Skip to content
Change industry

You said ·  We had a breach or close call

Industry ·  Mining services and technology

A breach or close call just happened.

The invoice redirection fraud hit on a Tuesday. The phishing link clicked by a site engineer on Wednesday. The first hour determines whether you are managing a nuisance or a catastrophic failure. Mining services firms face immediate pressure from principal contractors. BHP, Rio Tinto, and FMG demand proof of containment and a plan to stop the repeat. You need to act now, not next quarter.

See if we're a fit More on mining services and technology

What this usually looks like

What a security incident looks like for mining services firms.

You handle sensitive geospatial data, engineering designs, and environmental audit reports. A data leak or ransomware event stops field operations. Drone fleets go offline. Survey teams cannot access the cloud storage holding critical project files. The business halts while you try to figure out what was taken.

The principal contractors are watching. Their security packs require mandatory ransomware reporting and strict incident response timelines. If you cannot prove your identity posture was sound or that your backups are restorable, you lose the contract. The auditor will ask for evidence, not excuses.

Remote site connectivity adds complexity. Managed LTE or 5G links are the lifeline for your teams. If those credentials are compromised, the attacker has a direct pipe into your operational network. Patching gaps on endpoint devices become obvious vulnerabilities when someone is actively looking for them.

Where we'd start

Where we start after the incident.

  1. Step 01

    Contain and assess immediately

    We isolate the affected endpoints and revoke compromised credentials within hours. We review the logs to determine the scope of the breach. This includes checking for lateral movement across the managed LTE links and verifying if geospatial data was exfiltrated. We give you a clear picture of what happened and what is still accessible.

  2. Step 02

    Restore operations securely

    We rebuild the compromised systems using clean images from verified backups. We enforce Multi-Factor Authentication on all remote access points. We patch the vulnerabilities that allowed the initial entry. The goal is to get your survey teams and engineers back to work with a hardened environment that resists the same attack vector.

  3. Step 03

    Prove compliance to your principals

    We document the incident and the response for your cyber insurance and contractor audits. We align your posture with Essential Eight maturity levels. We provide the evidence BHP, Rio, and FMG require to show you have fixed the root cause. This turns a security failure into a demonstration of professional recovery.

CCP's security floor

Every CCP client is covered by the Client Security Baseline.

The CSBO is our contractual security floor. MFA on everything that matters. Application control. Vulnerability management. Backups restored, not just scheduled. Account offboarding the same day someone leaves. Password management staff will adopt. Annual awareness training.

If you won't do the basics, we'd rather decline than take responsibility for an incident you chose to ignore.

  • Multi-factor authentication

    Phish-resistant MFA on everything that matters.

  • Application control

    Allowlisted applications. Nothing else runs.

  • Vulnerability management

    Known vulnerabilities remediated inside thirty days.

  • Tested backups

    Backups that have actually been restored, not just scheduled.

  • Same-day offboarding

    Account access cut the day someone leaves the business.

  • Password management

    A password manager your staff will actually use.

  • Awareness training

    Annual cybersecurity training. No one opts out.

  • The full baseline

    Eleven controls in total. Seven shown here. See what's included in Managed IT Complete.

Track record

Twenty years in. A hundred-plus clients. The numbers are load-bearing.

Years in business
0+
Loved clients
0+
Aussie techs
0%

4.8 average · 46 reviews on Google

“The new investors are making us offshore IT. It sucks. You guys were perfect. I don't want to change.”
Paraphrased. A client forced to leave after an acquisition.

Our clients measure their tenure with us in years, not renewals. When they do have to leave (almost always because they've been acquired), they're sad about it. That's the metric that matters.

“Night and day working with CCP. They came in from day one, spent the time to ensure everything was set up and secure properly, and now everything just works. Due to the success we've had with them, we further engaged them to manage our phone systems and website. If you work with CCP you will never have to worry about your IT systems again.”
Trent Martin Google review
“We have been using CCP since the early 2000s and have always had great service on our 20-plus PCs and server. We recently moved to a managed service and cannot rate the experience highly enough. Well done Lee and team.”
Kelvin Mansfield Flexi Google review
“We have been continually impressed with CCP over the several years we have used them. They are extremely efficient, excellent customer service and well priced. I would recommend Lee and his team.”
ProcessWorx HR consulting, Perth Google review
See if we're a fit

The qualifier

Let's see if we're a fit.

Seven questions, one moment of your time. We'd rather tell you now than three months in.

Step 1 of 7

How big is your team?

Counting everyone: staff, contractors, anyone with an account.
See if we're a fit