See it work · 4 acts · ~4 min read

Two weeks to the board.
Six to DISP renewal.

Mira runs risk & compliance at a 280-person engineering firm with four branches. This is what one quarter looks like on Cybereen, told through one of her quarters. Essential Eight is the framework. The story is the product.

Mira and the engineering firm in this walkthrough are a composite of real customer patterns — not a single named customer. Every screen reflects real platform behaviour; the people and timestamps are representative.

1The Monday
email
2One view,
four branches
3The gap, in
plain English
4Board pack,
ready Thursday
Act 1Mon · 08:14 · before Cybereen

Two weeks to the board.
Six to DISP renewal.
Mira opens last quarter's spreadsheet.

Half the branches haven't filled it in. The other half used different criteria. This is the part the platform demos always skip.

Last updated 14 December.
Brisbane partially filled. Sydney blank.
Darwin: "Mike to send through".
Melbourne: different version of the criteria.

Essential Eight — Maturity 2023.xlsx ASD ISM controls DISP renewal checklist Inbox (47)
E8 — Maturity 2023.xlsx
SydneyBrisbaneMelbourneDarwinGroup
ControlMLOwnerEvidenceStatus App control1missing Patch apps2Mikestale MFA1?? Admin priv2 Backups1Sam2023-08partial Patch OS2Mikestale Macros1 Hardening2missing
LAST UPDATED 14 DEC 2024
Inbox · Mira Patel
James Whitford, CFOjwhitford@perfectashlar.com.auMon 08:09
Board pack — Essential 8 status?
Hi Mira — board meets in two weeks. Could you put together a one-pager: where the group stands on E8, what the gaps are, what the plan looks like before DISP renewal? Thanks. J.
Chase Darwin?
Mike out til Wed
DISP renewal
6 wks ←
Now, on Cybereen

Same data. Same evidence. Same audit trail. Just visible, finally.

Act 2Mon · 09:30 · Cybereen / Portfolio

First time she's seen the whole group on one screen.

Three branches at 93%+. One branch at 40%. The variance was always there. It just wasn't visible.

  • Group score: 82% — held down by one outlier, not several.
  • Darwin is at 39.67% with an active alert. Last activity: 35 minutes ago. The data is current.
  • Mira didn't send anyone a request. Every branch has been assessing in Cybereen this quarter.
Act 3Mon · 09:42 · Drilling into Darwin

From "we have gaps" to "these specific four things, in plain English."

Darwin's MFA-1 control. Three boxes ticked, four to go. Same control at Sydney shows what done looks like.

  • Each missing criterion reads like a sentence an auditor would write — not a CVE, not a technical scan.
  • Sydney's completed criteria carry a "who, what, when" trail. Cybereen calls it "Completed by — on —". The audit calls it evidence.
  • Eight gapped controls across the group. Each one has an owner field ready to populate.
Act 4Fri · 09:22 · Board pack, ready

Board pack, Friday morning. Five days early.

One PDF: current state, gap analysis, remediation plan. The auditor and the board read from the same document. So does the DISP application.

  • Two clicks: Compliance Summary for the board, Remediation Report for the auditor.
  • Maturity radar shows current vs target. The board reads the gap shape in three seconds.
  • CSV export sits next to the PDF — for teams running their own analytics pipelines.

"Five days ahead of the board. I haven't been five days ahead of anything in years."

— Representative quote · Head of Risk & Compliance, AU engineering firm · illustrative composite
Portfolio Overview

Client Portfolio

Multi-client overview — triage at a glance, drill into any client from here.

Viewing Portfolio: Perfect Ashlar Pty Ltd
Total Clients
4
Avg Compliance
0%
Critical Alerts
0
Active Remediations
0
Search
Health
All
Tier
All
Sort by
Health (critical first)
View
Cards
Darwin BranchSatellite
0%
Standards5/5
Critical Gaps4
Remediations5
Last Activity35 min ago
Melbourne BranchRegional
0%
Standards5/5
Critical Gaps1
Remediations2
Last Activity2h ago
Brisbane BranchRegional
0%
Standards5/5
Critical Gaps0
Remediations1
Last Activity4h ago
Sydney BranchHQ
0%
Standards5/5
Critical Gaps0
Remediations0
Last Activity14m ago
Darwin Branch · Essential Eight · MFA-1

Multi-Factor Authentication — Maturity Level 1

Target MLLevel 1
PriorityP2
OwnerUnassigned
Updated35 min ago
3 of 7 Level 1 criteria complete
  • MFA is used by an organisation's users if they authenticate to their organisation's internet-facing services.— Branch IT Lead · 12 Mar 2026
  • MFA is used by an organisation's users if they authenticate to third-party internet-facing services that process, store or communicate their organisation's non-sensitive data.— Branch IT Lead · 12 Mar 2026
  • MFA is used by an organisation's users if they authenticate to a third-party internet-facing service that process, store or communicate their organisation's sensitive data.— Branch IT Lead · 14 Mar 2026
  • MFA is used to authenticate users to their organisation's online customer services that process, store or communicate their organisation's sensitive customer data.
  • MFA uses either: something users have and something users know, or something users have that is unlocked by something users know or are.
  • Successful and unsuccessful MFA events are centrally logged.
  • Event logs are protected from unauthorised modification and deletion.
Sydney Branch · Essential Eight · MFA-1

Multi-Factor Authentication — Maturity Level 3

Target MLLevel 3
PriorityP3
OwnerIT Lead, Sydney
Updated17 May 2026
All 14 criteria complete
  • MFA is used by an organisation's users if they authenticate to their organisation's internet-facing services.— Sydney IT Lead · 03 Feb 2026
  • MFA is used to authenticate users to their organisation's online customer services that process, store or communicate their organisation's sensitive customer data.— Sydney IT Lead · 19 Feb 2026
  • MFA uses either: something users have and something users know, or something users have that is unlocked by something users know or are.— Sydney IT Lead · 22 Feb 2026
  • MFA is phishing-resistant.— Sydney IT Lead · 04 Mar 2026
  • Successful and unsuccessful MFA events are centrally logged.— Sydney IT Lead · 04 Mar 2026
  • Event logs are protected from unauthorised modification and deletion.— Sydney IT Lead · 11 Mar 2026
  • Event logs are analysed in a timely manner to detect cyber security events.— SOC · 17 May 2026
8 gapped controls All ready to assign — owner, priority, target date fields populated. See full Remediation Report →
Compliance Summary
Audit Trail Export
Remediation Report
Control Coverage

Compliance Status Summary

ACSC Essential Eight · Perfect Ashlar Group · target ML1

90%Group
52Completed
8In Progress
0Not Started

Maturity Levels Radar

Current vs target across 8 controls (ML 0–3)

App Control Patch Apps Macros User App Hard. Admin Priv. Patch OS MFA Backups
Target Maturity Level Current Maturity Level

Criteria Progress

Completed vs remaining per strategy

App Control Patch Apps Macros User App Hard. Admin Priv. Patch OS MFA Backups 0 8 16 24 32
Completed Remaining

Remediation Report — 8 open · all assignable now

CodeControlBranchTarget MLPriorityOwner
MFA-1Multi-Factor AuthenticationDarwinML1P1Unassigned
PATCH-OSPatch Operating SystemsDarwinML1P1Branch IT Lead
USR-APPUser Application HardeningDarwinML1P2Unassigned
ADMIN-PRRestrict Admin PrivilegesDarwinML1P2Unassigned
BACKUPRegular BackupsMelbourneML2P3S. Park
Audit trail attached
Friday morning, 09:22

The work is done.
On time. Defensible.

If your quarter looks more like Act 1, the next quarter doesn't have to. Book a guided walkthrough on your own data — we'll bring the questions, you bring the spreadsheet.

Book a guided walkthrough → Talk to us

Or read the Essential Eight overview · 8 strategies, 4 maturity levels, what auditors actually want