Review and Plan

Meet the security challenge with eyes wide open

The first step in building a safe and secure business is shining a light on the current state of your information security. Our expert security team uses best practice industry frameworks 'right sized' for New Zealand businesses to assess the security risks facing your business. We use penetration testing to discover weaknesses in your network infrastructure, and applications to assess your technological defences. Social engineering exercises test your company’s human defences (that is, the awareness and attentiveness of your staff).

You’ll receive an overall security score for benchmarking, and a comprehensive report with recommendations prioritised into short, medium and long term actions. This forms the basis for your security roadmap, which will future-proof your business against the ever-evolving threat landscape.

Let's get started

Here are the services we offer to give you a better handle on the state of your information security.

Cyber Security Review

The Cyber Security Review programme is based on established international information security procedures, such as ASD and PSR. It’s much more comprehensive than a simple information technology security check, encompassing your current security strategy and culture to give a view of the overall security posture of your business across twenty key control areas.

You'll receive:

  • A benchmark rating of the maturity of your organisation’s approach to security
  • Identification of existing vulnerabilities and possible future threats
  • Prioritised recommendations on where and how your security can be improved
  • A recommended programme of work designed to rapidly increase your security posture

Approximate timeframe: 3-4 weeks

Find out more

Information Security Policy Review

Comprehensive and robust policies are the foundation of good security, providing clear guidance on the specifics of the security implementation and setting clear expectations for how employees should behave. The review process is based on best-practice standards and our experience working with a wide range of clients across multiple industry sectors.

You'll receive:

  • An independent assessment of the quality, completeness and intelligibility of your organisation’s policy documents
  • A comprehensive report containing recommendations to assist your organisation in building a set of policies that will provide the foundation for a robust information security environment, and ultimately help to reduce risk

Approximate timeframe: 1-2 weeks

Find out more

Web Application Penetration Testing

Website application penetration testing should be part of any business’ risk assessment phase prior to launching live services. Testing allows you to release your website application in confidence, knowing it’s been extensively scrutinised by industry leaders. We’ve partnered with BlackBerry Cyber Security to bring the world’s most highly-regarded website penetration testing service to our New Zealand clients.

You'll receive:

  • A comprehensive test for vulnerabilities (including those detailed in the OWASP Top Ten) across your entire application
  • Identification of any weaknesses that could allow an attacker to compromise the application, the data it interacts with, its users or the hosting environment
  • An in-depth report with detailed technical findings, including an explanation of the risk associated with each identified vulnerability and details on how to mitigate it

Approximate timeframe: Variable, contact us for more detail

Find out more

External Infrastructure Penetration Testing

Our External Infrastructure Penetration Testing service checks the entire exterior of your infrastructure (that is, anything that connects to the internet), using a variety of attack methods. External infrastructure penetration testing should be part of any business’ risk assessment phase prior to changing or launching any new live services.

You'll receive:

  • A comprehensive test of your external infrastructure security status
  • An in-depth report with detailed technical findings
  • The type of risk and its effect for each identified vulnerability, with full details on how to mitigate it

Approximate timeframe: Variable, contact us for more detail

Find out more

Phriendly Phishing Attack Programme

Your people are simultaneously your strongest defense and weakest link in terms of information security. Our Phriendly Phishing Programme focuses on measuring and building awareness amongst your staff around email phishing techniques. Over a 12-month period we will educate your employees and then routinely test them with a range of phishing techniques to improve their awareness and build cyber resilience in your business.

You'll receive:

  • An initial wave of well-crafted phishing emails to employees to create a baseline measure of your susceptibility to phishing attacks
  • Delivery of innovative online training materials to educate staff on ways to identify suspicious senders
  • Follow up emails over the next 12 months to test employees against a range of commonly-used cybercrime techniques
  • Monthly reporting on staff response to attacks, enabling you to monitor the effectiveness of training and growth of your security culture

Approximate timeframe: Minimum 12 month subscription

Find out more
What stage is your business at?

Wherever you are in your security journey, Origin Security has the people, processes and technology to get you to your destination.

FREE Network Security Assessment

It doesn’t matter how up to date with cyber security you think you are, it’s likely that there’s a gap between your current protection level and the level it should be at to safeguard against the latest threats. Register for our quick, simple and free test here.

Read More

Case Study - Les Mills International

We invited Les Mills International’s Head of Global IT to take part in a fake phishing attack to raise the team’s awareness of cyber threats, test their defenses and highlight any gaps they had in their education programme.

Learn More

Ready to get a handle on your security?

0800 34 34 34