues to evolve, physical and logical security posture must be kept consistent throughout the technological ecosystem. Cogito Group are experts in cyber security and system integration, including the integration of PACs and LACs. With this expertise we can assess your current logical and physical systems and provide advice and assistance to help you meet DISP or other pre-certification standards.
With Cogito’s assistance your organisation can ensure it meets cyber security requirements, throughout your entire supply chain, including resource and staff management.
RISK MANAGEMENT DECISION-MAKING
Cogito’s experience in risk mitigation strategy allows us to assess your organisations risk management strategies and advise the most current security advice in accordance with international federal standards. Cogito Group can show you how to understand the risks your organisation faces and make informed decisions in mitigating these.
PHYSICAL ACCESS CONTROL
Physical access technologies are no longer restricted to one building, state, or nation. As our organisations communicate and integrate we require cross-organisational, interbuilding, physical access solutions. In the wake of internal threats we require a convergence of physical and logical security to assess behavioural data and fortify authentication and access control. Cogito Group consultants have a breadth of experience in producing highly secure physical access security and integration across organisations.
LOGICAL ACCESS CONTROL
Cogito are experts in the convergence of PACs and LACs. Our software products combine with physical access authentication to allow protection against logical access and ensure user identities have been fully established. This provides organisations with additional layers of security. We are experts in every aspect of PKI, encryption and IdM. We are able to offer specialised advice regarding security concerns and integrations.
INTERNATIONAL STANDARDS REQUIRED BY DEFENCE PROVIDERS
ISO 27001 is the international standard for Information Security Management Systems. ISO 27001 is assessed against the criteria of confidentiality, integrity, and availability.
NIST 800-171 is the United States national standard for protecting controlled unclassified information in non-federal systems and organisations.
UK DEFENCE STANDARD 05-138
The UK Defence Standard 05-138 is the national standard for defence providers. The standard refers to five risk profiles based on a cyber security risk assessment developed by the Ministry of Defence.
Cogito’s offering includes strategies to help your organisation meet and implement the Australian Signals Directorate Essential 8. For organisations interested in defence-like strategy, the top four priorities are:
Application Whitelisting should be implemented to ensure all software, devices and services, are only allowing approved application access.
When vendors identify and notify customers of security vulnerabilities, subsequent applications must be patched or updated within one month of the vulnerability being identified.
Patching Operating Vulnerabilities
In the case of Operating Systems with security vulnerabilities these must be patched, updated, or replaced with supported versions.
Restricting Admin Privileges
Cogito can offer expertise and consultancy in best practices for limiting policy security controls and obtaining further visibility over staff and administrative accounts.
CYBER SECURITY RESOURCES
Cogito offers the following cyber security resources for the purposes of improving governance and compliance:
OTP and Certificate Based Authentication
Embedded Linux Support
Protection Against Bots and Ransomware
Physical and Logical Access Control
Endpoint Protection Reporting
Firewall Reporting and Monitoring
Switching Monitoring Through Network Discovery
Configuration Management Database Capability
Consultancy and Training
GP reporting for Baseline
Get in Touch!
AU: +61 2 6140 4494
NZ: +64 4909 7580
Auckland | Brisbane | Canberra
London | Melbourne | Sydney
Wellington | Washington DC