Security Centric is a cyber security services business made up of an experienced team of consultants and skilled engineers all based in Sydney Australia. Founded in 2012, our mission is to genuinely help organisations better understand risk in the context of information security and ensure appropriate measures are in place to effectively manage these risks on an ongoing basis.
We have extensive experience performing a range of cyber security services for organisations spanning across many industries, including government, banking and financial, retail, and health. Our practical approach to business risk simplifies cyber security and ensures effective risk management outcomes.
Security Centric has structured both its capabilities and service offering to cater to its client partner’s desire to holistically manage information security across all functional domains.
Each functional domain is designed to continuously improve the other functional domains. The threats, techniques and attack vectors observed across our partners as well as the public domain are used to improve detection effectiveness.
This feeds into the visibility provided by assessment activities to uncover risks to an organisation. Identified threats, risks and weaknesses are evaluated and environments secured and hardened to prevent compromise in the first instance.
Techniques used to circumvent security controls are specifically monitored, as well as signs that specific protections have been bypassed, to identify existing and new breach indicators. These techniques are fed back into the assessment and prevention/securing domains and the loop continues to improve each domain as part of a business as usual processes.
This constantly evolving and improving holistic approach to information security is a primary benefit to our partners who wish to achieve business objectives from information security rather than merely outsourcing a specific but siloed security management task, such as security monitoring.
Business lines are arranged to facilitate the full lifecycle capability and also provide a ready-to-use information security function for our partners.
The consulting line features strong capabilities in business risk, governance, compliance including regulated industries and designing pragmatic security transformational projects.
A logical extension from this is a team of subject matter experts and engineers to either lead projects, provide targeted specialist advice or supplement existing engineer resources as required. This also ensures hands-on experience, usually across multiple vendors, drives pragmatic consulting recommendations rather than easy to recommend but difficult to implement or maintain audit findings.
Our client partners commonly find that achieving a good security baseline is only part of the challenge, and thus Security Centric’s managed services unit has developed tools, techniques, processes, platforms and automation to maintain a chosen security posture over time whilst minimising the impact on internal resources and providing value for money.
Our partners make use of all of these units as required, performing as a de-facto information security department with numerous subject matter experts and ready-to-consume technology platforms, without the overhead and cost of building this capability internally. This extends over and above merely a monitoring service, but one that works alongside the board and executive to manage stakeholder expectations surrounding information security.