Not all solutions are the same and the cost of bad design may mean your reputation built over years can vanish in an instant. Our methodology and approach for cyber security architecture and control design is human-centred. Human behaviour is the most important element to consider in security design. The objective is to reduce friction by implementing seamless security solutions that enable employees to conduct their work efficiently removing any roadblocks. In cyber security, people ignore and circumvent controls that ignore people and make their daily tasks challenging.
“The broader one's understanding of the human experience, the better design we will have.”
— Steve Jobs
Due to technological advances, deprecation occurs frequently to once sound design. We maintain detailed reference architecture models for different risk scenarios to support accelerated transformation through years of lessons learnt. Our designs are aligned to accepted cyber security control frameworks and design patterns. We practice security by design, privacy by design and ultimately trust by design.
We assist clients in identifying the best technology to suit their business context. Tannhauser, as a business, has made the conscious decision to remain product and vendor agnostic so we can truly provide transparent independent advice rather than selling tools and technology aligned with our individual business goals. Our experience allows us to provide clients with comprehensive benefit analysis of proposed solutions.
We work with you to help define cyber security guiding principles, objectives, strategies, policies, and select suitable controls to protect the organisation’s critical assets within the appropriate budget. We support your business case documentation building stakeholder support and justification for investment.
Tannhauser strives for the correct optimisation of people, process and technology to help your organisation deliver the required cyber security outcomes. We acknowledge we may not have all the answers to cyber security; however, we will make sure you have all the available information to make the best possible decision.
Organisations must embrace digital transformation if they are to succeed. Transformation must be led by highly engaged leaders who treat transformation as a cultural shift shaping an organisation’s future. The ideas supporting the cultural shift should be the strategic identity for that company. This identity can be used to bring stakeholders along the journey connecting with the community and providing engagement across business.
Cyber security must be aligned with business objectives to enable successful transformation investment, allowing the companies to fall fast in a change context must be in the company’s DNA. The ability to learn to fail fast and take those valuable lessons along your journey to digital transformation will prove invaluable.
“There is no alternative to digital transformation. Visionary companies will carve out new strategic options for themselves — those that don’t adapt, will fail.”
— Jeff Bezos, Amazon
Our experienced project managers can provide support for large cyber security portfolios, programmes and individual projects. We will bring an informed perspective and help future proof your business by executing solutions that can adapt to the current changing landscape and technology.
Our approach to cyber security transformation is built on six imperatives:
1. Your strategic identity must be linked to your most distinctive capabilities and skills;
2. Automation of business operations threat led and driven by data, leveraging machine learning and artificial intelligence (AI);
3. The future state quest for efficiencies must consider the exploitation of existing processes and innovation of new ways of working;
4. Security, Privacy and Trust by design approaches must be prioritised as critical outcomes;
5. Adopt open digital architecture to provide the ability to mobilise and pivot quickly; and
6. Connect with the community and enable the workforce of the future.
Within Transformation, we help you re-create your security posture in order to reduce exposure to cyber security threats and secure your valuable assets. Not only will we help with the delivery of outcomes, we will help provide security awareness that will ensure alignment between people, process and technology.
Transformation within an organisation must start with tone at the top. Tannhauser works with both the board and executive management to help structure the governance of cyber security risk. With the appropriate strategic approach in place, those responsible will be able to challenge themselves as to whether their response is adequate against the rapidly evolving threat.
Tannhauser believes the most effective way to reduce your organisation’s exposure to cyber threats is through the improvement in the awareness of your people. We deliver tailor-made education and training to your board, executive suite and staff. This may include group sessions, or more specific one-on-one sessions given the appropriate requirement. We educate staff by focusing on what they should do, rather than not do, so they are more informed in their role and specific situations they may face.
“Security culture is what employees do when the Security team isn't looking”
— Stu Hirst, Just Eat
We have deep experience with behavioural nudging, positive reinforcement and indirect messaging to influence behaviour and decision making of staff. Your greatest asset and first line of defence are your staff so this investment provides considerable returns in the fight against cybercrime.
The willingness of staff to read long drawn out policies and procedures diminishes over time. Our approach incorporates easy to understand and remember guiding principles for cyber security. Gamification training techniques provide engaging and memorable content. All awareness, training and education initiatives have associated qualitative and quantitative behavioural metrics aligned to ensure the success of the investment. Security champions nominated and placed within all business departments ensure the risk message is delivered adequately on an ongoing basis.
Build confidence in your people and provide them with the tools to protect your business.
Our Insights, Blog, and Case Studies provide the inspiration you need to address cyber security — and succeed as a business.