Services
Industries
Approach
Resources
About
Client Portal
SPEAK WITH AN EXPERT
search
menu close
  • Back
    • Type to search
IT security & compliance

Home Back to Insights 
Anthony Porter
Cloud Security Architect - Canon Business Services ANZ

Anthony, affectionately known as Anto, hails from Perth, Western Australia. With over 15 years of IT experience, Anto has spent the last 5 years specialising in Microsoft cloud technologies. Currently, he serves as a Cloud Security Architect at Canon Business Services ANZ, where he leverages his expertise in Microsoft Intune and Defender XDR to enhance security and streamline operations.

Anto’s career journey began in Microsoft Cloud Managed Services helpdesk, progressing through various cloud infrastructure projects, and ultimately focusing on cloud security. He is a strong advocate of the “KISS” model – Keep It Simple Stupid – ensuring that solutions are secure and effective, while still being admin and user-friendly.

Outside of his professional life, Anto enjoys spending time with his family and tinkering with his Subaru. He is also a regular at the Perth-based Microsoft Security Meetup user group, where he shares his knowledge and insights with the community.

Technical controls alone don’t ensure smarter IT security

Cyber threats are more sophisticated than ever, yet many organisations in New Zealand still rely solely on technical controls, leaving critical gaps in their security strategies.

Are you confident your current measures protect every aspect of your organisation? By focusing only on technical controls, you may overlook the critical importance of Governance, Risk, and Compliance (GRC), essential components of a comprehensive security strategy.

What role do technical controls play in cybersecurity?

Technical controls—such as firewalls, antivirus software, and intrusion detection systems—fall under the “Protect” and “Detect” categories of the NIST Cybersecurity Framework (CSF) 2.0.

They’re designed to safeguard systems and identify potential threats, which is crucial in the immediate defence against cyberattacks. However, they form only a part of the big picture in security.

The NIST Cybersecurity Framework 2.0

The NIST CSF 2.0 is an excellent example of an enterprise framework that highlights the broader scope of cybersecurity. It’s organised into six functions: Govern, Identify, Protect, Detect, Respond, and Recover. While “Protect” and “Detect” are essential, they represent only a fraction of the overall framework.
  • Govern: Establishes organisational context and governance structure to manage cybersecurity risk.
  • Identify: Understands organisational resources and cybersecurity risks.
  • Protect: Implements safeguards to ensure service delivery.
  • Detect: Identifies when a cybersecurity event occurs.
  • Respond: Takes action against detected cybersecurity events.
  • Recover: Restores capabilities or services impaired by cybersecurity events.

Why is governance, risk, and compliance so important?

GRC is the backbone of a holistic security strategy. It ensures your organisation’s IT activities align with your business goals, managing risk effectively and complying with regulations. Neglecting GRC can lead to severe consequences, including data breaches, financial losses, legal penalties, and irreparable damage to your organisation’s reputation.

Here’s why GRC is indispensable:
  • Governance: Sets the tone and strategy, defining policies and procedures that guide your organisation.
  • Risk management: Identifies, assesses, and mitigates risks that could impact your organisation.
  • Compliance: Ensures adherence to laws, regulations, and standards, reducing the risk of legal penalties and reputational damage.
Understanding these components is essential, but how can organisations effectively implement them?

The holistic security picture

Focusing solely on technical controls is like locking your doors while leaving your windows wide open. To address all aspects of cybersecurity, a comprehensive strategy must integrate GRC—governing your security posture, identifying risks, responding to incidents, and recovering effectively.

Implementing GRC can be challenging without the right resources or expertise. That’s where Canon Business Services ANZ (CBS) comes in. Our certified experts provide holistic cybersecurity solutions covering the entire lifecycle of your security needs:
  • Cybersecurity Posture Uplift Services: Secure your business with next-gen solutions. Get your cloud security operational under control, continuously assessing and defending your security posture.
  • Virtual CISO (vCISO) services: Gain access to seasoned security leadership without the full-time cost. Our vCISOs help you develop and implement robust security strategies tailored to your business needs.
  • Security strategy & roadmaps: Develop a clear, actionable plan to enhance your security posture. Our experts work with you to create a strategic roadmap that aligns with your business goals and regulatory requirements.
  • Policies & standards: Establish comprehensive security policies and standards to ensure compliance and best practices. Our team helps you create, review, and update policies to keep your organisation secure and compliant.

Get in touch

Talk to us today to optimise your operations.

Contact Us

Understanding your current security posture is crucial. CBS offers comprehensive Security Assessments to give you the full picture:
  • Cybersecurity assessments: Boost visibility and secure your data by locating system vulnerabilities in our custom workshops.
  • ACSC-aligned Essential 8 Maturity Assessment: Understand your security posture, identify gaps, and plan to uplift your defences in line with the Essential 8 framework.
  • Essential Cloud Security Maturity Assessment: Identify cloud vulnerabilities, prioritise risks, and remediate them confidently.

While technical controls are crucial, they’re just pieces of the puzzle. To build a resilient security strategy, you must include GRC. Incorporating GRC isn’t just best practice—it’s a necessity.

Don’t leave your security to chance. Contact us today to fortify your defences and stay ahead of emerging threats. Let’s build a comprehensive cybersecurity strategy tailored to your needs. Take the first step toward resilience—reach out for a Cybersecurity Assessment and start safeguarding your organisation now.

Related Services

IT SECURITY AND COMPLIANCE CYBERSECURITY ASSESSMENTS Cloud Security Assessment ESSENTIAL 8 SECURITY ASSESSMENT Cybersecurity Uplift data sheet

Trending Stories

Why is multi factor authentication important How do you prevent phishing Ethical considerations in cybersecurity

Similar Articles

VIEW ALL
alt-description
Data Analytics Microsoft Business Modernisation Business process automation IT security & compliance Cybersecurity Assessments Cybersecurity Uplift

What is Security Automation?
Learn how automated security transforms cybersecurity, making it simpler and more efficient. Protect your business data with CBS New Zealand’s expert insights now!
alt-description
IT security & compliance Cybersecurity Uplift Cybersecurity Assessments

What are the benefits of penetration testing?
Gain confidence in your digital security with the benefits of penetration testing. Enhance cybersecurity, identify vulnerabilities, and fortify your defences with CBS New Zealand's expert insights now!
alt-description
Cybersecurity Assessments Cybersecurity Uplift IT security & compliance

Cybersecurity Threat Detection: Proactive strategies
Stay ahead in cybersecurity with our 2024 guide on threat detection. Learn advanced technologies & response plans to protect your business against threats with CBS New Zealand.
alt-description
Application Modernisation IT managed services IT security & compliance

Digital transformation in different industries

Discover how digital transformation is driving innovation across industries like healthcare, finance, and retail in New Zealand. Learn more.
alt-description
IT security & compliance

How do you prevent phishing attacks?

Prevent phishing attacks with MFA, anti-phishing tools, and employee training to safeguard sensitive information and stay secure with Cannon Business Services New Zealand!
alt-description
IT security & compliance Cybersecurity Assessments

Ultimate guide to internal penetration testing
This Internal Penetration Testing guide covers techniques, analysis, and best practices for identifying vulnerabilities & strengthening your cyber defense in New Zealand.
alt-description
IT managed services Disaster Recovery Data Backup IT security & compliance

RMM Meaning and its significance in IT management
Evolving technology, key benefits, and its impact on efficiency and security. protect your business data with CBS New Zealand’s expert insights now!
alt-description
IT security & compliance

The role of AI in cyber security
Discover how AI enhances cybersecurity with faster threat detection and automated, real-time protection with Canon Business Services New Zealand.
alt-description
IT security & compliance Cybersecurity Assessments Cybersecurity Uplift

The Threat Intelligence Lifecycle explained
Discover how to navigate the Threat Intelligence Lifecycle in 2024. Our guide covers phases, analysis, and best practices for cybersecurity decision-making in New Zealand.
alt-description
Cybersecurity Assessments Cybersecurity Uplift IT security & compliance

What are the latest cyber threats and defense strategies?
Enhance cybersecurity, identify vulnerabilities, and fortify your defences with CBS New Zealand's expert insights now!
alt-description
IT security & compliance Cybersecurity Assessments

Understanding Blue Teams in cybersecurity
Explore Blue Teams' pivotal role in cybersecurity: their defense strategies, Red Team collaboration, and trends with CBS New Zealand's expert insights now!
alt-description
IT security & compliance

Why MFA is crucial for cybersecurity
Enhance your cybersecurity with MFA. Add extra layers of protection to prevent breaches and secure sensitive data with Canon Business Services New Zealand!