Guides, frameworks, calculators, and whitepapers from our practice. Everything here is grounded in real engagements, free to use, and always vendor-neutral.
There is no AI Act coming to Australia. In December 2025 the government shelved its proposed mandatory guardrails and put the weight back on existing law. That does not let boards off the hook. It moves the obligation onto directors today.
ReadVendors overstate what their AI can do, and regulators are now punishing it, increasingly when the lie is told to business buyers. Every enforcement finding is also a question you can ask before you sign.
ReadAdoption of generative AI is now near-universal. Measurable return is not. The 2025 evidence is stark, and it points at execution discipline rather than model quality. A companion to our guide on the 80% failure rate.
ReadAn employee joined a video call with their CFO and several colleagues, then transferred HK$200 million. Every face on the call was a deepfake. The control that would have stopped it costs nothing: a phone call to a known number.
ReadAustralia’s Cyber Security Act 2024 makes ransomware payment reporting mandatory for businesses over $3 million turnover. The education-first grace period ended on 1 January 2026. Most mid-market companies are now caught, and most have not wired the obligation into their incident plan.
ReadWhy most AI projects fail to deliver business value, and the framework that helps the 20% that succeed. Spoiler: 70% of the challenge is people and process, not technology.
ReadThe ACSC Essential Eight is the de facto baseline for Australian cyber maturity. MSPs claim alignment routinely; only a fraction can produce evidence. A board-grade guide to the eight controls, the four maturity levels, and what to actually ask for.
ReadOnly 4% of ASX 100 directors have IT backgrounds. With an average global data breach cost of $4.44 million, that gap is no longer tolerable.
Read39% of MSPs cite keeping up with cybersecurity as their biggest day-to-day challenge. When breach costs hit $4.44M globally, the gap between marketing and capability needs scrutiny.
ReadUnder the Privacy Act, an eligible data breach must be notified to the OAIC and affected individuals "as soon as practicable". Most mid-market organisations discover the gap between policy and capability only after the clock has started.
Read68% of CIOs report concerns about vendor lock-in. Switching costs average $247,000 over 15 months. The contractual and architectural patterns that create lock-in, and the practical exit paths.
ReadMid-market cloud bills routinely include a quarter to a third of waste. Independent FinOps disciplines surface it; the MSP that provisioned the cloud is usually the wrong party to ask whether the provisioning was right.
ReadIndependent research shows a median $2.78 returned per $1 invested in software over three years, while enterprise AI initiatives average just 5.9% ROI. How to construct the investment case the CFO will approve.
ReadQuantify the real cost of your current MSP relationship, including hidden licensing waste. Output is a board-ready summary, not a sales pitch.
ReadA baseline SLA template you can take into any MSP negotiation. Free, no email required.
ReadA board-ready checklist for assessing your current technology posture in 90 minutes. Print, walk through it with your IT lead, decide what needs investigation.
ReadSide-by-side vendor evaluation template, with weighting and scoring already built in. Disciplined enough to defend a decision; lightweight enough to actually use.
ReadA formal treatment of why vertical integration in IT services creates predictable conflicts of interest, and what mid-market organisations can do about it.
ReadWhere the return on independent technology oversight actually comes from: better decisions before money is committed, sharper contracts, and less waste in the run-rate.
ReadPerformance benchmarks across SLA, cost, security, and operational metrics for Australian mid-market MSPs. Australian managed services market: about US$6.5B in 2025 (IMARC).
ReadA practical governance framework for mid-market boards: what to measure, what to ask, what to escalate. Covers service performance, security, compliance, and vendor risk.
ReadA pattern-recognition guide for boards and finance leaders. The behaviours, billing patterns, and contractual structures that signal a problem before it surfaces.
ReadIf there is a question we have not written about, ask. The answer often becomes our next guide.
Ask a question