THANK YOU FOR SUBSCRIBING
CIOAdvisor Apac
×
CIO Advisor APAC Weekly Brief
Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Advisor APAC
Envista: An Independent and Comprehensive Approach to Cyber Security
Since 2005, Australian based Envista has been quietly providing independent expert advice to National Security Sector clients to help them deliver capable and secure IT systems. The company was founded to provide strategy, architecture, and project delivery services to achieve business outcomes in security conscious environments. Over the last 12 years, Envista has built a reputable team of experts attracted to tackling interesting and challenging projects. With 100 specialists and growing, Envista helps clients deliver large and complex projects including working on two of the largest cyber security programs in Australia.
From the outset the company has promoted a “security engineering” mindset and contributed to changing the approach to cyber security implementation, from a “bolt-on” consideration at the end of a system’s design phase to being a key focal point from the very beginning.
Why Envista?
“We take a pragmatic and risk based approach to implementing cyber security practices,” explained Andrew Carstens, who is one of Envista’s three Directors. “As an independent consulting company we have no vendor affiliations, so our advice is without bias or influence. As a trusted partner, our goal is to provide comprehensive solutions that span people, process, and technology. This ensures integrated cyber security solutions for our client’s mission critical systems.”
Carstens said Envista’s methodology ensures security is integrated across all phases of the system development lifecycle using a flexible risk-based approach.
“The company is motivated to help clients deliver solutions that meet business objectives. Envista has found through experience that introducing robust security measures from the start of a project is easier to implement, with the resulting capability system being more sustainable and cost effective over the long term,” he explained.
“Think of it this way. Building a stone castle on a hill is easier and cheaper to defend than a timber house in a valley. The right plan, design, and approach prevents problems down the track.”
Carstens said Envista has shown that projects can be delivered more quickly and successfully (and more securely) by putting in the engineering and design effort up front.
“Projects which progress too quickly to the build and implementation phase usually end up spending more time and money on re-work, not to mention the potential to compromise security and risk downtime of operational systems," he said.
Envista’s team also understands the challenges many organisations face with budgets and schedules. Trade-off and cost-benefit analysis of security controls is a key consideration, and it is important to present options with their pros and cons so client management can make informed decisions.
From the outset the company has promoted a “security engineering” mindset and contributed to changing the approach to cyber security implementation, from a “bolt-on” consideration at the end of a system’s design phase to being a key focal point from the very beginning.
Why Envista?
“We take a pragmatic and risk based approach to implementing cyber security practices,” explained Andrew Carstens, who is one of Envista’s three Directors. “As an independent consulting company we have no vendor affiliations, so our advice is without bias or influence. As a trusted partner, our goal is to provide comprehensive solutions that span people, process, and technology. This ensures integrated cyber security solutions for our client’s mission critical systems.”
Carstens said Envista’s methodology ensures security is integrated across all phases of the system development lifecycle using a flexible risk-based approach.
“The company is motivated to help clients deliver solutions that meet business objectives. Envista has found through experience that introducing robust security measures from the start of a project is easier to implement, with the resulting capability system being more sustainable and cost effective over the long term,” he explained.
“Think of it this way. Building a stone castle on a hill is easier and cheaper to defend than a timber house in a valley. The right plan, design, and approach prevents problems down the track.”
Carstens said Envista has shown that projects can be delivered more quickly and successfully (and more securely) by putting in the engineering and design effort up front.
“Projects which progress too quickly to the build and implementation phase usually end up spending more time and money on re-work, not to mention the potential to compromise security and risk downtime of operational systems," he said.
Envista’s team also understands the challenges many organisations face with budgets and schedules. Trade-off and cost-benefit analysis of security controls is a key consideration, and it is important to present options with their pros and cons so client management can make informed decisions.
Envista’s success is based on delivering tangible value-for-money outcomes and providing a positive customer experience
Carstens also highlighted the importance of cyber security training within an organisation. “At the end of the day, IT systems are there to support business functions that are often carried out by people. If staff are aware of how adversaries attack and how their own personal actions can help reduce the likelihood of compromise, then they are more likely to accept security controls and contribute to the goal of continuous security improvement. In many cases, investment in staff training and good security processes will deliver a better security posture than relying on technology investments alone. Companies mistakenly think all cyber security solutions always involve technology.”
The Success Story
Envista’s success is based on delivering tangible value-for-money outcomes and providing a positive customer experience. Referrals, recommendations and repeat business has underpinned the company’s growth, which is testimony of the firm’s success.
Carstens highlighted a current project delivering a computer network defence capability where leading-edge security and monitoring capabilities are being implemented within a large enterprise. Envista is also assisting other clients to establish their cyber security strategy and security architecture to improve the confidentiality, integrity, and availability of their data and IT assets.
“Envista has also had interest from suppliers to the National Security and Critical Infrastructure sectors. These companies are required to maintain the security standards of the clients they supply, and need help developing processes and systems which protect their own production systems and their client’s data. National Security and Critical Infrastructure owners must also be diligent in understanding and securing their supply chain. Both owners and suppliers value independent advice that is free from a specific product or software sales bias,” Carstens said.
Expanding Nationally
Envista has a growing presence in the Australian cyber security market. There are few firms with a comparable track record delivering cyber security capabilities and possess the breadth and depth of experience of Envista. This provides them with the unique opportunity to leverage their expertise across additional market sectors.
The company has commenced expansion plans to support the Critical Infrastructure sector due to the similar security requirements of mission critical systems, in a world where the Internet of Things and convergence is driving hyper connectivity. Leveraging their experience and know-how, Envista is currently helping a State Government client develop a Cyber Risk Management Standard for their Industrial Automation and Control Systems (IACS).
