You'll never be caught
without an answer.
Our 5-stage NDF Protection Program builds your defences and keeps them current. We provide ongoing oversight, dark web monitoring, and expert reports structured to meet regulatory expectations. We perform all analysis in Australia.
Is this for you?
You are responsible for protecting data
You are a practice manager, IT director, or business owner. You are responsible for patient records, client files, or sensitive business data. Your board or insurer is asking about cyber risk. You need a program, not a project.
Healthcare practices
Patient data under the Privacy Act and My Health Records Act. Obligations under APP 11. Insurers asking for evidence of reasonable steps.
Professional services
Client confidentiality obligations. Trust accounts. Sensitive commercial information that must be protected.
Growing businesses
You need better security but don't have a full-time security team. We handle it so you don't have to.
The program
5-stage NDF Protection Program
Understand
We assess where you are today. Infrastructure, data flows, current controls, and gaps. No assumptions, no jargon.
Benchmark
We measure your security standing against industry standards and the regulatory expectations relevant to your sector.
Protect
We implement controls that address your gaps. Practical, proportionate, documented so you can show regulators exactly what we did.
Verify
We test that the controls work. Not a checkbox exercise. Genuine verification that your defences hold.
Maintain
Ongoing monitoring, regular reviews, dark web scanning, and an expert on call. Your defences stay current as threats evolve.
Ongoing services
Continuous protection
These services run alongside the program or stand alone for organisations that already have a baseline.
Dark web monitoring
Consolidated threat intelligence with monthly expert reports. We monitor for your data across dark web markets and forums.
Incident response retainer
Priority access to our investigation team if something goes wrong. Pre-agreed rates, pre-approved scope, faster response when it matters most.
Expert attestation
Independent expert reports documenting the reasonable steps you have taken. Evidence structured to meet regulatory and insurer expectations.
AI governance readiness
As your organisation adopts AI tools, we help you document governance frameworks and risk assessments. Prove you are using AI responsibly. Coming mid-2026.
What you get back
Compliance, peace of mind, someone to call
Compliance with your insurer
Your cyber insurer asks more every year: two-step logins, secure backups, a plan for when something goes wrong, modern protection, staff trained to spot phishing. Practices that can't show this face higher premiums or cover refused. We keep your evidence ready, refreshed every quarter, so renewal is a document you already have.
Peace of mind
Every day we scan your external footprint, the dark web, and your key identity signals. Your IT provider handles availability, patching, and backups; we handle the intelligence layer they don't cover. Monthly testing finds problems before they become incidents. A quarterly letter tells your board and partners what is being done, and what is being fixed.
A named expert to call
If something looks wrong at 9pm Saturday, Matt is the first call. He knows your practice already, helps you contain the damage fast, protects the evidence your insurer and regulator will later want, and writes your incident brief within 24 hours.
We handle it so you don't have to
We will assess your situation and recommend the right level of protection. No obligation.
Need to prove your position to a regulator or board? See how we help you build evidence.