Case Study


Campbelltown City Council is one of the largest councils in Australia. Over the last few years, the Council has gone through significant changes in their ICT environment. While numerous security controls were implemented in the scope of the transformation, the Council stakeholders were looking for a local cybersecurity partner to better understand the current cyber security posture of the organization, including associated weakness and exposures as they are seen from an external attacker perspective.

ThreatDefence bridged the visibility and resource capability gap within our existing cybersecurity controls, resources and technology. We consume the complete Cybersecurity as a Service offering from ThreatDefence and the included products / services are excellent value for money for most budget conscious Council teams (like ours). The ThreatDefence team truly operates as an extension to our in-house ICT team. The uplift in our Cybersecurity posture means my team and I can sleep better in the current climate of persistent threats.”

Ari Aich, Head of Technology, Campbelltown City Council

Traditionally, local government organisations have had little reason to worry about cyber risks. However, these days the threat landscape has changed, and poor cyber security management can expose local government organisations such as councils to a broad range of risks, including financial loss, reputational damage, and data breaches.

The potential impacts for local government organizations might include:

  • Theft of corporate and financial information and intellectual property, or theft of money
  • Third-party losses when personal information stored on government systems is used for criminal purposes
  • Reputational damage associated with the loss of citizens’ personal information
  • Enormous incident response and investigation costs incurred due to a compromise.

Being concerned with the increasing number of cyber attacks targeting local government organizations, the Council stakeholders were seeking to understand their level of readiness to tackle cyber security incidents, such as:

  • Do we have complete visibility into our cloud infrastructure, and can we quickly detect account takeovers, contain a threat, and provide assurance to the business that attackers did not spread to other user accounts?
  • Can our IT staff provide assurance that your systems are not currently compromised?
  • Are we ready to respond to a security data breach associated with citizens’ personal data exposure?
  • How quickly can our team detect, investigate, and contain cyber threats?

The Council engaged ThreatDefence to perform a security review and analysis of the Council’s security posture, as well as to assess if the environment had any indicators or compromise, or significant security weaknesses and misconfigurations. During the assessment, ThreatDefence worked with the Council to review the entire business environment and to identify any security weaknesses or exposures. ThreatDefence consultants focused on the practical aspects of cyber security to assist the Council identifying both tactical and strategic opportunities to enhance the maturity of cyber security and privacy programs.

ThreatDefence equipped our IT department with superior abilities to collect and analyse security eventsproactively, and respond to data breaches if they occur. Being able to contain threats in real time provides a tremendous value to our organisation.”

Ari Aich, CIO, Campbelltown City Council

ThreatDefence’snetwork, endpoint and cloud sensors were deployed to to analyse network traffic, collect security events from the infrastructure in real time, and scan systems for any indicators of compromise. The collected data was analysed by the Threatefence XDR platform with the use of security analytics to identify any malicious indicators, or any suspicious or anomalous behavior. Through the use of this service, the Council was able to greatly enhance their cyber security posture, and to build an actionable list of remediation to execute as part of their cyber security program.

Following the initial assessment, Campbelltown Council engaged ThreatDefence to provide ongoing cybersecurity management through the complete Cybersecurity as a Service program, which including continuous security monitoring, threat detection, vulnerability management, and incident response.

Protect Your Organisation With ThreatDefence