Untapped Cyber is a social enterprise dedicated to protecting business by providing the full spectrum of cyber services, or deploying entire teams. Untapped can help build the talent pipeline and provide everything, from a Virtual CISO to junior analysts. We are committed to solving the cyber skills crisis by creating and supporting excellent cyber workers through their careers.
Untapped Cyber is the full spectrum cybersecurity practice within the Untapped Group. Founded on the principles of creating a sustainable cybersecurity workforce, including neurodiverse, First Nations, veterans and returning-employees, especially women and carers. Untapped Cyber are able to deliver the full range of cybersecurity services, with dedicated Blue Team, Red Team and Purple Team.
We value inclusion, and our services are provided by people who “think differently”. We are proud to support our communities and constituencies with positive potential. Our clients include BHP, ANZ Bank, National Australia Bank, the Australian Federal Police, Pacific Defence Services and the Department of Home Affairs.
Penetration testing, vulnerability assessments, social engineering attacks, physical security assessments, incident response testing, adversarial simulation, wireless network assessment, red team exercises, web application testing, security awareness training, IoT security assessments, cloud security assessments, endpoint security evaluations, cyber range exercises, business email compromise simulations, critical infrastructure attack simulations, insider threat simulations, threat intelligence analysis, VoIP security assessments, cross-site request forgery testing, API security assessments, cryptographic evaluation.
Threat monitoring and detection, incident response, vulnerability management, patch management, security architecture and technical reviews, security configuration, threat intelligence analysis, traffic analysis and anomaly detection, data loss prevention solutions, security tools – firewalls, intrusion detection and prevention (IDS/IPS), endpoint protection platforms (EPP), information and event management (SIEM).
Essential 8 uplift, ISO27001 implementation and audit, DISP implementation, NIST CSF implementation and audit, cybersecurity reviews, SOCI and SLACIP assessments, compliance management, policy development and review, cybersecurity strategy and governance, audit support and coordination, third party risk assessment, data privacy and protection, training and awareness programs, incident response planning and coordination, vendor assessments, cyber insurance documentation, business continuity planning, IT governance and controls, legal and regulatory research, security and privacy impact assessments, open source intelligence, ESG reporting, CSR reporting, stakeholder communications and crisis management.
In addition to offering a full suite of cyber services, we can help source and build the “untapped” talent pipeline for Cyber Talent. We can help find, assess, and match individuals to roles they will thrive in, bringing innovation and elevating competitiveness. We offer talent capabilities such as:
Services:
• Vulnerability assessment, network penetration, web application testing, social engineering, reports
Services:
• Threat actor profiling, indicators of compromise, data collection and analysis, TTP asssessments
Services:
• Incident detection and analysis, containment and eradication, forensic investigations, documentation, coordination and communications
Services:
• Security monitoring and alerting, SIEM management, log analysis, malware analysis, device management, threat hunting
Services:
• Network design and segmentation, cloud security, identity and access management, controls implementation
Services:
• ISO27001, Essential 8, DISP, DSPF, PSPF, NIST, 3rd party assessments, awareness and training programs
Untapped Cyber have expertise in delivering customised outreach resources and educational campaigns for clients that reinforce critical cybersecurity practices. Liaising with graphic designers to distribute curated physical and/or digital handouts, we target crucial vulnerabilities with engaging methods that enhance understanding and retention. We can produce awareness campaigns such as:
