Define your guiding principles and design your control approach and framework.
Design Blackboard image

Not all solutions are the same and the cost of bad design may mean your reputation built over years can vanish in an instant. Our methodology and approach for cyber security architecture and control design is human-centred. Human behaviour is the most important element to consider in security design. The objective is to reduce friction by implementing seamless security solutions that enable employees to conduct their work efficiently removing any roadblocks. In cyber security, people ignore and circumvent controls that ignore people and make their daily tasks challenging.

Design Methodology Diagram
“The broader one's understanding of the human experience, the better design we will have.”
— Steve Jobs

Due to technological advances, deprecation occurs frequently to once sound design. We maintain detailed reference architecture models for different risk scenarios to support accelerated transformation through years of lessons learnt. Our designs are aligned to accepted cyber security control frameworks and design patterns. We practice security by design, privacy by design and ultimately trust by design.

We assist clients in identifying the best technology to suit their business context. Tannhauser, as a business, has made the conscious decision to remain product and vendor agnostic so we can truly provide transparent independent advice rather than selling tools and technology aligned with our individual business goals. Our experience allows us to provide clients with comprehensive benefit analysis of proposed solutions.

Risk vs Cost diagram

We work with you to help define cyber security guiding principles, objectives, strategies, policies, and select suitable controls to protect the organisation’s critical assets within the appropriate budget. We support your business case documentation building stakeholder support and justification for investment.

Tannhauser strives for the correct optimisation of people, process and technology to help your organisation deliver the required cyber security outcomes. We acknowledge we may not have all the answers to cyber security; however, we will make sure you have all the available information to make the best possible decision.

What we would need from you:

  • Key stakeholder engagement
  • Workshops
  • Existing documentation
  • Business Strategy walk-through

What we deliver:

  • Architecture and/or control designs and patterns
  • Service strategy and platform approach
  • Consolidation of existing architecture
  • Reduction in total cost of ownership
  • Improved risk management outcomes


Reduce exposure to increasing cyber threats and secure your valuable assets with a pragmatic delivery.
Transformation - Building site image

Organisations must embrace digital transformation if they are to succeed. Transformation must be led by highly engaged leaders who treat transformation as a cultural shift shaping an organisation’s future. The ideas supporting the cultural shift should be the strategic identity for that company. This identity can be used to bring stakeholders along the journey connecting with the community and providing engagement across business.

Cyber security must be aligned with business objectives to enable successful transformation investment, allowing the companies to fall fast in a change context must be in the company’s DNA. The ability to learn to fail fast and take those valuable lessons along your journey to digital transformation will prove invaluable.

Transformation Methodology diagram
“There is no alternative to digital transformation. Visionary companies will carve out new strategic options for themselves — those that don’t adapt, will fail.”
— Jeff Bezos, Amazon

Our experienced project managers can provide support for large cyber security portfolios, programmes and individual projects. We will bring an informed perspective and help future proof your business by executing solutions that can adapt to the current changing landscape and technology.

Our approach to cyber security transformation is built on six imperatives:

1. Your strategic identity must be linked to your most distinctive capabilities and skills;
2. Automation of business operations threat led and driven by data, leveraging machine learning and artificial intelligence (AI);
3. The future state quest for efficiencies must consider the exploitation of existing processes and innovation of new ways of working;
4. Security, Privacy and Trust by design approaches must be prioritised as critical outcomes;
5. Adopt open digital architecture to provide the ability to mobilise and pivot quickly; and
6. Connect with the community and enable the workforce of the future.

Within Transformation, we help you re-create your security posture in order to reduce exposure to cyber security threats and secure your valuable assets. Not only will we help with the delivery of outcomes, we will help provide security awareness that will ensure alignment between people, process and technology.

Maturity Levels Diagram

Transformation within an organisation must start with tone at the top. Tannhauser works with both the board and executive management to help structure the governance of cyber security risk. With the appropriate strategic approach in place, those responsible will be able to challenge themselves as to whether their response is adequate against the rapidly evolving threat.

What we would need from you:

  • Stakeholder Workshops
  • Strategic identity
  • Existing roadmaps and future state considerations
  • Portfolio, programme and/or individual project approach

What we deliver:

  • Solutions integrated into your business
  • Engagement across the business
  • Cyber security solutions aligned to future state business objectives
  • Ability to pivot quickly if demanded by the project

Awareness, Training and Education

Invest in your most valuable asset, people. Elevate your resilience to cyber attacks.
Face to Face education image

Tannhauser believes the most effective way to reduce your organisation’s exposure to cyber threats is through the improvement in the awareness of your people. We deliver tailor-made education and training to your board, executive suite and staff. This may include group sessions, or more specific one-on-one sessions given the appropriate requirement. We educate staff by focusing on what they should do, rather than not do, so they are more informed in their role and specific situations they may face.

Awareness Training Methodology
“Security culture is what employees do when the Security team isn't looking”
— Stu Hirst, Just Eat

We have deep experience with behavioural nudging, positive reinforcement and indirect messaging to influence behaviour and decision making of staff. Your greatest asset and first line of defence are your staff so this investment provides considerable returns in the fight against cybercrime.

The willingness of staff to read long drawn out policies and procedures diminishes over time. Our approach incorporates easy to understand and remember guiding principles for cyber security. Gamification training techniques provide engaging and memorable content. All awareness, training and education initiatives have associated qualitative and quantitative behavioural metrics aligned to ensure the success of the investment. Security champions nominated and placed within all business departments ensure the risk message is delivered adequately on an ongoing basis.

Build confidence in your people and provide them with the tools to protect your business.

Awareness Training Education Building Blocks

What we would need from you:

  • Existing Security Awareness, Training and Engagement
  • Tone at the top set by senior management
  • Time investment of your people

What we deliver:

  • Tailored content specific to roles and responsibilities
  • Group and/or one-on-one sessions
  • Culture programmes
  • Qualitative and quantitative behavioural metrics and risk reporting


Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.



Our Insights, Blog, and Case Studies provide the inspiration you need to address cyber security — and succeed as a business.


Our observations of the current cyber security landscape, a fresh perspective on what you need need to focus on right now


A personal perspective on breaking news and industry trends

Case Studies

Examples that demonstrate how we've helped make companies like yours more secure