Case Study

Strengthens its Cybersecurity and Build Stakeholder trust

Client:AccessEAP

Introduction

AccessEAP is a not-for-profit organisation providing critical employee assistance and mental health services. With sensitive data at the core of its operations, protecting information assets and maintaining trust is essential.

Project Profile

  • Industry: Not-for-profit / Health & Welfare
  • Scope: Organisation-wide security uplift
  • Cybersecurity Partner: Cyberensic
  • Services Engaged: Complimentary risk assessment, ISO 27001 implementation, annual penetration testing, adoption of Secure Access Service Edge (SASE)

Challenges

  • Limited security visibility: As a not-for-profit, AccessEAP had resource constraints and lacked a clear view of its cyber risk posture.
  • Need for assurance: Partners and stakeholders required evidence of robust security frameworks.
  • Network security gaps: Legacy access solutions increased exposure to potential threats.

Solution & Approach

Complimentary Risk Assessment Cyberensic initiated the engagement with a pro bono risk assessment, identifying key risks and prioritising remediation activities. ISO 27001 Implementation The organisation was guided through the complete certification journey, from risk treatment planning and control selection to internal audit readiness and successful certification. Annual Penetration Testing To ensure ongoing resilience, Cyberensic conducts yearly penetration testing, providing assurance that critical systems and data remain protected against emerging threats. SASE Recommendations As part of strengthening their security foundation, Cyberensic advised on adopting a Secure Access Service Edge (SASE) model. This provided AccessEAP with modern, scalable access controls to mitigate risks across hybrid and remote environments.

Results & Outcomes

  • Enhanced security posture: AccessEAP achieved ISO 27001 certification, ensuring a defensible and internationally recognised security framework.
  • Ongoing assurance: Annual penetration testing validates the effectiveness of controls and identifies opportunities for continuous improvement.
  • Future-ready access: Adoption of SASE principles established a strong, modern security foundation.
  • Confidence to transform: With a secure baseline in place, AccessEAP is now progressing on its broader digital transformation journey, knowing their foundation is resilient.

Client Testimonial

"Cyberensic's partnership gave us confidence in our ability to protect sensitive information. Achieving ISO 27001 certification and regular testing ensures our stakeholders can trust that security is central to everything we do." — Les Forrest, Head of IT, AccessEAP