Cybercraft
Strategic

When a full security programme is not optional — we have done this for businesses your size.

Most organisations land here because someone required it: a client, a tender, a board directive, a regulator. These are significant commitments — they require funding, dedicated resources, and organisational change. What you get in return is a defensible security posture that stands up to scrutiny.

🧭
vCISO / Security Leadership
Monthly security programme management
Who in your organisation owns security? If the answer is unclear, that is the gap we fill. Ongoing security leadership on a monthly retainer — programme management, board reporting, MSP oversight, and compliance accountability.
Learn more
🏆
ISO 27001 Certification
Full ISMS & certification
Full Information Security Management System build through to certification audit. Scope definition, risk assessment, Annex A controls, internal audit, and certification support.
Learn more
Essential Eight Implementation
Implementation to target maturity
Systematic implementation across all eight mitigation strategies to your target maturity level. Technical control changes, MSP coordination, evidence collection, and maturity verification.
Learn more
🔒
Privacy Framework
PIAs & Privacy Officer
Full privacy framework with Privacy Impact Assessment processes, data management, breach response capability, and optional ongoing Privacy Officer services.
Learn more
📋
ISO 27701
Privacy information management
Privacy information management system extending your ISO 27001 ISMS. PII controls for controllers and processors, mapping to GDPR and the Privacy Act.
Learn more
☁️
ISO 27017/27018
Cloud security & privacy
Cloud-specific security and privacy controls for SaaS providers and cloud-native organisations. Extends your ISO 27001 ISMS to address cloud-specific risks.
Learn more
🏫
ST4S — Safer Technologies for Schools
EdTech compliance
Safer Technologies for Schools assessment and remediation for EdTech platforms. Privacy, security, and safety assessment with evidence pack for school procurement.
Learn more
🛡️
DISP
Defence supply chain
Defence Industry Security Program compliance across governance, personnel, physical, and information/cyber security streams. Application support and ongoing maintenance.
Learn more
💳
PCI DSS Compliance
Payment card security
PCI DSS v4.0 compliance for organisations handling card data. Scope determination, gap assessment, scope reduction, remediation, and SAQ or QSA coordination.
Learn more

Tell us what is driving the conversation.

A client requirement, a tender, a board directive, a regulator — whatever triggered this, we have seen it before. Talk to us and we will give you an honest view of what is involved and where to start.

Find the right programme

Kaurna Acknowledgement

We acknowledge and pay our respects to the Kaurna people, the traditional custodians of the ancestral lands on which we work. We acknowledge the deep feelings of attachment and relationship of the Kaurna people to country and we respect and value their past, present and ongoing connection to the land and cultural beliefs.

Kaurna Acknowledgement

We acknowledge and pay our respects to the Kaurna people, the traditional custodians of the ancestral lands on which we work. We acknowledge the deep feelings of attachment and relationship of the Kaurna people to country and we respect and value their past, present and ongoing connection to the land and cultural beliefs.