Cyber Security Policies.
Made Simple.
We learn how your business operates, then build cyber security policies that match your size, sector, and risk profile. Aligned to the Essential Eight, ready to adopt at your own pace.
Trusted by Australian SMBs across financial services, professional services, and healthcare.
Most Small Businesses Don't Have
Cyber Security Policies
The Australian Signals Directorate's Essential Eight is the baseline framework for cyber security in Australia. But most SMBs don't have the policies to match — and don't know where to begin.
mitigation strategies recommended by ASD
maturity levels to scale to your business
jargon in our process
Cyber Insurance Requires It
Insurers increasingly want evidence of cyber security policies and controls before they'll provide coverage — or at renewal time.
Supply Chain Due Diligence
Your clients and partners are asking about your cyber posture. Without policies to point to, you risk losing business or failing vendor assessments.
Don't Know Where to Start
The Essential Eight has 8 strategies across 4 maturity levels. Translating that into practical, adoptable policies for your business isn't straightforward.
What We Do
We create the policies. You adopt them. We help you get started.
Cyber Security Policy Creation
We assess where you are today against the Essential Eight, then build policies that match your size, risk profile, and maturity — not someone else's. You adopt them, and work towards implementation on your own timeline.
- E8 maturity assessment
- Custom policy suite
- Tailored to your business context
Governance Kickstart
We don't just hand over documents. We set you up with a practical governance structure so you can manage your own cyber security journey — self-paced, with clear next steps.
- Implementation roadmap
- Maturity target sized to your business
- Ongoing support available
How It Works
We make it simple. That's the whole point.
Assess
We evaluate where you sit against the Essential Eight, and work with you to set a maturity target that matches where you are and where you need to be — not an arbitrary benchmark.
Create
We build tailored cyber security policies aligned to E8 controls — not generic templates. These are yours to adopt and adapt to your business.
Launch
We hand over your policies with a clear implementation roadmap. You work towards compliance at your own pace — and we're here if you need support along the way.
Your Governance Journey
A structured path from assessment to ongoing compliance — designed to work at your pace.
Understand Where You Are
We assess your current cyber posture and learn how your business operates.
Set the Right Goal
Together we set a maturity target that fits your business — not an arbitrary benchmark.
Build Your Governance
We create tailored policies, plans, and frameworks aligned to the Essential Eight.
Make It Official
Your leadership signs off and your team knows what's expected of them.
Put It Into Practice
You work through a prioritised roadmap at your own pace — we're here if you need us.
Stay on Track
Scheduled reviews, reassessments, and ongoing governance keep you current and covered.
CYBER SECURITY
GOVERNANCE
Understand Where You Are
We assess your current cyber posture and learn how your business operates.
Set the Right Goal
Together we set a maturity target that fits your business — not an arbitrary benchmark.
Build Your Governance
We create tailored policies, plans, and frameworks aligned to the Essential Eight.
Make It Official
Your leadership signs off and your team knows what's expected of them.
Put It Into Practice
You work through a prioritised roadmap at your own pace — we're here if you need us.
Stay on Track
Scheduled reviews, reassessments, and ongoing governance keep you current and covered.
Additional Services
Specialist services to strengthen your overall cyber security posture.
Board Level Cyber Workshop
Empower your board members with a clear understanding of the cyber threat landscape and its implications for your organisation.
VIP Dark Web Reconnaissance
VIP email and domain monitoring across dark web sources to safeguard against potential threats and credential exposures.
Penetration Testing
Comprehensive penetration testing for SaaS applications and networks, ensuring robust protection against vulnerabilities.
Are You a Director?
Under S180 of the Corporations Act, directors face personal liability for cyber governance failures. "I trusted IT" is not a legal defence — you need documented evidence of care and diligence.
Maximum civil penalty per breach
Care & diligence duty applies to cyber
ASIC named cyber as enforcement priority
Our Team
Deep experience across financial services, governance, legal, and IT — the disciplines that matter when cyber security meets business reality.
Victor Hong
Co-Founder & Director
Over 25 years experience managing IT infrastructure for financial services companies across Australia.
George Lucas
Director
Over 30 years experience across financial services. Co-founder of Instreet Investments and ex-CEO of Raiz Invest (ASX-listed fintech company).
Oliver Nighjoy
Co-Founder & Director
Over 25 years experience in financial services. CFO at Gigacomm and ex-Managing Director at Macquarie Bank.
Start With a Free Assessment
Whether it's cyber insurance requirements, supply chain due diligence, or simply wanting to get your house in order — book a free 15-minute chat to understand where you stand and what's involved. No jargon, no pressure.
Serving Australian businesses nationally. Based in Sydney.