Select Page

[Case Study] Oceania Healthcare Chooses AMARU for Incident Response Plan

Oceania is New Zealand’s premium retirement living and aged care provider. They have 3000 staff and 4000 residents spread across 43 sites over the country. Oceania is reimagining retirement living through its services offering, focusing on resident health and wellbeing, recreation and convenience. Despite challenging market conditions, they continue to see growth and demand in their services.

The Challenge

With cyber security incidents continuously featuring in news headlines, the board at Oceania wanted confidence that they were prepared for a cyber security incident. They approached AMARU, who they knew to be pragmatic, solution-focused experts in the field, to deliver a cyber security incident response plan.

The Solution

  • Review of the critical assets and their management by external service providers.
  • Review of the Information security framework.
  • Formation of an incident response team.
  • Introduction to the National Cyber Security Centre
  • Delivery of a Security Incident Management Policy
  • Delivery of a Security Incident Management Plan
  • Delivery of documentation templates for usage in a Security Incident
  • Delivery of incident communication templates.
  • Testing of the Incident Response Process with stakeholders through the use of a scenario.

AMARU had demonstrated specialist security expertise and the ability to work collaboratively in a business and understand privacy laws and contractual requirements, so they were an obvious choice to bring on board as a trusted parter for the partner.

AMARU worked with key stakeholders to identify critical assets, processes, systems, and any interplay with external service providers. The review process even involved an assessment of the cyber security insurance policy to ensure there would be no surprises and any gaps in incident management would be covered by an external provider.

Through weekly project meetings, the processes were agreed upon, the response team formed, and the policy and plan were drafted and approved. The plan clearly defined all the steps to be followed, including what constitutes a cyber security incident and the contact details of those who needed to be informed. The plan clearly defined all the steps to be followed, including what constitutes a cyber security incident and the contact details of those who needed cyber security incident clearly understands their role and the steps that need to be undertaken.

The process was tested in a simulated cyber security exercise led by AMARU with Oceania and their IT service provider. The team were happy with the clarity everyone had in following the prescribed steps.

“Working with the team at Amaru was great; their expertise and professionalism made the development of our cybersecurity response plan an enjoyable process. It’s important to have a security partner that you can trust, and Amaru’s knowledge gave us assurance that we were in safe hands.”

Download the full case study.



AMARU is New Zealand’s leading information security and compliance service provider, offering end-to-end managed cyber security services across Australia and New Zealand. Contact us to find out how AMARU can help you manage and maintain your cyber security posture.