About

An audit practice grounded in day-to-day security work.

Cyber Security Audits NZ is an audit service of Gorilla Cyber Security, built for New Zealand organisations that want a clear, objective view of their security position without the overhead of a large consultancy engagement.

About the practice

Why a dedicated audit brand

Gorilla Cyber Security also provides managed security services to many New Zealand organisations. Whether or not Gorilla manages your systems day to day, an audit engagement sits under the Cyber Security Audits NZ brand, with its own scope and reporting line, so the report reflects what we found rather than any other relationship.

The result is the same practical grounding you would expect from a managed security provider, applied to an audit that stands on its own, whether or not you use Gorilla for anything else.

Who does the work

The people behind the audit.

Stephen Phillips, Chief Information Security Officer at Gorilla Cyber Security

Stephen Phillips

Chief Information Security Officer, Gorilla Cyber Security

Stephen leads the audit practice day to day. He brings more than 20 years in cyber security, including a term as Chief Information Security Officer for Westpac Bank in New Zealand. Audit findings are reviewed and signed off by Stephen before they reach a client, so every report reflects judgement built from day-to-day security work, not a template.

Paul Spain, CEO of Gorilla Technology

Paul Spain

Founder and CEO, Gorilla Technology

Paul founded Gorilla Technology in 1997 and has worked directly with mid-size New Zealand organisations, startups and small businesses on technology and security for more than 20 years. He has spent over 15 years promoting good cyber security practice in New Zealand media, including regular commentary on RNZ, TVNZ, Newstalk ZB and the NZ Herald, and hosts the NZ Tech Podcast. See his media appearances.

Our approach

Three things we hold to on every engagement.

Plain English first

If an owner or director cannot understand a finding, we have not finished writing it. Technical depth sits underneath a summary anyone can act on.

New Zealand context

Every recommendation is weighed against what is realistic for a mid-size New Zealand organisation or small business, not lifted from a framework written for a much larger organisation overseas.

No pay to fix pressure

You are free to take the report to any provider, including your existing IT team, to action the findings. Remediation work is always optional and separately quoted.

Part of the Gorilla Technology family

Gorilla Technology has supported New Zealand organisations with IT and security since 1997. Gorilla Cyber Security is its dedicated cyber security arm, and Cyber Security Audits NZ is where that team's audit work lives.

Gorilla Technology, est. 1997 Gorilla Cyber Security Auckland, New Zealand

Talk to the team.

Book a scoping call to discuss your organisation and get a fixed-price quote.

Book an Audit