Sicarius · Beacon
Know where you stand. Prove it when it matters.
Most directors say yes. They mean it. They trust their IT team, their MSP, the tools that are running in the background. And they're probably right.
But trust isn't evidence. And increasingly, evidence is what's being asked for.
Beacon gives you the independent view, the documented record, and the proof — so when someone asks, you don't have to hope the answer is yes. You can show them.
See what Beacon produces — sample reports
01
Your cyber insurance renewal is coming up. Last year they asked a few questions. This year the form is twelve pages and they want documented evidence of your controls. Your IT provider has never produced that document.
02
A government procurement panel has shortlisted you. The final requirement is an Essential Eight compliance report. You've never heard of the Essential Eight. Neither has your IT team — or if they have, they've never had to produce a formal assessment.
03
You've just read about another Australian business in the news. A breach. A regulatory investigation. A director personally named. You close the article and think: if that happened to us, what would I point to? What would I show them to prove we took this seriously?
If you recognised yourself in any of those — that's exactly what Beacon is for.
The moment it becomes real
"The work is probably being done.
But nobody can see it clearly — or show it on demand."
The director assumes their IT person has it covered. The IT person has deployed tools but has no single view that confirms it. The MSP is managing thirty clients and can't quickly prove to any of them that everything is working.
They all share the same gap. Beacon closes it — without replacing anything already in place.
What Beacon actually is
Beacon connects to the platforms and systems already running inside and outside your business — and surfaces what they're doing into a single, scored, continuously updated posture report.
Now you know. Your IT person knows. Your insurer can see it. Your board can understand it. And when someone asks — you have an answer.
The goal isn't 100%. Nobody is at 100% — and any report that claims otherwise isn't being honest. The goal is to know where you stand, close the gaps that matter, and demonstrate that you are continuously moving forward. That's what insurers, clients, and regulators actually want to see.
"We were three weeks from a government tender deadline when the panel asked for an Essential Eight report. We had nothing. Sicarius had us producing a signed Proof Report within two weeks. We won the contract."
— Director, professional services firm, Melbourne
"Our PI insurer asked for documented evidence of our cyber controls at renewal. A year earlier we would have had nothing to send. This year we sent the Beacon Cyber Assurance Summary. The conversation took five minutes."
— Principal, legal firm, Sydney
"I assumed our IT provider had everything covered. Beacon showed me two things that weren't in place that I didn't know about. Both were fixed within the month. I now have a report I can show anyone."
— Business owner, 18 staff, Brisbane
How it works
Defend
Are you protected against known threats?
Patching, MFA, email filtering, endpoint protection — measured and evidenced from your actual environment. Not assumed. Confirmed.
Detect
Will you know when something happens?
Continuous monitoring across devices, accounts, credentials, and domains. The moment something surfaces — you know about it.
Respond
Can you act fast enough to limit the damage?
Sicarius responds on your behalf. Managed incident response is included — up to 10 hours per incident. You are not handling this alone at 2am.
Recover
Can you get back to normal?
Backups, business continuity, and a permanent evidence record. Reviewed monthly by Sicarius. So when the question is asked, the answer is already documented.
Baseline Security Assessment
Most Australian businesses have some security in place. Tools are running. Someone is managing them. The director assumes it's covered. But without an independent assessment, this is what's actually true:
If your insurer asks for documented evidence of your controls at renewal — you don't have it.
If a government or enterprise tender requires Essential Eight compliance evidence — you can't provide it.
If a breach occurs and a regulator, a lawyer, or an insurer asks what steps you took — there is no record to show them.
If your IT provider's work has gaps between tools that nobody owns or monitors — nobody knows. Including you.
That's not a technology problem. It's a documentation and visibility problem.
And it's the problem the Baseline Security Assessment is designed to fix — permanently.
This is not software access. It is not a questionnaire you fill in yourself. It is an independent security assessment of your business — conducted by a qualified security firm with over twenty years of forensic and incident response experience — and it produces a signed, evidenced report you can act on immediately.
A comparable assessment from a consultancy costs $8,000–$15,000 and produces a PDF that sits in a drawer. It is accurate on the day it is printed and out of date the moment your environment changes.
The Sicarius Baseline Assessment is different in one critical way: it doesn't end. It becomes the foundation of continuous monitoring that updates automatically as your environment changes. The report is never out of date. The evidence is always current.
A full environment review across all four pillars
Defend, Detect, Respond, Recover — assessed against your actual environment, not a generic checklist.
Your platforms and tools connected and reporting
Whatever is already running in your business — integrated into Beacon and producing live data from day one.
A signed Cyber Assurance Summary
Reviewed and signed by a Sicarius analyst. Ready to hand to an insurer, a procurement panel, or a board within two to four weeks of your scoping call.
Continuous monitoring from that point forward
The assessment doesn't sit in a drawer. Beacon monitors your environment around the clock and updates your posture score automatically. Your report is always current.
Sicarius analyst time — included
Every report is reviewed by a Sicarius analyst before it is signed. You are not getting automated output. You are getting a qualified professional's sign-off on the state of your business.
For context — a single breach response under the Notifiable Data Breaches scheme typically costs more in legal fees, regulatory notifications, and remediation than a full year of Beacon. A single failed tender due to missing compliance evidence often represents more revenue than three years of the platform.
The $3,500 is a one-time cost. The alternative — a consultancy assessment — costs three to four times as much, goes out of date immediately, and produces nothing you can monitor or update.
Discretionary pricing available for micro-businesses. Ask us.
Book your assessment callFor IT providers and MSPs
When a client asks their IT provider for evidence of their cyber controls — for an insurer, a tender, or a board meeting — the honest answer is usually "we don't have a document that answers that." Beacon changes that.
You remain their primary technology partner. Sicarius runs the platform and the reporting. Your relationship is preserved — and strengthened.
Named in the Proof Report as the Technical Coordinator responsible for the controls you manage.
20% of first-year subscription revenue for every client you refer to Beacon.
Sicarius runs the onboarding sessions. You show up as the expert who made it happen.
Connects to tools you've already deployed. No rip and replace. No conflict with existing managed services.
Sicarius · Forensics
When an incident occurs — a suspected fraud, a data breach, a staff matter, or a dispute heading toward litigation — Sicarius investigates. We collect evidence correctly, maintain chain of custody, and produce findings in a format that courts, insurers, and regulators can act on.
Digital evidence collection and preservation
Chain of custody documentation
Forensic analysis of devices, accounts, and systems
Expert witness testimony for litigation support
Fraud and insider threat investigations
Incident response and breach investigation
Engagements typically include
Employee misconduct matters
Device forensics, account access review, communications analysis.
Fraud and financial crime
Transaction tracing, document authenticity, evidence packaging for prosecution.
Breach and incident investigation
Scope determination, root cause analysis, regulatory notification support.
Pre-litigation evidence gathering
Court-admissible reporting, expert witness availability on request.
"Sicarius is reliable, professional, digital forensic experts, and have demonstrated the highest level of integrity on which we rely for this component of our forensic investigations for our clients, and as and if necessary the ability for Sicarius to give expert evidence testimony in support of litigation."
Roger Darvall-Stevens
Partner, Fraud & Forensic Services · RSM Australia
Sicarius · Open Source Intelligence
Before you engage a new partner, hire a senior employee, or enter a significant transaction — you need to know who you're dealing with. Sicarius conducts structured, sourced, open-source intelligence research and delivers findings that are defensible in a professional or legal context.
Corporate and individual due diligence
Threat actor and adversary profiling
Pre-engagement background research
Supply chain and counterparty risk
Litigation and dispute support research
All findings sourced and documented
Common use cases
New business partner or investor
Who are they, really? Corporate structure, related entities, prior disputes, adverse media.
Senior hire or contractor
Verify credentials, identify undisclosed associations, confirm professional history.
Counterparty in a transaction
Pre-deal intelligence to identify risk before contracts are signed.
Threat actor research
Who is behind an attack, a campaign, or a pattern of behaviour directed at your organisation.
Legal and litigation support
Sourced intelligence packaged for use by legal counsel or in formal proceedings.
Common questions
Do I need technical knowledge to use Beacon?
No. Beacon is designed for business owners and directors. Your Security Lead and IT provider handle the technical setup.
What if I don't have an IT provider?
Sicarius can help identify one, or discuss acting as your Technical Coordinator directly.
How long does setup take?
The target is a fully operational platform with your first Cyber Assurance Summary within 14 days of starting.
Is my data stored in Australia?
Yes. All customer data is hosted in Australia.
What's the difference between Beacon and a penetration test?
A penetration test is a point-in-time assessment. Beacon is continuous monitoring. The two are complementary — and a strong posture score makes the pen test conversation easier too.
Can I cancel?
Yes. Monthly subscription, cancel any time. The one-time assessment fee is non-refundable.
Ready to know — and prove it
We'll show you a live demonstration of Beacon, understand your environment, and confirm the right setup for your organisation. No sales pressure. Honest advice about whether Beacon is right for you.
Or reach us directly — 1300 027 401 · info@sicarius.com.au