Client Support

Remote Support

Already a client, or need further help? Contact Epic IT support.
08 9228 2945

Productivity & Collaboration
Better connected cloud
Cloud email
Cloud phone system

IT Solutions for Not For Profit
Powering not for profit
Microsoft Philanthropies

Call 08 9228 2945
Send us an email

Further Five Cybersecurity Controls

If you’ve already implemented the Essential Eight, your organisation has taken a significant step toward reducing risk. But cyber threats are evolving — and so must your defence.

That’s why the Further Five cybersecurity controls exist: to fill critical gaps that remain even after full Essential Eight compliance. These additional controls are practical, high-impact, and increasingly adopted by mature Australian businesses looking to strengthen their posture.

At Epic IT, we help Perth-based organisations assess, implement, and maintain the Further Five — turning what’s often seen as “advanced security” into manageable, operational protection.

What Are the Further Five?

The Further Five are a recommended set of controls that complement and extend the protections of the Essential Eight. While not part of the original ACSC baseline, they’ve become a recognised part of building real-world cyber resilience — especially for organisations handling sensitive data, working across multiple sites, or pursuing formal compliance or insurance alignment.

The Further Five controls are:

Backup Testing and Validation – Ensuring backups aren’t just running, but actually recoverable
Security Event Monitoring – Detecting suspicious activity before it causes damage
Vulnerability Scanning – Proactively identifying and fixing weak points in your systems
Incident Response Planning – Preparing your team to act fast and effectively in a breach
Network Segmentation – Limiting how far an attacker can move if they get inside

Each of these adds a critical layer of protection beyond standard endpoint, patching, and user controls.

Epic IT’s Approach

We start by reviewing your current Essential Eight maturity and identifying where your business is most exposed. Then, we guide you through each Further Five control — prioritising based on risk, operational fit, and urgency.

Our local team can:

Run and review vulnerability scans
Implement backup testing routines
Set up log monitoring and alerting
Develop a tailored incident response plan
Assist with segmenting internal networks across sites or departments

Whether you’re aiming for cyber insurance eligibility, internal governance, or formal frameworks like ISO 27001 — we help you build defences that stand up to scrutiny.

Have a chat to our team on .. 08 9228 2945

Like to learn more about our services?

Please let us know what you are chasing and we will respond same day.

Monday	7.00 AM - 5.30 PM
Tuesday	7.00 AM - 5.30 PM
Wednesday	7.00 AM - 5.30 PM
Thursday	7.00 AM - 5.30 PM
Friday	7.00 AM - 5.30 PM