Our Experience

We were engaged by a law firm to conduct a digital forensics investigation into the suspected unauthorised access of sensitive information stored on a State Government entity’s servers. Our forensic technology experts conducted a thorough analysis of electronic records and evidence collected from the client’s computer systems. We produced a detailed history of user activity in relation to sensitive files and folders and identified multiple instances of potentially unauthorised access.

We were engaged by the Securities Exchange Guarantee Corporation (SEGC) to conduct a cyber-audit over the current environment and identify the cybersecurity risks relevant to the organisation. Our team assessed SEGC’s cyber resilience against the Australian Cyber Security Centre’s Essential 8 framework in addition to performing a phishing simulation for SEGC staff. Our team produced a final report that was presented and well received by SEGC’s Board of Directors.

We sit on Curtin University’s professional security services panel and provide them with support for a number of specialised services, including digital forensics and technology-based investigations, information governance, risk and compliance services, cyber security and security awareness training. Our team is currently working with Curtin to identify early warning and risk insights using human behavioural data science.

We have worked with the Retail and Customer Experience (CX) division of Optus, to establish a business centric privacy and information security risk review. We have also assisted Optus with building an overall approach to effectively identify and manage ongoing Information, Security and Privacy risks and issues across the CX business.

We are the only non Audit firm invited by the ASX to participate in the Cyber Health Check Working Group. This is a Cyber Awareness initiative launched by the ASX in 2016 after the launch of the updated National Cyber Strategy. The initiative's objective is to raise the awareness of Cyber at the highest levels of business within Australia's Top 100 listed companies.

We are offered as one of three specialist Cyber advisory teams available to Allianz Australia Cyber clients. We assist their clients to understand their current cyber risk profiles as well as deal with incidents as they arise.  We also provide ongoing support to Allianz in relation to providing eDiscovery services supporting a range of requests.

We operate under an ongoing Master Services Agreement with Sunsuper and support them to deliver Cyber education and awareness initiatives. We provide additional Cyber incident response capacity and support as required and advise the business on Digital Forensics matters. Notably we have assisted Sunsuper in relation to their ongoing Business Continuity Plans and Disaster Recovery testing which is conducted on a regular basis.

Conducted a comprehensive vulnerability assessment of the IT systems and networks of Senex Energy. This involved working closely with the organisation’s IT team, and following a systematic approach to identifying, testing and documenting any cybersecurity shortcomings in their environment. Our resulting report and recommendations have supported Senex in driving initiatives to further enhance their cybersecurity posture.

We are working with the Executive Leadership and Technology teams at Wesley Mission Queensland to plan and deploy a Cybersecurity Awareness Program. This includes conducting phishing email campaigns, developing cyber alerts and information packs, providing cyber eLearning content and tailoring content to the staff at Wesley Mission. We will provide regular reporting throughout the program, to ensure the organisation is improving their cyber awareness amongst management and staff.

McGrathNicol performed an independent Cyber Forensic Review for a mid-sized superannuation fund following an incident reported to APRA. Based on our forensic analysis, we assisted in determining the likelihood of an actual cybersecurity incident based on existing Indicators of Compromise. We additionally determined the appropriateness of incident remediation activities performed by the client and their supporting service providers. Our report was communicated to the Audit and Risk Committee of the client, and was also leveraged in subsequent reporting to APRA.

McGrathNicol assisted Club Plus Superannuation (CPS), a superannuation fund with over $2.9 billion under management, in developing a modern and robust Cyber Incident Response Plan along with several scenario-based Incident Playbooks. By reviewing CPS documentation and performing a series of stakeholder discussions, we helped produced a robust response plan and playbooks to not only reflect CPS’ current response and communication practices, but also to ensure the requirements set out by APRA’s prudential standard CPS 234 are met.

We supported Precision Group in developing a revised, fit-for-purpose Information Security Policy to reflect the organisation’s current cybersecurity practices as well as where their current gaps exist against industry best practices. Using NIST as the guiding framework, McGrathNicol produced a revised Information Security Policy for Precision Group’s adoption. McGrathNicol also undertook a gap analysis to highlight the existing gaps between Precision Group’s current policies and procedures and what is reflected in the newly revised policy.

Independent investigation into allegations raised by whistleblowers relating to the procurement and project management of consultants engaged to work on the delivery of a highly complex IT systems transformation project. We utilised our online web review platform to examine a large volume of data and identify relevant information in relation to the allegations and project governance.

Assisted a major Australian regional bank to prepare formal submissions prior to appearing before the Commission. We worked closely with internal and external legal advisers using our e-Discovery technology, project management expertise to identify and produce protocol compliant documents to the Commission from a data set in excess of 6.5 million documents.

Provision of digital forensic services to complement the retailer's internal Investigations capability. We forensically image devices such as laptops, desktops, server based data, cloud based data and mobile or tablet devices. This potential evidence is maintained by our team in a readily available state should investigation or further inquiry be required.

Worked closely with a university to identify the impact of a cyber security incident. CERT Australia advised that a public release of the server management platform NetSarang, used by the university, had been compromised after attackers embedded a piece of malware. The vendor removed the release from their site and quickly patched the vulnerability.

We worked with Cbus to establish an overall approach to Cyber and build ongoing resilience into their approach to, and use of, technology. This has also included conducting a Cyber Resilience Review and a number of Cyber safety and awareness initiatives addressing the People and Culture element of Cyber security.

Worked with the Board and Executive Leadership Team of Wesley Mission Queensland to assess their current state of Cyber resilience and provide recommendations to enhance the existing framework. We also provide ongoing support in establishing a program that continues raise awareness amongst management and staff, and enhance capability in line with their mission and values.

Assisted a Victorian Government Department respond to a live cyber incident that had the potential to defraud them by infiltrating their regular payroll payment process via the use of malware and infected computer systems within their corporate IT environment. Our report set out the sequence of events that led to the incident and recommendations to improve process and controls.

Commonwealth appointed cybersecurity expert. Our role was to support a Federal Government Agency to navigate the technical specifics of a high profile cybersecurity event, identifying and collecting relevant information in order to conduct a thorough investigation of issues surrounding the event. The matter involved tight timelines and complex third party relationships and interests.

Managed the review process, expediting the manual review of documents in response to an ASIC notice. The review required a deep understanding of financial markets and the ability to distinguish behaviours that could constitute market manipulation. Sophisticated technology was used to examine large volumes of data and an experienced team reviewed communications.