Providing specialist knowledge and experience to help organisations navigate cyber resilience.

Continual developments in technology and the expansion of data requires organisations to take an active role in managing strategic risks, such as cybersecurity and data privacy. Organisations need to set a clear strategy and framework for success whilst continually building and testing their capability, enabling them to detect and respond quickly and effectively to incidents.

Our experts work with clients to proactively manage technology and information security risks. We help set governance strategies and design frameworks against standards such as NIST and ISO 27001. Our role extends beyond the theory, working to design and deliver practical initiatives that build ongoing security capability.

We also specialise in incident response and crisis management to resolve high pressure and time critical cyber and privacy related matters.

We focus on the human element of cyber and believe in collectively making Australia a hard target for cybercrime through raising awareness and educating people. Our team of specialists focus on raising awareness by lecturing at universities and schools, presenting to Boards and Executive teams of Public, Private and Not-For-Profit Australian businesses, and engaging with the corporate community through industry events.



Cyber risk is evolving rapidly and a comprehensive learning program for your people is essential.

Investment in your people, along with the technology they use on a daily basis can be a valuable first line of defence. Cyber risk is not something only encountered by your people during work hours – it is all encompassing and features in every aspect of their lives.

By investing in people’s cyber risk awareness, businesses have the opportunity to make an effective and long lasting impact on their cyber risk profile. If people are not part of the solution, effective cyber resilience is unachievable.

Our approach starts with people and lays the groundwork from day one, bringing the right stakeholders to the table to debate and provide opinion. From the Board, Executive and senior leadership levels, down through core operations and extending to third parties and trusted advisors, it is people who are at the centre of business success.

Our approach to the human element of cyber includes:

  • conducting briefings at all levels of an organisation, making the topic approachable and interactive;
  • conducting more detailed risk workshops with key stakeholders who can influence change;
  • taking the ‘pulse’ of the organisation and measuring the effectiveness of the message; and
  • performing regular, technical initiatives that raise awareness and provide safe, real-time learning moments.

Cyber Risk

Quantify, mitigate and set strategies to manage Cyber risk.

Cyber is a persistent business threat that needs to be quantified, mitigated and actively managed as part of our strategic and operational practices. Cyber risk is no longer an issue faced and addressed only by IT– it is a necessary partner to innovation and change.

We work closely with clients to develop strategies and design frameworks that identify and manage risks, with the aim of building long-term resilience. Resilience is an organisation’s ability to prepare for, respond to and recover from cyber or privacy incidents. Resilience is more than just preventing or responding to an incident. It takes into account the ability to operate and effectively incorporate the valuable lessons learnt in a time of crisis.

We take a hands-on approach to helping our clients build effective strategies and ongoing capability. To assist with cyber governance, we work with our clients to deliver outcomes such as:

  • quantifying gaps in cyber resilience, maturity or capability;
  • designing or executing strategies and programs to address known gaps or build governance capabilities;
  • measuring and assessing compliance against standards such as CPS 234 or the ACSC Essential 8; and
  • establishing cyber and privacy risk management and compliance programs, including of third parties when required.

Digital Forensics

Protect one of your organisation's most valuable assets.

Information is one of your organisation’s most valuable assets, which makes its loss or interference one the most critical risks. In today’s digital age, organisations of all kinds create and rely on commercially sensitive information, financial information, intellectual property, strategic plans, mergers and acquisition data and a raft of other mission-critical information on a daily basis. This often comes with a complex overlay of user access and physical storage locations.

When an incident arises – such as unauthorised access, theft, accidental or deliberate deletion of data – a response plan is enacted. A digital forensic investigation is often one of the first steps on a path to recovery.

Digital forensics is a highly specialised skill set that combines a deep technical knowledge of systems and applications with a detailed forensic process of evidence identification, preservation, collection and analysis. We help you quickly get to the bottom of who, when, what, where and how.

Our technology team is internationally recognised, with certified computer forensic specialists who have conducted hundreds of computer, mobile, cloud and server based forensic investigations. We help our clients quickly and comprehensively respond to unwanted events.

Our experts have a foundation in law enforcement and the Australian Defence Force and are certified members of the International Society for Forensic Computer Examiners (ISFCE), as well as being members of relevant industry bodies, including Australian Information Security Association, Information Systems Audit and Control Association (ISACA) and Information Governance Australia ANZ.


Information management for investigations and litigation.

Now that email and other digital platforms are the primary sources of our personal and professional communication, systems and applications are expected to store larger and more historical volumes of information on a daily basis. This expansion has numerous flow-on effects, one of which is the challenge of managing and sifting through great volumes of electronic information when conducting investigations and responding to large-scale litigation.

When an organisation is required to respond at short notice to regulatory pressure, manage large volumes of information for commercial litigation or scrutinise information for an investigation, specialist help is often required. In-house IT teams using native systems often do not possess the specialist knowledge or have the capacity to achieve what is required within the timeframe.

The technology team at McGrathNicol is one of the foundational, large-scale electronic information discovery practices in Australia. We specialise in technology-enabled, End-to-End (E2E) electronic information management for investigations and litigation. Our E2E solution has become critical to helping our clients run timely and cost-effective investigations, litigations and regulatory compliance programs.

Our specialist electronic information management solution is built on the back of industry-leading iPro Technologies that take you from identification of potentially relevant data, all the way through to the production of only relevant information, using advanced analytics and specialist techniques. We have a dedicated team of highly experienced staff who have been performing this work for more than 18 years. We have worked on some of Australia’s largest investigations and litigations, operating in all state Supreme Courts and the Federal Court, as critical parts of Regulatory response initiatives and as part of Royal Commissions.


Effective strategies to help mitigate the impact of cyber incidents.

With the complexities of technology, the diversity of our ecosystems and the pace at which we are often required to work, it is inevitable that we will be required to deal with cyber incidents and events.

Incident Handling & Response is about mitigating the impact of cyber incidents and events. One of the most effective ways to achieve that is by having a practical, comprehensive and well documented plan for dealing with incidents and events as they arise. This requires organisations to predict and plan for likely scenarios, assigning roles and responsibilities, testing their plans by training people extensively and ensuring they have a mechanism that helps them learn and improve when incidents do occur.

Our team are highly experienced in a crisis and have managed thousands of incidents and risk events. We are quick to respond, working closely with clients to resolve incidents and implementing improvements for the future.

We have an end-to-end incident handling approach and work with clients through any stage of a crisis, including:

  • designing, executing or participating in desktop scenarios and tests;
  • developing incident response plans, incident handling frameworks, playbooks and other key materials for successfully managing incidents;
  • establishing the participation in a specialist incident response capability through service agreements or panel arrangements; and
  • providing on-demand provision of specialist Digital Forensic services for specialist Incident Response efforts.



The effective management of cyber risk will always require a fundamental security capability.

Cyber risk management is progressively the convergence of governance, risk management, legal, human resources and technical specialists working together to manage a socio-technical risk issue. It is increasingly accepted that cyber is not just an IT issue, and it is now elevated and discussed at the most senior levels of most organisations. However, cyber risk still requires a fundamental foundation of operational IT security capability to be successful.

Our team are highly experienced and qualified security specialists that help clients deliver fundamental security initiatives as part of their overarching cyber practice. These initiatives are core to building and maintaining successful cyber capabilities and include:

  • developing and updating internal policies, procedures and guidelines for Information Security;
  • performing security control assessments or security risk assessments including physical security assessments;
  • completing vulnerability scans and penetration tests; and
  • providing assistance in preparing for routine audit and assurance programs.