Search Results

About us IsecT Limited (sec urity in IT ) is an independent freelance consultancy, specialising in information risk and security management. ​ We have a keen interest in the human aspects as much as the technology , with a strongly pragmatic business perspective. We help you protect and exploit information, enabling your business do things that would otherwise be too risky. We add value in areas such as: Information, IT and cyber risk and security management in general Preparing security strategies and plans plus business cases, project proposals and budgets Writing and customising security policies, procedures and technical documentation Security metrics - figure out what to measure, how , when and why Security awareness and training - creative, motivational content, briefings for executives and directors, awareness programme planning and rejuvination Designing and implementing ISO27k I nformation S ecurity M anagement S ystems Governance arrangements - corporate structures, reporting lines, accountabilities, roles and responsibilities Assurance - IT and ISMS internal audits, management reviews, gap analyses and supplier assessments Benchmarking and maturity scoring of your information risk and security Interim management of information risk and security, cybersecurity or IT audit teams temporarily short of a leader Mentoring/coaching for CISOs, on-demand support and guidance. ​ ​ From our base in rural New Zealand, we serve organisations worldwide, of all sizes and industry sectors. We have supplied government and commercial customers, not-for-profits and charities, consultancies and professional services companies, cloud-based and bricks-and-mortar businesses, greenfield start-ups and mature multinationals. We have worked with utilities, banks & financial services, defence, manufacturing and hi-tech companies. ​ Sec Aware builds on our experience and expertise. We know the subject inside out. It's our passion. ​ Read more about IsecT CEO Gary Hinson on LinkeDin . Gary has been in the security and audit trenches since the 1980's, consulting since the start of the millennium. ​ Track the Sec Aware blog to see what has caught our beady eyes lately. Join the ISO27k Forum at ISO27001security.com for frequent updates on the standards plus free advice and content from the active global community of 5,000 professionals. ​

About your audiences It makes little sense to blast out awareness and training content without first understanding your audiences, their perspectives and their information needs. To that end, Sec Aware materials are designed to appeal to the following three corporate audiences: ​ 1. Workers in general (everyone!) Persuading workers to participate willingly in your information risk, security, privacy and compliance activities takes more than just policies and management edicts. Workers need to understand what is expected of them, and be sufficiently motivated to act accordingly. Top quality, professionally crafted security policies and other awareness and guidance materials are key. For the general audience, the materials take the individual's perspective, addressing their self-interests, their families and personal lives, as much as their working roles. ​ 2. Managers Management sets the tone for your organization. Without management’s understanding and support, information security is doomed. Getting senior and general management on-board with information risk and security is the quickest and most powerful - if not the only - way to influence your corporate culture. Content for the management audience revolves around the business perspective: how does information security support and enable the business? What is its commercial value? What are the compliance imperatives, the strategic and policy options? How should information risk and security management people be structured and directed? There are governance as well as information risk and security management aspects here. ​ 3. Professionals Various experts are typically involved in designing, implementing, operating and managing the organization's information risks and the security arrangements. Despite their specialist knowledge in areas such as IT, risk management, HR, physical security and compliance, information security presents unique challenges. Sometimes even the professionals need guidance and support. Sec Aware helps them understand the issues and options, get to grips with the technology, and get things on-track. Think about it: would you let an untrained mechanic work on your car brakes? ​ All three audiences are addressed in the Sec Aware content - for instance, each Sec Aware awareness module covers the same topic from their distinct perspectives. We plant the seeds, leading the audiences to consider and discuss information security, exploring their common interests and (in some cases) points of difference. Overall, Sec Aware, in conjunction with you and your employees, brings the content to life, lifting it off the page or screen. Gradually those seeds germinate, security becoming simply 'what we do around here', an integral and vital part of the corporate culture. ​ ​