Our Experience

McGrathNicol performed an independent Cyber Forensic Review for a mid-sized superannuation fund following an incident reported to APRA. Based on our forensic analysis, we assisted in determining the likelihood of an actual cybersecurity incident based on existing Indicators of Compromise. We additionally determined the appropriateness of incident remediation activities performed by the client and their supporting service providers. Our report was communicated to the Audit and Risk Committee of the client, and was also leveraged in subsequent reporting to APRA.

McGrathNicol assisted Club Plus Superannuation (CPS), a superannuation fund with over $2.9 billion under management, in developing a modern and robust Cyber Incident Response Plan along with several scenario-based Incident Playbooks. By reviewing CPS documentation and performing a series of stakeholder discussions, we helped produced a robust response plan and playbooks to not only reflect CPS’ current response and communication practices, but also to ensure the requirements set out by APRA’s prudential standard CPS 234 are met.

We supported Precision Group in developing a revised, fit-for-purpose Information Security Policy to reflect the organisation’s current cybersecurity practices as well as where their current gaps exist against industry best practices. Using NIST as the guiding framework, McGrathNicol produced a revised Information Security Policy for Precision Group’s adoption. McGrathNicol also undertook a gap analysis to highlight the existing gaps between Precision Group’s current policies and procedures and what is reflected in the newly revised policy.

Independent investigation into allegations raised by whistleblowers relating to the procurement and project management of consultants engaged to work on the delivery of a highly complex IT systems transformation project. We utilised our online web review platform to examine a large volume of data and identify relevant information in relation to the allegations and project governance.

Assisted a major Australian regional bank to prepare formal submissions prior to appearing before the Commission. We worked closely with internal and external legal advisers using our e-Discovery technology, project management expertise to identify and produce protocol compliant documents to the Commission from a data set in excess of 6.5 million documents.

Provision of digital forensic services to complement the retailer's internal Investigations capability. We forensically image devices such as laptops, desktops, server based data, cloud based data and mobile or tablet devices. This potential evidence is maintained by our team in a readily available state should investigation or further inquiry be required.

Worked closely with a university to identify the impact of a cyber security incident. CERT Australia advised that a public release of the server management platform NetSarang, used by the university, had been compromised after attackers embedded a piece of malware. The vendor removed the release from their site and quickly patched the vulnerability.

We worked with Cbus to establish an overall approach to Cyber and build ongoing resilience into their approach to, and use of, technology. This has also included conducting a Cyber Resilience Review and a number of Cyber safety and awareness initiatives addressing the People and Culture element of Cyber security.

Worked with the Board and Executive Leadership Team of Wesley Mission Queensland to assess their current state of Cyber resilience and provide recommendations to enhance the existing framework. We also provide ongoing support in establishing a program that continues raise awareness amongst management and staff, and enhance capability in line with their mission and values.

Assisted a Victorian Government Department respond to a live cyber incident that had the potential to defraud them by infiltrating their regular payroll payment process via the use of malware and infected computer systems within their corporate IT environment. Our report set out the sequence of events that led to the incident and recommendations to improve process and controls.

Commonwealth appointed cybersecurity expert. Our role was to support a Federal Government Agency to navigate the technical specifics of a high profile cybersecurity event, identifying and collecting relevant information in order to conduct a thorough investigation of issues surrounding the event. The matter involved tight timelines and complex third party relationships and interests.

Managed the review process, expediting the manual review of documents in response to an ASIC notice. The review required a deep understanding of financial markets and the ability to distinguish behaviours that could constitute market manipulation. Sophisticated technology was used to examine large volumes of data and an experienced team reviewed communications.