Establishing a strong security foundation in collaboration with partners is a critical first step for Australian businesses with ambitions to implement more complex AI and automation.
That’s the message Australian organisations heard from local technology services provider Spirit Technology Solutions and local technology distributor Dicker Data at the recent CyberSecure Summit in Sydney.
Collaboration with partners enables organisations to assess their current security posture and identify key gaps, said Adam Smith, Modern Work, Security and AI Lead at Australian technology distributor Dicker Data.
“Frameworks are great for that, because you can benchmark against ‘are we meeting those controls, do we have the right things in place, have things improved?’” Smith told the CyberSecure Summit audience.
Smith emphasised the importance of aligning security initiatives with broader business priorities.
“The second part is the importance of alignment. Align your security objectives with your business goals and prioritise security initiatives based on business impact. What you don’t want to do with security is have it become a barrier. What you want it to be is something that works with your people.”
Smith noted that working with partners can not only help organisations stay compliant but also address in-house skill shortages – particularly pressing in the Asia Pacific, which he described as having “the greatest shortage of security people in the world.”
“The landscape is always changing, so working with a knowledgable partner, like Spirit Technologies will actually help, support and guide you through those changes as they go,” he said.
Spirit’s consultancy-led approach simplifies security
Spirit delivers a comprehensive suite of managed IT, cyber security, and collaboration services, with cyber security embedded at the core of every solution.
Operating under the largest business unit, its dedicated cyber brand Infotrust leads the way—offering advanced services including an Australian-based Security Operations Centre (SOC), Governance, Risk & Compliance (GRC), information governance, assurance, and data security.
Spirit further strengthens its cyber resilience offering through Forensic IT, providing expert incident response and digital forensics, and support seamless, secure communication through the Nexgen brand.
Spirit’s Head of Technology and Innovation, Caleb Bateman, is keenly aware that Australian businesses are challenged with cyber insurance requirements, complex supply chains, disparate cybersecurity products, data privacy legislation, managing risk appetites, regulatory compliance, and resource and talent shortages.
Bateman said these factors make a collaborative approach essential when navigating the security landscape.
“There’s lots of different places to start, and they all require different levels of time, expertise and compliance,” Bateman said.
“We find that a lot of people aren’t sure where to start…start with a foundation of security and then move up that chain” – Caleb Bateman, Spirit
“That’s where we find that a lot of people aren’t sure where to start, and they don’t even want to engage because they don’t know what their current framework looks like.
“Start with a foundation of security and then move up that chain – things like end point protection, firewalls, patching, then move through to implementing policies and security, not just technical controls. That bridges the gap between cybersecurity and governance, risk management and compliance.”
Bateman pointed to the SMB1001 cybersecurity framework as a practical, fit-for-purpose and cost-effective entry point, particularly for businesses seeking to eventually attain ISO27001 certification.
Describing the framework’s certification process as “straightforward, practical, and built around five areas of focus” – technology management; access management; backup and recovery; policies, plans and procedures; and education and training – Bateman outlined how it provides a clear roadmap for maturity.
“We can use the SMB1001 framework, start with an assessment of where you’re at today, and implement those practical steps over the next 1/3/6 months to get to a standard with gold or moving up to those next stacks,” he said.
To understand your security posture and give your business a strong cybersecurity foundation for AI and automation, email Spirit at sales@spirit.com.au.