Goal Insight© & Cyber Services & Assessments

Detailed Cyber Risk Assessments

The first step in any Cyber Resilience Program is an assessment of your business. The intention is not to initially correct the risks, but to inform the stakeholders so that a prioritised and manageable improvement program can be developed and implemented. This will enable management to make informed choices around investment to mitigate risks.

Cyber risk mitigation options typically include:

  • resolving the problems internally;
  • seeking external speciality support available thru the Goal Group; or
  • adjusting the risk level by other action such as providing training, removing unnecessary data, or other operational changes.

The risk assessment consists of two parts:

  1. the first is to understand the situation and technical risk;
  2. the second is to evaluate the effectiveness of management controls

Goal Group – GuardWare Assessor 24/7 Managed Service: IP and Sensitive Data Monitoring and Reporting Service

Goal-Insight is an end-to-end service offering focused upon 24/7 monitoring and securing your sensitive IP and data.

Our highly skilled cyber security professionals who are Defence Security cleared staff, perform the job of monitoring how your data is being used, moved, and assessed and alert you in case they see any risk to data.

Goal-Insight monitors for the following potential risks:

  1. Trusted Insider risks
  2. ITAR violations
  3. Risky handling of sensitive data including Defence labelled information and company’s IP
  4. Potential compliance risk related to DISP, ITAR, Export Controls, ISO/IEC 27001 and others.

The managed service is powered by GuardWare INSIGHT. A solution used by over a million users worldwide including several Defence SMEs. Goal’s Security experts review the alerts and reports generated from the system and will then contact you with periodic or immediate alerts based upon agreed criteria.

The service reduces the administrative burden on Primes and SMEs while retaining the benefits of 24/7 data activity monitoring.

Goal Group accomplishes GuardWare Assessor Services through the cloud delivery model. GuardWare INSIGHT monitoring software is hosted on defence Protected level cleared AWS Sydney data centre.  The application monitors any device that has a network connection.

The flow diagram illustrates the IP Owner’s distributed data being circulated and monitored 24/7 with reporting coordinated back to the owner as a valued alerting service with minimal burden and overhead.

Assessment Focus Areas:

  • Situational risk – this is an assessment of the type of data, its use, access, security, and monitoring. The GuardWare Compliance Assessment is recommended for this. The findings from this assessment will influence the scope and detail of the second part.  Areas covered in this assessment are described under e-Safe.
  • Control risk – assessment of the appropriateness and effectiveness of management controls, given the level of Situational risk.   This assessment is conducted as a document review and a series of interviews with managers and staff. Areas covered in this assessment include:
  • Documented policies, privacy, data security
  • Checklists, on-boarding and off-boarding of personnel
  • Procedures, data breach plan, data cleansing, incident response
  • Training, inductions, incident responsibilities, password controls, use of emails.
  • Security monitoring, system controls, vulnerability testing, applications – local and cloud
  • Personnel monitoring, permission and authority tables, recruitment checks.

Post Assessment: After the assessment, a written report is prepared which describes what was assessed, findings, an evaluation of risk, priorities, and opportunities for improvement.   These reports can develop your own improvement initiatives, or to define the scope of work for external experts, should you choose to engage them.

OVERVIEW

Goal Group provides specialised services to assess your cyber security readiness in conformance with defence relevant regulations and standards. These include ASD Essential 8, DISP, ITAR, NIST 800-171, CMMC and ISO 27001/2.

In addition to assessment services, we provide specialised security software that can quickly cover off the gaps identified during the assessment and secure your data to defence standards.

WHY ITS RELEVANT

Cyber Security is a major concern for Defence and Primes and has a direct impact on your ability to do business in defence. According to Financial review

“40% per cent of small and medium businesses vying to win defence contracts are being rejected because of lax cyber-security practices” (Feb 2021).

The importance of Cyber is only going to increase. The current geopolitical situation around Australia and the new US based CMMC standard is already having an impact, with Primes increasing their push on their suppliers to safeguard their digital assets.

WHY US

We have established a reputation for quality, well designed solutions that don’t cost the earth. We work with you to provide a solution that best serves your needs.

Our Goal Group solutions cover all the gaps that you might not have considered, so that you’re safe from data breaches in day-to-day situations. One of our Group partners were recognised as being in the top 10 enterprise security solutions providers in APAC 2019.

CYBER Products: Our Goal Group Partner products are world leading in their demonstrated effectiveness to increase cyber resilience of organisations. Learn More