IATRT
Operations Pty Ltd

Darwin Service

Cybersecurity Darwin

Essential Eight uplift, ASD-aligned risk treatment, CIRMP-aware governance, identity and access, backup and disaster recovery, incident response, and ongoing managed security operations — built for Darwin and NT businesses that run real operational systems.

Real cybersecurity isn't a brochure pack. It's a sequence of practical controls applied in the right order: visibility into what you have, identity and access locked down, patching that actually happens, backups you've tested, logs that get reviewed, and a plan for the day something gets through. We do all of that — scoped to your business, not a one-size template — and document the result so you can show your auditor, your insurer, or your board.

We work with regulated and operationally-sensitive environments where security has to coexist with live production systems — fleet operations, dispatch, marine, industrial. That means staged uplift, change control, and clear go-no-go criteria, not big-bang rollouts that break the business.

Book a free consultation Call 0410 152 013 IT & Comms

Service scope

Frameworks applied, not framework-shaped invoices.

Essential Eight Uplift

  • Maturity assessment against ASD's Essential Eight — honest scoring, not vendor theatre
  • Application control, patching applications, patching OS, restricting admin privileges
  • MFA rollout (modern phishing-resistant where appropriate), regular backups, hardened user app settings, restricted Office macros
  • Staged uplift plan with order, effort, and dependency on existing systems
  • Periodic re-assessment as evidence of maintained maturity

Risk & Governance

  • CIRMP-aligned risk treatment for critical-infrastructure-adjacent operations
  • AESCSF-aware controls where the sector framework applies
  • Asset register, data classification, and treatment-plan documentation
  • Vendor and supply-chain risk review — the third-party access that often gets missed
  • Board / insurer / audit-ready written reporting

Identity & Access

  • Microsoft 365 / Entra ID and Google Workspace hardening — conditional access, MFA, identity-protection
  • Privileged access management — admin separation, break-glass accounts, audit trail
  • SSO rollout to internal apps where it reduces credential sprawl
  • Joiner / mover / leaver process documented and actually followed
  • Phishing-resistant MFA (FIDO2 / passkeys) for high-risk roles

Backup, DR & Recovery

  • 3-2-1 backups with at least one immutable / offline copy — not just "we have a NAS"
  • Documented restore procedures and actual restore tests, not faith
  • Disaster-recovery plan sized to your recovery time and recovery point objectives
  • Ransomware-resistant backup architecture — the attacker's first move is to delete backups
  • Cloud DR for SaaS data (Microsoft 365, Google Workspace) — the platforms don't back you up the way most people assume

Logging, Monitoring & Detection

  • Audit logging on identity, endpoint, and critical-application surfaces
  • Centralised log collection with usable retention — not "we have logs somewhere"
  • Alerting on the events that actually matter, tuned to reduce noise
  • Endpoint detection and response (EDR) selection and deployment
  • Periodic log review and governance reporting

Incident Response

  • Ransomware response: containment, eradication, restore-from-clean planning, evidence preservation
  • Business-email-compromise triage and account recovery
  • Post-incident review and control-uplift recommendations
  • Coordination with insurers, legal, and (where required) ASD / ACSC reporting
  • Tabletop exercises before an incident, not after

Network, Endpoint & OT Security

  • Firewall, VPN, and remote-access hardening
  • Network segmentation for OT / industrial systems vs corporate
  • Endpoint configuration baseline, application allowlisting where appropriate
  • Wi-Fi separation between guest, corporate, and operational SSIDs
  • Industrial controller and PLC access control, audit logging via our industrial automation capability

Managed Security Operations

  • Ongoing patching, monitoring, and configuration drift detection
  • Vulnerability scanning and remediation under a documented cadence
  • User awareness and phishing-simulation programmes that aren't a "gotcha" exercise
  • Integrated with our broader managed support tiers
  • Real human you can call, in Darwin, not a queue ticket from offshore

How we work

Assess, prioritise, uplift, document.

We start with a free initial consultation by phone or at our Winnellie workshop. From there: a scoped maturity assessment, a prioritised treatment plan that respects what you can realistically run as a business, staged uplift with change control, and documented evidence at each step. We don't sell shelfware and we don't run "trust us" projects.

Cybersecurity sits next to our IT & Communications work and our delivery framework. For sector-specific or regulated environments see trust, and for ongoing operations see support tiers.

Location

Cybersecurity services across Darwin and the NT.

Based in Winnellie, we work with Darwin metro, Palmerston, and NT-wide clients including regional and remote operations. On-site work, remote work, and combinations of both are supported. Where critical-infrastructure or sector-specific frameworks apply we'll say so in scoping — not after the engagement starts.

Contact

Address
4/143 Coonawarra Rd
Winnellie NT 0820

Phone
0410 152 013

Email
inquiries@iatrt.com

Consultations

Free consultation by phone or at our Winnellie workshop. On-site engagements are scoped separately and proceed only after written agreement on scope, deliverables, and how we'll work alongside your existing systems.

For incident response on a live event, call directly — we'll triage scope before anything else.