Phronesis Security has extensive experience working with local, state, and federal government agencies of all shapes and sizes. Some examples of commonly utilised services include:
Performing penetration testing, cloud configuration reviews and threat and risk assessments for local government councils.
Meeting state government mandatory reporting requirements, such as NSW Cyber Security Policy annual attestations or developing Protective Data Security Plans under the Victorian Protective Data Security Framework.
Delivering large-scale cyber incident readiness programs for law enforcement, cultural institutions, and service delivery agencies.
IRAP assessments, Essential Eight maturity assessments and ISM uplift programs for Government agencies across a broad range of portfolios.
Our expert consultants have supported a broad range of entities that include regulators, law enforcement, intelligence, education, health, cultural institutions and lead agencies. Leveraging extensive experience working with and within Government, we intimately understand the complex intersection of Government policy, public trust, regulatory oversight, and service delivery context that makes securing Government environments such a uniquely fascinating challenge.
We understand government entities must juggle a complex service delivery mandate with an elevated threat profile and low tolerance for cyber risk – after all, maintaining public trust is always paramount. Accordingly, we recognise the following key cyber security challenges faced by agencies at all levels of government:
Making the very best use of limited budgets to stay ahead of a seemingly unlimited range of threat actors and attack vectors.
Meeting ongoing legal and regulatory reporting obligations, often spanning multiple compliance frameworks in constantly-changing environments.
A lack of visibility of third-party risk exposure, especially regarding vendors, funded agencies, or community service providers.
Management of a diverse technology stack with strict control requirements such as implementation of macro control or application control.
We offer the following services that are tailored to help government organisations succeed with reducing their cyber security risk and meeting their compliance obligations:
Threat and Risk Assessment
ISO31000:2018-aligned cyber security risk assessments in which threat modelling is built into determining cyber risk exposure for more informed decision-making.
Support with Mandatory 25 assessments in New South Wales, VPDSS reporting in Victoria or meeting IS18 requirements in Queensland.
IRAP / Essential8 / ISM. Assistance with by ASD endorsed cyber security professionals to provide assurance of the security of systems storing or processing Australian Government data.
Cyber Incident Readiness
Incident response capability development including developing plans and playbooks or running exercises to test and train your team.
Third Party Risk Management
Assessments of funded agencies, vendors and suppliers to provide assurance over the cyber security risks they introduce.
Practical testing of the security controls and identification of vulnerabilities within systems.
Why Phronesis Security
Our differentiator that allows us to serve Government organisations better than other consultancies is our years of intimate experience consulting to or working internally within government organisations
The ancient Greeks called using knowledge to achieve a practical good 'phronesis', or φρόνησῐς. We recognise this is true in cyber security - technology is only as effective as its configuration, and policies are just paper without an educated workforce. We also recognise some of the world's most challenging issues require immediate, practical action. Committed to delivering world-class services to our clients and supporting high-impact charities, Phronesis Security strives to break the mould, and do cyber security for good.
Phronesis Security at the Technology Scale-up Awards
Cyber Security Advisory Services (NSW Government)
NSW Government Incident Response Uplift Program
RAAF Aircraft Accreditation
The team at Phronesis always deliver a quality outcome with the expertise and thought leadership up to the task.
- D. Mathieson, Chief Information Security Officer
Get in Touch
Get in touch for a free consultation!