ESSENTIAL EIGHT ASSESSMENT

Achieve Essential Eight Compliance
Free Assessment on a 12-Month Plan

See your maturity score across all 8 controls with a free gap analysis — audit-ready results, prioritised remediation roadmap, and your target maturity level in 4 to 12 weeks.

FABIAN ROSS
CEO
Basketball WA
Basketball WA exists to grow the game but behind the scenes, we're also custodians of personal information for tens of thousands of members, many of them children. That responsibility rests with us, and we need to take it seriously. DefenderSuite gave us the structure, the controls, and the confidence to know we're protecting that data the way we should be. It's not just a compliance checkbox, it genuinely changed how we think about our obligations.
Maria Reid
General Manager
Companion Home Care
Our team's focus belongs on the people in our care, not on managing IT security. Knowing that side of the business is handled properly, and that we can demonstrate it when partners or regulators ask, has made a real difference to how we operate. It's one less thing to carry, and that matters in an industry where your attention should never be divided.

ASD

Australian
Signals
Directorate

ACSC

Australian
Cyber Security
Centre

70%

of Australian Government entities audited their suppliers' security in 2025 — using Essential Eight Maturity Level 2 as the benchmark.
Australian Signals Directorate
Commonwealth Cyber Security Posture 2025
Luis Alegria
IT Manager
Ultimo Catering
As we've expanded our on-demand ordering and digital presence, the volume of client and financial data moving through our systems has grown significantly. We needed our security to keep pace with that growth. DefenderSuite gave us the framework to scale confidently, knowing that side of the business is handled properly as we continue to grow.
Verified partner for security and cloud services.
Australian-Owned & Operated, built for Australian compliance requirements.
Christelda Mott
Director
Superior Business Tax
As a CA registered practice and registered tax agent, our obligations to the ATO and our professional body are significant. The data we handle sits at the intersection of some of Australia's strictest regulatory requirements. DefenderPro gave us the compliance framework to meet those obligations digitally with the same seriousness we apply to every other aspect of our practice.

84,700

cybercrime reports were filed in Australia in FY2024–25 — one every six minutes, as cyber threats continue to rise in frequency and cost.
Australian Signals Directorate
Annual Cyber Threat Report 2024–25

200+

ASSESSMENTS

98%

SATISFACTION

<12h

RESPONSE TIME

24/7

MONITORING

YOUR 12-MONTH PLAN INCLUDES

Maturity
Assessment

Rated against all 8 controls

Control
Deployment

Implemented and managed

Compliance
Monitoring

Monthly reporting included

Get Started With Your Free Essential Eight Assessment

Submit in 30 seconds. We’ll be in touch within 1 business day.

Thank you

Thanks for reaching out. We will get back to you soon.
Oops! Something went wrong while submitting the form.

Assessments Typically Cost $5,000–$15,000 Yours Is Included Free

What other firms charge thousands for upfront, DefenderSuite includes on a 12-month plan — assessment, remediation roadmap and ongoing management, all in one.

Standalone assessments

$5k–$15k

Paid upfront, before any remediation begins. With no implementation support included.

Remediation quoted as separate cost

Multiple vendors, multiple invoices

Evidence outdated at next renewal

No single owner for your outcome

No clear timeline when controls go live

With DefenderSuite | 12-month plan

$0 – Free

One accountable partner from assessment to compliance. All included in your monthly plan.

Controls deployed with no disruption

Cybersecurity and compliance bundled

Continuous evidence as standard

Assessment actioned from day one

Maturity Level 1, 2 or 3 in 4–12 weeks

Why Australian Businesses Need Essential Eight Maturity

The Essential Eight is mandated across defence supply chains, government agencies and increasingly required by Australian cyber insurers — making compliance a business requirement, not just best practice.

CYBER INSURANCE

Insurers require demonstrated Essential Eight (E8) controls before issuing or renewing cyber policies.

20–40%

Premium reduction with E8 controls
Businesses that evidence their Essential Eight controls pay significantly less — documented alignment is the primary factor driving premium reductions.
Source: Marsh, Australian Cyber Insurance Market Trends 2024
Non-compliant businesses face higher premiums or exclusions.
Close-up of an Australian flag patch on a military camouflage uniform, representing DISP membership requirements and Essential Eight Maturity Level 2 compliance for defence industry suppliers

Government agencies

The Protective Security Policy Framework (PSPF) requires Essential Eight compliance across all Commonwealth entities and their commercial supply chains.

$80,850

Average cost of a cyber incident in FY2024–25
Cybercrime costs rose 50% in FY2024–25 — the financial consequence of operating without Essential Eight controls in place.
Source: ASD, Annual Cyber Threat Report 2024–25
Non-compliant suppliers risk removal from the government supply register.
Historic Australian government building tower flying the Australian flag, representing PSPF compliance requirements for Commonwealth entities and their commercial supply chains

Defence industry

Defence Industry Security Program (DISP) memberships now require Essential Eight Maturity Level 2 (ML2).

Nov 2025

Enforcement deadline
Full Essential Eight ML2 is now the minimum standard for every DISP member, with no partial compliance accepted.
Source: Department of Defence, DISP Cyber and Assurance 2025
Without, businesses cannot hold Australian Government defence contracts.
Insurance broker presenting a cyber insurance policy document on a clipboard, illustrating the requirement for Essential Eight compliance before policy issuance or renewal

DefenderSuite Delivers Essential Eight Compliance & Cybersecurity in One Plan

Continuous protection, active control management and monthly compliance reporting — all delivered by a single managed platform, with the evidence to support insurers, government contracts and board reporting.

Managed
Security

Protection across your devices, email and people.

Continuously monitored and managed by our team.

Microsoft 365
Security

Purpose-built for your Microsoft 365 environment.

Accounts, files and sensitive data kept protected.

Compliance
Governance

Frameworks and reporting across all your obligations.

Aligned to every Australian standard you must meet.

Insurance
Readiness

Evidence and reporting formatted for your insurer.

Prepared for applications, renewals and reviews.

Essential Eight Levels 1 – 3

Security environments aligned to defined maturity levels with progression built in

4 – 12 Week Onboarding

Environments onboarded, hardened, and security controls deployed within weeks

Security Control Deployment

Application control, patching, MFA, and privilege management implemented

50% + Secure Score Uplift

Security posture hardened to improve Microsoft Secure Score

Australian Government Alignment

Security controls aligned to government cybersecurity expectations and standards

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Essential Eight Levels 1 – 3

Security environments aligned to defined maturity levels with progression built in

4 – 12 Week Onboarding

Environments onboarded, hardened, and security controls deployed within weeks

Security Control Deployment

Application control, patching, MFA, and privilege management implemented

50% + Secure Score Uplift

Security posture hardened to improve Microsoft Secure Score

Australian Government Alignment

Security controls aligned to government cybersecurity expectations and standards

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Essential Eight Levels 1 – 3

Security environments aligned to defined maturity levels with progression built in

4 – 12 Week Onboarding

Environments onboarded, hardened, and security controls deployed within weeks

Security Control Deployment

Application control, patching, MFA, and privilege management implemented

50% + Secure Score Uplift

Security posture hardened to improve Microsoft Secure Score

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Essential Eight Levels 1 – 3

Security environments aligned to defined maturity levels with progression built in

4 – 12 Week Onboarding

Environments onboarded, hardened, and security controls deployed within weeks

Security Control Deployment

Application control, patching, MFA, and privilege management implemented

50% + Secure Score Uplift

Security posture hardened to improve Microsoft Secure Score

Australian Government Alignment

Security controls aligned to government cybersecurity expectations and standards

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Essential Eight Levels 1 – 3

Security environments aligned to defined maturity levels with progression built in

4 – 12 Week Onboarding

Environments onboarded, hardened, and security controls deployed within weeks

Security Control Deployment

Application control, patching, MFA, and privilege management implemented

50% + Secure Score Uplift

Security posture hardened to improve Microsoft Secure Score

Australian Government Alignment

Security controls aligned to government cybersecurity expectations and standards

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Essential Eight Levels 1 – 3

Security environments aligned to defined maturity levels with progression built in

4 – 12 Week Onboarding

Environments onboarded, hardened, and security controls deployed within weeks

Security Control Deployment

Application control, patching, MFA, and privilege management implemented

50% + Secure Score Uplift

Security posture hardened to improve Microsoft Secure Score

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Monthly Compliance Reporting

Clear reporting to track security posture and compliance maturity

Which Essential Eight Maturity Level Fits Your Business?

Maturity
Level 1

For businesses taking their first step toward Essential Eight compliance and cyber readiness.

Achieved through

Achieve Level 1
Assess Your Readiness

Maturity
Level 2

For businesses of all sizes that manage sensitive data or need to meet cyber-insurance requirements.

Achieved through

Achieve Level 2
Plan Your Upgrade

Maturity
Level 3

For regulated industries and enterprises handling sensitive data in high-risk environments.

Achieved through

Achieve Level 3
Reach Full Maturity

Compare DefenderSuite Plans

Foundational
Cybersecurity & Compliance

Small to Medium Businesses

From

We’ll recommend the right plan after your assessment.

Plan Inclusions
Fundamental Controls Plus

Endpoint Protection & Response (EDR)
24/7 Security Monitoring
Email & Phishing Protection
Automated Patching & Updates
Compliance Alignment
Baseline Cyber Readiness
SMB1001 Alignment Readiness
Get Your Free Assessment

Advanced
Cybersecurity & Compliance

Small to Medium Businesses

From

We’ll recommend the right plan after your assessment.

Plan Inclusions
Everything DefenderBasic Plus

Microsoft 365 Managed Security
1 TB CloudSafe Storage
Secure Access Verification (MFA)
Identity & Access Management
Monthly Security Reporting
Compliance Alignment
Essential Eight Level 1
SMB1001 Alignment Level 2
Microsoft Secure Score
Target of ≥ 40%
Get Your Free Assessment

Complete
Cybersecurity & Compliance

Medium to Large Businesses

Most Popular

From

We’ll recommend the right plan after your assessment.

Plan Inclusions
Everything DefenderCore Plus

Managed Detection & Response (MDR)
2 TB CloudSafe Storage
User Training & Security Testing
Data Loss Prevention (DLP)
Identity Threat Protection (ITP)
Compliance Alignment
Essential Eight Level 2
SMB1001 Alignment Level 4
Microsoft Secure Score
Target of ≥ 65%
ISM & PSPF Alignment
ASD Hardening & Blueprint for Secure Cloud Alignment
Get Your Free Assessment

Comprehensive
Cybersecurity & Compliance

Regulated Industries & Enterprises

From

We’ll recommend the right plan after your assessment.

Plan Inclusions
Everything DefenderPro Plus

Advanced Threat Hunting
& Forensics
Secure Password Vault
3 TB CloudSafe Storage
Comprehensive Monthly
Security Reporting
Compliance Alignment
Essential Eight Level 3
SMB1001 Alignment Level 5
Microsoft Secure Score
Target of ≥ 80%
ISM & PSPF Fully Aligned
ASD Hardening & Blueprint for Secure Cloud Fully Aligned
Get Your Free Assessment

From Assessment to Compliance in 3 Managed Steps

No upfront assessment fee. No separate remediation engagement. One subscription delivers all three.

Terms and Conditions
· Scope subject to assessment findings
· 12-month commitment
· 10-user minimum

01

Starting out

Your current Essential Eight maturity scored

Your environment reviewed against all 8 ASD controls with a prioritised remediation roadmap delivered within 5 business days of engaging with us.

From Unknown to Audit-Ready

Every assessment is aligned to the ACSC methodology and ASD Essential Eight framework — giving you a maturity score that holds up to government, insurer and board scrutiny.

Office monitor displaying a compliance framework diagram covering law, regulations, rules, standards, governance and policies, representing the ACSC methodology used in Essential Eight maturity assessments

02

Achieve compliance

Subscribe to the plan that matches your target level

DefenderCore for ML1, DefenderPro for ML2, DefenderElite for ML3. From $35.95/user/month with a 10-user minimum.

Targeted uplift, no disruption

DefenderSuite deploys and completely manages the security controls required to reach your target maturity level. Most businesses reach Essential Eight Level 2 within 4–12 weeks.

Hand interacting with a digital network of padlock icons representing managed cybersecurity controls deployed across a business environment to achieve Essential Eight maturity compliance

03

Staying compliant

Controls deployed and compliance maintained

Security controls deployed across your environment, monitored continuously and evidenced every month — at no extra cost.

Maintained without overhead

Monthly compliance reports formatted for board reporting, government contract requirements and cyber insurance applications — ready to share the moment they're needed.

DefenderSuite platform dashboard showing ASD Essential Eight Maturity Level 2 assessment, active incident monitoring with zero critical incidents and 59 resolved, and network session analytics for ongoing compliance reporting

Trusted by Security-Conscious Businesses

COMPLIANCE CONFIDENCE

As a CA registered practice and registered tax agent, our obligations to the ATO and our professional body are significant. The data we handle sits at the intersection of some of Australia's strictest regulatory requirements. DefenderPro gave us the compliance framework to meet those obligations digitally with the same seriousness we apply to every other aspect of our practice.

Christelda Mott
Director
Superior Business Tax

SECURITY THAT SCALES

As we've expanded our on-demand ordering and digital presence, the volume of client and financial data moving through our systems has grown significantly. We needed our security to keep pace with that growth. DefenderSuite gave us the framework to scale confidently, knowing that side of the business is handled properly as we continue to grow.

Luis Alegria
IT Manager
Ultimo Catering

ONE LESS THING TO CARRY

Our team's focus belongs on the people in our care, not on managing IT security. Knowing that side of the business is handled properly, and that we can demonstrate it when partners or regulators ask, has made a real difference to how we operate. It's one less thing to carry, and that matters in an industry where your attention should never be divided.

Maria Reid
General Manager
Companion Home Care

SECURE ACROSS EVERY SITE

Running FIFO and regional projects means our people, devices and data are constantly moving across some of WA's most remote sites. We needed to know our systems were secure regardless of where the work took us. DefenderPro handles that without us having to think about it, and the peace of mind that comes with that is worth more than we expected.

Jessica Garthshore
Managing Director
Maintain Group

REFLECTING CLIENT TRUST

DefenderPro raised the standard of how we demonstrate our professional obligations. The clients who come to Equiti do so because they trust us with their financial affairs completely, and maintaining that trust means holding ourselves to the highest standard across everything we do. DefenderPro gave us the compliance framework, the controls and the audit-ready reporting to reflect that standard clearly.

Carolyn Taylor
Personal Assistant
Equiti Partners

PROVEN ACCOUNTABILITY

Operating under the NDIS and Aged Care frameworks means our compliance obligations are significant, and data protection is a core part of that. We hold sensitive information for hundreds of clients, many of them elderly or living with disability. DefenderPro gave us Essential Eight Level 2 compliance, 24/7 managed protection, and monthly reporting we can take to our board and regulators with confidence.

Janice Early
General Manager
Prime Care Partners

FAQs About The Essential Eight Assessment

Covering scope, methodology, deliverables, and what happens once your audit is complete.

Need To Speak With A Specialist?

Phone
+ 61 1300 93 77 49
What does the Essential Eight assessment cover?

The audit assesses your environment across all 8 Essential Eight controls — application control, patch management, macro settings, user application hardening, administrative privileges, operating system patching, multi-factor authentication, and backups. Each control is assessed at Maturity Level 1, 2, and 3 against the ACSC's published criteria.

How is the assessment conducted?

Your environment is assessed directly — not through a self-reported questionnaire. Our team reviews your configurations, systems, and controls against the ACSC Essential Eight assessment methodology, with evidence collected per control at each maturity level threshold.

What do I receive at the end of the audit?

Four documents: a maturity assessment report scored across all 8 controls, a gap analysis with prioritised remediation findings, an executive summary formatted for board reporting, and an evidence pack structured for insurer submissions, government procurement, or DISP assessments.

What happens once the audit is complete?

For 12-month DefenderSuite subscribers, your remediation roadmap becomes the implementation plan for your plan's onboarding. Controls are deployed against your audit findings and monitored continuously, with monthly compliance reports tracking your progress against your target maturity level.

Which other compliance frameworks do you support?

DefenderSuite aligns to Australia's leading security frameworks including Essential Eight, the Information Security Manual (ISM), Protective Security Policy Framework (PSPF), SMB1001, ASD Hardening Guidelines, ASD Blueprint for Secure Cloud, and the Cyber Security Act. The tier you choose determines the maturity level achieved across each framework.

Essential Eight Compliance Starts Here

Whether you're meeting a contract requirement, satisfying an insurer or demonstrating compliance to government — book your free assessment and know where you stand within 5 business days.

ASD

Australian
Signals
Directorate

ACSC

Australian
Cyber Security
Centre

70%

of Australian Government entities audited their suppliers' security in 2025 — using Essential Eight Maturity Level 2 as the benchmark.
Australian Signals Directorate
Commonwealth Cyber Security Posture 2025

Prefer to speak with a specialist first?

Phone
+ 61 1300 93 77 49

Book Your Free Assessment

Submit in 30 seconds. We’ll be in touch within 1 business day.

Thank you

Thanks for reaching out. We will get back to you soon.
Oops! Something went wrong while submitting the form.