Not every briefing is free reading.
Three long-form documents, each written for a specific seat at the table — the owner, the board, and the operator managing the first day of an incident. Unlock with a work email and your role.

The Australian SMB Cyber Risk Report 2026
A data-driven look at what is actually targeting Australian businesses under 500 staff — sector breakdowns, breach-cost analysis, and where the control gaps consistently sit.
- ACSC report trends and what the year-on-year rise means by sector
- Average breach cost and business-closure rate for Australian SMBs
- Which control gaps appear most often across our own assessment data
- A benchmarking checklist to compare your own posture against the sector
76,000+
cybercrime reports to the ACSC in FY24-25
The Board's Guide to Cyber Risk Oversight
Cyber risk has become a governance question, not just a technical one. A practical guide for directors on the questions to ask, the obligations that apply, and the escalation protocol a board should expect.
- Director duties and cyber risk under Australian corporate and privacy law
- APRA CPS 234 governance expectations for regulated entities
- The questions a board should ask management before an incident, not after
- A board-ready incident-escalation and reporting protocol
67%
of AU SMB owners rate cyber a top-3 concern
Incident Response Playbook: The First 24 Hours After a Breach
The decisions that matter most happen in the first day. A practical, operational playbook covering containment, the Notifiable Data Breaches clock, and how to communicate without making things worse.
- A first-hour containment checklist, in the order actions should happen
- The Notifiable Data Breaches 30-day assessment clock, explained
- Internal and external communication templates for staff, clients, and regulators
- A structured post-incident review so the same gap does not reopen
30 days
the NDB assessment clock once a breach is suspected
Reading is research. The assessment is the answer.
The whitepapers above tell you what to look for. The Cyber Readiness Assessment tells you exactly where you stand — credited toward your first year if you go further with us.