Our client for this engagement was a high profile Australian brand which gathers and holds very sensitive data on Australian consumers.

Background

The client’s executive management team approached elevenM as they were finding it difficult to articulate their cyber security posture to their non-executive governance committees.

Our role

elevenM was asked to produce an independent assessment of the client’s current cyber maturity level and to outline where elevenM thought investment was needed.

The specifics

  • To deliver this engagement we leveraged our cyber maturity assessment platform. This platform is based on the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) v1.1*.
  • The assessment was completed through interviews with key stakeholders and through the review of relevant artefacts.
  • Upon completion of the assessment we provided the client with an executive report outlining their current and desired maturity against each category of the CSF. We also provided the executive team with practical insights on how to lift their maturity in order to mitigate the threats in which their business operated.

*As the CSF lacks any measurements or indications of maturity, we have (using our collective experiences) developed a set of maturity measures against each CSF sub-category.

Example platform reports

Maturity by NIST CSF Function:

By Function

Maturity by NIST CSF Category:

By Category

We have recently provided an update to the original assessment which now enables the client to leverage a comparison report to their previous current state.

Comparison to previous maturity by NIST CSF Category:

Comparison