Cyber threats are evolving at an alarming rate, presenting a never-ending barrage of challenges to organisations worldwide. It’s no longer enough to just have a solid defence—you need to think bigger. You need to build cyber resilience to adapt, respond, and recover, no matter what comes your way.

What is cyber resilience?

At its core, cyber resilience is about staying operational—even when you’re under attack. It extends beyond traditional protection measures, probing an organisation’s ability to adapt to, respond to, and recover from cyber threats. It’s a holistic approach integrating  cyber security, business continuity, and enterprise resilience. The objective is not just to thwart attacks, but to ensure that you can continue to keep your organisation running smoothly even when under siege.

How do you measure cyber resilience and maturity?

Measuring cyber resilience involves assessing how well your organisation can anticipate, withstand, and recover from cyber threats. A robust measurement framework would look beyond conventional security metrics and include elements of recovery and adaptability. Consider:

1. Maturity Models:

There are several maturity models designed to help organisations assess their cybersecurity strength and resilience. These models, such as the Cybersecurity Infrastructure Security Agency (CISA) Zero Trust Model, Essential Eight or the National Institute of Standards and Technology (NIST) Cybersecurity Framework, offer a set of criteria for gauging your current capabilities. Organisations will often use aspects from each model to categorise their maturity, or readiness, into levels – from initial (least mature) to optimised (most mature), so that it’s easier to then identify areas for improvement.

2. Benchmarking:

If you’re looking for effective ways to measure and enhance your cybersecurity posture while comparing yourself to industry standards and peers, tools like Microsoft Secure Score and CIS CSAT (Critical Security Controls Self-Assessment Tool) are excellent options to consider.

Here’s why:

Using both tools gives you a well-rounded understanding of your cybersecurity strengths and areas for improvement. They don’t just tell you where you stand—they help you take actionable steps to build a stronger, more resilient security posture.

3. Resilience Metrics:

Want to see measurable results? Start tracking things like:

4. Continuous Assessment:

Cyber resilience is not a one-off exercise. Regularly scheduled reviews and updates to the resilience plan ensure that an organisation remains prepared as new threats emerge. This also includes continuously training staff and updating them on new threats and best practices.

How to build cyber resilience

Improving your cyber resilience and maturity level involves a strategic approach integrating processes, technologies, and people. It requires commitment from all levels of the organisation, from executive leadership to individual team members. Key steps include:

Why regular assessments of your cyber security maturity are key

Here’s the thing: threats aren’t going to slow down. That’s why it’s so important to regularly assess your security maturity – it’s crucial to strengthening your resilience. Regular assessments will illuminate current security posture, identify vulnerabilities, and provide actionable insights for continuous improvement. It’s like taking your car in for a service—you might not think you need it until it’s too late.

Working with experts can make a big difference here. They’ll bring fresh eyes to your challenges, ask the tough questions, mitigate the influence of organisational bias and help you spot gaps you might not even realise exist. (Shameless plug for my Security Resilience Assessment Workshop I’ve developed with Cisco here.)

The four pillars of cyber security resilience

Using the updated CISA Zero Trust Model that we mentioned earlier, we can focus on four critical pillars of cybersecurity resilience: Zero Trust, Secure Network, Extended Detection and Response (XDR), and Security Operations. Let’s delve into how each contributes to fortifying an organisation’s cyber resilience.

  1. Zero Trust A very widely used term that has become the mainstay of every modern cybersecurity approach. The principle of “never trust, always verify” rejects the traditional notion of a trusted internal network and an untrusted external one. Threats can originate from anywhere, and the Zero Trust approach mitigates the risk of unauthorised access and lateral movement within the network by requiring verification of every user and device, regardless of their location. While almost every security solution claims to be ‘Zero Trust’, many organisations have struggled to achieve this utopia.
  2. Secure Network is the principle that data in transit is protected across both public and private networks. It relies on the implementation of robust encryption standards, secure protocols, and network segmentation strategies. By safeguarding the network infrastructure, organisations can prevent eavesdropping and manipulation of data, crucial components in maintaining the integrity and confidentiality of sensitive information.
  3. Extended Detection and Response (XDR) goes beyond traditional detection and response mechanisms by providing a holistic, integrated view of threats across multiple security layers—email, endpoint, server, cloud, and network. By harnessing advanced analytics, machine learning, and automation, XDR can detect subtle and sophisticated threats and respond more effectively. This comprehensive visibility and swift response capability are pivotal in minimising the impact of breaches.
  4. Security Operations encapsulate the continuous processes and technologies employed to detect, analyse, respond to, and prevent cybersecurity threats. Central to this pillar is the Security Operations Centre (SOC), which orchestrates the monitoring, assessment, and defence of an organisation’s information assets. Effective security operations are characterised by their agility, adaptability, and the ability to leverage insights from past incidents to enhance future defences.

Let’s get started

With today’s constantly evolving threats, adopting a cyber resilience framework is not just beneficial; it’s a necessity. That’s why, Data#3, a Cisco Master Security Specialised Partner, has collaborated with Cisco to develop a Security Resilience Assessment Workshop.  This is a free to attend, hands-on session where you’ll assess your organisation’s security posture with guidance from experienced experts.

Want to learn more? Consider participating in a Security Resilience Assessment Workshop or reach out to your account manager today. Let’s build your resilience together.

In cyber security, change is constant, but some challenges remain stubbornly familiar. Do you remember the Anna Kournikova virus from over two decades ago? It spread rapidly by tricking users into opening a seemingly harmless email attachment. Fast forward to today, and it’s no surprise that email remains the number one attack vector. The only difference is that the stakes are higher, and as technology evolves, the threats grow more sophisticated. 

So, how prepared is your organisation to keep up with the evolving threat landscape? 

In our latest Security Minutes video series, with Mimecast, Data#3’s National Practice Manager for Security, Richard Dornhart, and Mimecast’s Senior Sales Engineer, Matt Youman, discuss the critical challenges organisations face and how they can stay ahead. From polished phishing attacks to overlooked attack vectors such as collaboration tools, here are the key insights you can’t afford to miss. 

Episode 1: The evolution of email attacks 

Cyber criminals are leveraging artificial intelligence (AI) tools to revolutionise their tactics. In the first episode, Youman highlights the rapid rise of AI-driven phishing attacks: 

“In the most sophisticated cases, we’ve seen the use of large language model agents like ChatGPT. They can automate spear phishing campaigns that would traditionally take weeks or months to execute, in just 30 seconds.”

With tools capable of learning, adapting, and automating attacks at scale, organisations can no longer rely on traditional defences alone.  

Episode 2: Defending against business email compromise 

While cyber criminals use AI to evade detection, it’s imperative to remember that AI is also a powerful ally for defenders. Youman explores how Mimecast uses natural language processing and social graphing to identify behavioural patterns to help you catch threats that static tools miss. 

When Youman reviewed 2,000 emails that bypassed standard security tools, the results were staggering: payroll switch scams and other business email compromise threats had slipped through unnoticed. 

Relying on static rules and limited keyword scans is no longer enough. Utilising AI-driven solutions can help you think like attackers, making it easier for your organisation to fight back

Episode 3: Managing human risk in cyber security

It’s not just email. Collaboration tools, essential to everyday business operations, are also becoming an increasingly popular target for attackers. Yet they’re often overlooked in security strategies. Youman shares how Mimecast addresses this blind spot by integrating collaboration platforms into its centralised security solution, enhancing visibility and simplifying management. 

Are your collaboration tools secure? If not, attackers may already be exploiting the gap. 

Episode 4: Strengthening defence across your organisation’s platforms 

Even with advanced technology, people remain the final safeguard. Roles such as those in C-suite, IT, HR, and finance are prime targets due to their access to sensitive data. Youman emphasises that understanding and addressing human risk is vital to any security strategy. 

Did you know that Mimecast’s 30-day Email Threat Scanner not only uncovers risks but also identifies patterns of human error? Making it a great tool for helping you tailor training to individual roles. 

When was the last time you tested your human defences? 

Episode 5: Securing collaboration in the workplace 

No single tool or strategy can eliminate cyber risk. Reflecting on recent incidents, Youman highlights the critical need to look beyond email when protecting your organisation from cyber criminals.   

That’s why Data#3 and Mimecast advocate for a defence-in-depth approach. By layering advanced detection, automation, and human-centric strategies, organisations can: 

Episode 6: The Mimecast threat scanner 

The final episode showcases Mimecast’s Email Threat Scanner in action. This free tool provides a powerful way to uncover email-borne risks that have bypassed your existing defences. With access to the Mimecast console, you can: 

Act now, know your blind spots 

With everything we’ve learned so far, it’s easy to see that the evolving cyber threat landscape requires more than just traditional security measures. The rise of AI-driven attacks, sophisticated phishing campaigns and overlooked vulnerabilities in collaboration tools reveal critical security blind spots that many organisations still miss. Relying solely on static defences alone is no longer enough to stay ahead of cyber criminals.  

A comprehensive, defence-in-depth approach is necessary to safeguard your organisation against emerging threats.  Don’t delay, each day leaves your organisation open to more attacks. With Data#3 and Mimecast, you’ll take proactive steps to identify and address potential risks that will help protect your organisation.  

Mimecast’s Email Threat Scanner Report will give you actionable insights into your current security posture, helping you stay one step ahead of cyber criminals. Don’t leave your organisation’s security to chance—ensure you’re fully prepared for the threats ahead.  

Contact your Data#3 Security Specialist today to request your Email Threat Scanner Report and uncover hidden threats before they become a problem. 

Graham Robinson, Chief Technology Officer at Data#3, and Carl Solder, Chief Technology Officer at Cisco ANZ, discuss the role of AI in technology, its challenges, and its future potential.

Watch the video in full or jump ahead to the questions linked below.

Is AI just another solution looking for a problem?

Watch video

Graham: Carl, there’s a lot of talk about AI. Many people say it’s at the top of the Gartner hype cycle. There’s a growing number of people now thinking that AI is going to plummet into that trough of disillusionment and it’s going to be years until we actually see any real value from the technology. What are your thoughts?

Carl: We’ll eventually reach a point where AI will address and solve many of the challenges customers are facing today. With the advent of current technologies like ChatGPT, Gemini, and Chord, many people are exploring how to integrate these tools into business operations.

That said, let’s not forget that AI itself is not new. From Cisco’s perspective, we’ve been developing AI for over a decade. In fact, our first AI toolset was launched nearly seven years ago. Cisco has been on this AI journey for quite some time, consistently focusing on how to leverage AI effectively to address customer use cases. I believe we have some fantastic technology solutions available today that are already achieving this.

The release of ChatGPT brought AI to the forefront of public awareness. It essentially announced to the masses that AI is here. However, it’s important to recognise that a broader foundation of AI technologies has been around for a while. These mature solutions are already solving real business problems and are ready for organisations to take advantage of right now.

Why are generative AI projects seeing better success rates compared to other tech initiatives?

Watch video

Graham: When you read the Harvard Business Review, they highlight that 80% of AI projects fail, but only 30% of generative AI projects fail, that means 70% of generative AI projects are not being cancelled and are proceeding through to production. Compared to the stats on digital transformation projects where only 12% succeeded – that’s a huge improvement. AI initiatives are performing multiples better then digital transformation projects. So, I fail to see how we can really say that there’s no value when we’re already seeing progress.

Carl: I agree. On the AI front, there’s generative AI, but we also need to consider how customers are consuming AI. You have the toolsets—like generative AI with chat-style interfaces where you type, interact, and drive workflows. But there’s also generative AI embedded within existing solutions. Often, customers don’t even realise it’s there, yet it’s quietly doing its job and delivering value behind the scenes. That’s where Cisco has been focusing for years. Many of our solutions already have AI built in, operating in the background. Customers may not always notice, but that embedded AI is making a difference.

Where is the true value of AI adoption today?

Watch video

Graham: The real value of AI adoption lies in moving beyond the hype and turning AI into something that delivers tangible, meaningful outcomes. It’s not about the flashy, in-your-face AI like ChatGPT—it’s about the AI that works quietly in the background, embedded within code and applications, where people use it without even realising they’re engaging with AI.

Carl: Correct. A classic example is the AI-powered radio resource management in the Cisco Meraki dashboard. Imagine a customer with a Meraki Wi-Fi network—there’s an AI engine running in the background, analysing user behaviour, network settings, and configurations. It optimises and fine-tunes the network to deliver a better Wi-Fi experience. Users benefit from this improved performance without necessarily realising AI is at work. It’s seamless, purpose-driven, and delivers clear outcomes.

This kind of embedded AI is something we’ve been leveraging for years. While you could debate whether it qualifies as generative AI, it’s still AI, serving a critical function. Now, with generative AI, we’re seeing entirely new possibilities, like virtual AI systems powered by large language models. These systems represent a shift in how operators interact with infrastructure. Instead of navigating a GUI and clicking buttons, operators can type commands and engage in a conversational workflow.

For example, a security operator could use such a system to craft an optimised security policy. The AI could analyse existing rule sets, identify redundancies, and consolidate rules to make the policy leaner and more efficient. These types of use cases highlight how generative AI can enhance productivity, improve decision-making, and ultimately drive better outcomes for organisations.

There’s also generative AI embedded within existing solutions. Often, customers don’t even realise it’s there, yet it’s quietly doing its job and delivering value behind the scenes.

Carl SolderCTO A/NZ, Cisco

Does AI pose more risks than it solves?

Watch video

Graham: AI helps solve a lot of problems, but it raises the question: is it more trouble than it’s worth? One of the most common concerns I hear revolves around the potential threats associated with AI—security risks, overexposure to technology, and fears about AI being used against us. What’s your perspective on AI’s impact on security?

Carl: From our standpoint AI serves as the foundation for how we’re evolving our security portfolio. AI appears in a number of different ways. First, on the backend, every security device needs up-to-date information to identify and respond to current threats. We have an organisation within Cisco actively scouring the internet tracking billions of artifacts daily—emails, file attachments, web links—all in search of emerging threats.

It’s impossible for humans alone to sift through that volume of data, so AI steps in to scale the process. AI analyses those artifacts, identifies new threat vectors, and creates signatures to inform our security solutions. For example, when a solution encounters a flagged instance, it knows to pay closer attention.

AI also works within the technology itself, embedding functions that serve specific purposes. For instance, an AI system might monitor for potential threat signatures and alert SecOps teams when something warrants further investigation.

Beyond these applications, we’re also seeing AI, particularly large language models, redefine how operators interact with networks. This represents a new paradigm—operators moving from GUIs to conversational interfaces powered by AI. This shift is going to be driving a really different way in which operators are going to be doing the job.

How is the rapid pace of AI evolution impacting IT skills?

Watch video

Graham: We’ve been in the industry long enough to witness major technology disruptions – the evolution of the PC, the internet and cloud. Each wave has brought significant reskilling. With the rapid acceleration of AI, how do you see this impacting the current skills gap? Do you think AI will exacerbate the issue, or can it be leveraged to help close the gap?

Carl: First thing I’d say is that we’ve both chosen a career where you never stop learning. You take a break, you come back and oh that’s something new that didn’t exist before. The mere fact of being in IT means that you’re going to be on this continuous learning journey because technology is always changing. I see the advancement of technology picking up pace and the generation of new IT practitioners today have got it a little bit tougher than maybe when I started.

Graham: I used to say the only thing constant is change but even the rate of change is no longer constant – it’s accelerating.

Carl: Absolutely, and that means IT careers are inherently built around continuous learning. AI is just another evolution, another chapter in that journey. That said, AI does change the game in terms of how operators will work with infrastructure that they manage.

When I look back, I see an evolution in IT operations. From the traditional NetOps – when I started everything was CLI (Command Line Interface), beautiful CLI! We went through this motion of DevOps where we started using software defined networking tool sets to automate. We also went through this with AIOps a few years ago where we had AI engines embedded in the solutions to enhance operations and streamline specific tasks. Now we’re moving into this era of large language model operations. Instead of just running scripts or using GUIs, operators can now use natural language to implement workflows, troubleshoot, or optimise systems. This shift not only demands new skills but also offers tools to bridge gaps, making IT professionals more efficient in managing modern infrastructure.

Graham: Every period of technological advancement is getting shorter. What does it mean for our people today because technology has accelerated out of the gate over the last five years. There’s also been a number of things happening around the world that have stopped us from upskilling them cross-skilling our people at the same pace. It feels like the gap between technological advancement and education is widening. What role does AI play in addressing that gap?

Carl: When you look at the AI solutions in Cisco’s portfolio today, most IT professionals will find them relatively easy to adopt. For instance, many people have already used tools like ChatGPT, and we’re starting to see similar interfaces integrated into administration panels now. It becomes intuitive, but there will definitely be a learning curve, especially in understanding how to frame questions or commands to leverage AI’s full potential.

The one area that Australia will get to at some point is when you actually build and run your own custom AI workload tailored to your specific business needs. What’s exciting is these tools have the potential to help all employees perform their roles more effectively. It’s not just an IT transformation; it’s a workplace evolution where AI becomes a ubiquitous tool for problem-solving and productivity across all functions.

What role does custom AI play in the future of business operations

Watch video

Graham: When you mention a custom AI workload, you’re referring to a specific application tailored for that customers’ needs. One that would probably be leveraging a third-party large language model or small language model or micro language model to perform a business function. We’re not just talking about the data centre. This extends to edge computing, specific devices, even down to mobile devices. Is that what you’re thinking?

Carl: Absolutely. In Cisco’s portfolio right now, we have an AI chat bot in our contact centre. This chatbot, powered by a large language model, enables true conversational interactions. If you think back a few years, chatbots were rigid, relying heavily on syntax and specific keywords to function. If you didn’t phrase something exactly right, they simply didn’t work.

But now, these chatbots can handle fluid, natural conversations, hugely improving the user experience. It’s not just a better customer interaction, it’s a transformative leap in how businesses engage with their users.

This also extends to IT practitioners. It’s a new world that our operators are starting to go into. Whether it’s automating routine tasks or assisting in daily workflows, these AI-driven systems are opening up new opportunities for efficiency and innovation in business operations.

AI – Are we heading to utopia or dystopia?

Watch video

Graham: Final question because I know we’re well and truly out of time that I could sit here and we have this conversation all afternoon. AI – Are we heading to utopia or dystopia?

Carl: I am a glass half full person, so I’m hoping it’s utopia. Within Cisco we have a group of engineers dedicated to ethics and how we can use AI in an ethical way. I’m optimistic that our engineering teams build AI tool sets that are going to serve mankind in a better way. That they’re going to produce better outcomes for businesses. They’re going to drive better productivity. better profitability, a better customer experience. That’s my hope for this.

That being said there’s always the darker side of human nature who might look to use those tool sets in in a bad way and I don’t think that we can avoid that. The only thing we can do is to continue to build out this technology to help mitigate those threats.

Graham: I share that hope. Going back to our conversation regarding security we know there are malicious actors out there. My hope is that AI for the first time really gives us an opportunity to harness the good in people and scale it to a level that we can actually provide a better future.

Within Cisco we have a group of engineers dedicated to ethics and how we can use AI in an ethical way.

Carl SolderCTO A/NZ Cisco

Data#3 and Cisco

Data#3 is a Cisco Gold Partner dedicated to helping organisations build secure, connected, and future-ready operations. As a Master Security Specialised, Master Collaboration Specialised, and Master Networking Specialised partner, Data#3 combines deep expertise with Cisco’s leading technologies to deliver tailored solutions. Recognised as Cisco’s APJC Customer Experience Partner of the Year for two consecutive years, we are committed to driving exceptional outcomes for our customers. Learn more at www.data3.com/cisco.

Azure VMware Solution (AVS) is a comprehensive, hosted VMware server virtualisation service on dedicated Azure infrastructure. Jointly engineered by VMware and Microsoft, AVS is built and managed by Microsoft.
 
AVS offers a seamless way to migrate or extend VMware environments to the cloud, preserving existing skills and tools while opening doors to Azure-native modernisation. AVS provides organisations with a fully managed, flexible infrastructure, supporting both immediate migration needs and long-term modernisation goals.

Customer example : Government department cuts costs and future-proofs with Azure VMware Solution

Facing rising VMware costs and aging on-premises hardware, a government department worked with Data#3 to evaluate their migration options. After comparing AVS with the cost of repurchasing and maintaining on-premises data centre infrastructure, they found AVS offered substantial savings and flexibility.

AVS migration solution

With Azure’s 3-year locked pricing model and extended support for legacy systems (Windows/SQL 2012), the department realised cost savings from reduced infrastructure spend. They also secured significant Microsoft funding for Data#3 deployment and migration services, which further supported the transition. Now established in Azure, they’re set to drive operational improvements and prepare for gradual application modernisation.

Key migration outcomes

Additional strategic use cases for AVS

Data centre footprint reduction or retirement

Easily lift and shift vSphere workloads to Azure, preserving existing environments with no hypervisor changes. AVS enables non-disruptive, scalable transitions with automation and high availability.

Scalable data centre expansion

Adjust capacity on demand with AVS, optimising costs for peak periods or short-term needs without long-term infrastructure investments.

Disaster recovery (DR) and continuity

Establish a secure, on-demand DR site with VMware on Azure, ensuring business continuity without added physical DR infrastructure.

Application enhancement and modernisation

Migrate quickly to AVS, then modernise applications over time by tapping into Azure-native services to enhance capabilities and reduce technical debt.




AVS offers a compelling combination of cost savings, reduced management overhead, and seamless migration, making it an ideal choice for VMware customers looking to modernise at their own pace.




Learn how AVS can support you with an ‘AVS Solution Workshop

Learn how Data#3’s ‘AVS Solution Workshop’ delivers a clear, cost-effective roadmap to cloud migration, offering an in-depth assessment and migration plan tailored to your organisation.


Why Data#3?

Data#3 brings extensive experience in delivering datacentre solutions, from procurement and deployment to seamless migration. As a leading Microsoft cloud provider and Azure Expert Managed Service Provider (MSP), Data#3 leverages its deep partnership with both Broadcom and Microsoft to offer clients robust, integrated solutions that simplify and optimise their IT infrastructure.

Acquisitions inevitably bring change. And Broadcom’s acquisition of VMware – a leading global provider of on-premises virtualisation solutions, has certainly shaken things up.
 
Since acquiring VMware, Broadcom has restructured its business, spinning off units like Carbon Black (security) and Horizon (desktop virtualisation). It has shifted the remaining products from perpetual to subscription-only models and reduced the total number of licensable products by bundling them.
 
While this bundling simplifies procurement, it has led to higher costs if the included products aren’t all relevant to your needs. The shift to subscription licensing has resulted in noticeable increases in renewal prices for some – with some businesses experiencing hikes of 100%, 300%, or even 500%.

Rethinking infrastructure strategies amid rising costs

These price uplifts are presenting an interesting opportunity with many reconsidering their infrastructure strategies and assessing competing technologies. Instead of continuing with VMware on-premises, they’re exploring alternatives, such as switching to different hypervisors (e.g., Azure Stack HCI, Nutanix) or migrating to the cloud.

If, like many, you’re considering other options, you have no doubt already considered one, or all of the below:

Microsoft’s Azure VMware Solution (AVS) offers some elegant answers to these considerations, addressing interoperability, flexibility, ease of integration and, perhaps surprisingly, cost.

What is Microsoft’s Azure VMware Solution (AVS)?

AVS offers a comprehensive, hosted VMware service on dedicated Azure infrastructure. Jointly engineered by VMware and Microsoft, AVS is built and managed by Microsoft – recently named a Leader in 2024 Gartner® Magic Quadrant™ for Strategic Cloud Platform Services (SCPS) – with flexible pricing models that make it an attractive alternative to traditional on-premises setups.

Let’s explore AVS in more detail, starting with its portfolio of Software-Defined Data Center (SDDC) clusters:

AVS is deployed in clusters with a minimum of three hosts, including both storage and networking. It provides a quick, seamless path to the cloud for businesses running multiple VMware virtual machines. Use cases range from datacentre expansion, reduction, or retirement to disaster recovery, business continuity, and application modernisation. Its flexible disaster recovery options also support seamless integration from on-premises to AVS, between AVS clusters, or directly to Azure services.

But what are the specific advantages of moving your workloads to AVS?

AVS is particularly appealing to businesses already considering a cloud journey but not yet ready to modernise their entire application stack. After all, re-factoring or modernising applications during migration can be time-consuming and costly.

By comparison, AVS offers a ‘migrate to modernise’ approach, enabling businesses to migrate first, realise immediate cost savings that can be diverted to fund their application modernisation, and then gradually modernise. Once on Azure, companies can tap into a range of native services to accelerate application development.

Seamless integration and reduced overhead

AVS can integrate with your on-premises vSphere environment.  But perhaps the biggest advantage of AVS is its seamless integration within the Azure ecosystem. Businesses can continue running their virtual machines on VMware while gradually modernising applications on Azure, all within a connected environment. By incorporating Azure services for security, backup, and monitoring, AVS effectively streamlines operations and reduces the need for on-premises servers, storage, and hardware. Given these services often make up a large share of compute resources, this approach can significantly lower capacity requirements. With less IT overhead, teams can focus on higher-value activities, easing the shift from traditional VMware setups by allowing businesses to re-group and migrate workloads at their own pace.

Speed and simplicity of migration

Migration from on-premises VMware to hosted VMware on Azure is seamless, with minimal disruption. AVS uses the same VMware virtualisation platform, allowing workloads to move easily and quickly without the need for refactoring. With HCX vMotion technology, you can extend your on-premises VMware networks to AVS, enabling virtual machines to migrate without reallocating IP addresses.

Leverage existing skills

Another significant benefit of AVS is that it eliminates the need to re-skill employees or introduce new tools. Businesses can continue using the same skills and personnel that manage their on-premises VMware environment. IT administrators access familiar tools for configuration and management, reducing the learning curve and maintaining the level of control they have come to expect with VMware.

Streamlined support and management

When you migrate your VMware with AVS, Microsoft serves as your single point of contact for all issues. Furthermore, if VMware’s involvement is needed, Microsoft manages that on your behalf. Microsoft also handles the underlying platform and infrastructure, freeing up your operational staff to focus on higher-value activities and reducing overall support demands.

Highly competitive pricing

Microsoft’s scale and negotiating power means they can offer VMware licensing at very favourable prices compared to on-premises VMware. AVS offers flexible pricing options, allowing customers to choose pay-per-hour usage or reserve capacity for one, three, or five years. Instead of investing in and managing their own servers, businesses can lease VMware environments from Microsoft, benefiting from predictable and affordable pricing. Customers can also lock in discounted rates for longer terms, with reserved instances that can convert to Azure IaaS.

Offers and licensing benefits for Azure VMware Solution

AVS offers a compelling combination of cost savings, reduced management overhead, and seamless migration, making it an ideal choice for VMware customers looking to modernise at their own pace.

Other Considerations

As always, a thorough evaluation and total cost of ownership (TCO) analysis are essential to determine the best-fit solution – whether that’s AVS or an alternative approach. Some potential limitations of migrating to AVS include:

Interested in AVS?

Data#3 can help determine if AVS is the right fit for your business through a comprehensive solution assessment involving:

Your organisation may be eligible to access Microsoft funding to undertake this assessment, providing a risk-free way for you to explore the benefits of migrating to AVS. Contact our team using the form below to find out if you qualify.



Azure VMware Solution in action: customer and strategic use cases

Click here to read how a Government department cut costs and future-proofed their operations with a Azure VMware Solution from Data#3.



Why Data#3?

Data#3 brings extensive experience in delivering datacentre solutions, from procurement and deployment to seamless migration. As a leading Microsoft cloud provider and Azure Expert Managed Service Provider (MSP), Data#3 leverages its deep partnership with both Broadcom and Microsoft to offer clients robust, integrated solutions that simplify and optimise their IT infrastructure.

Having a plan doesn’t make it happen

This isn’t another “what is zero-trust” article – I think we can all agree that we’ve moved beyond that as we know it isn’t a product, it’s not a replacement for firewalls or VPNs, and it’s not something you do and then move on.

However, it is essential and appears in some form on virtually every government department’s cybersecurity strategic plan. Some departments and agencies have made progress and implemented elements of the zero-trust model within their environment, but not at a broad enough level to provide the promised levels of protection. Hence, despite the plan, they’re still vulnerable to a cyber-attack.

If zero trust is essential and part of a plan, why are government departments and agencies struggling to implement it? This post will explore that question.

The Government Zero Trust Paradox

The imperative to adopt zero-trust security has never been clearer for government departments and agencies. In an era of remote work, cloud-based services, and increasingly sophisticated cyber threats, zero-trust is an additional, identity-based layer that reduces the reliance on increasingly ineffective perimeter defences.

Driven by mandates from federal, state, and local authorities (such as the new Cyber Security Bill 2024), and the recognition that a new security model is needed, government entities are eager to embrace the principles – but reality on the ground tells a different story. Despite the strategic importance of zero trust, many government entities are struggling to turn that vision into tangible action for a number of reasons.

As a result, many government organisations find themselves stuck in a paradoxical situation. They know zero trust is where we all need to be, but the path remains elusive. Instead of bold action, their security roadmaps remain tactical and address the next pressing need rather than being a strategic, long-term plan that is continuously checked and aligned to.

In a recent discussion with a financial industry CISO, they revealed that these pitfalls are all too common. Despite an acknowledgement of the need for zero trust in their cybersecurity plan, and a multi-million dollar investment, they also:

Breaking free of this paradox requires a fundamental shift in mindset and approach. Rather than viewing zero trust as a product- or tool-based, all-or-nothing proposition, government agencies must embrace a more strategic, process-driven incremental path forward. They can chart a course towards zero trust success by focusing on their most critical assets, prioritising use cases, and partnering with experienced advisors who take this process-driven approach.

A Practical Roadmap for Zero Trust Success

Without trivialising the difficulties of implementing zero trust, there are some principles to consider:

  1. Change Your Thinking
    Consider a different label, such as “Dynamic Trust”, especially for people outside of IT. This might seem unimportant, but conveying a message that trust needs to be actively managed based on context can foster a more positive narrative.
  2. Identify Critical Assets
    Think “Protect Surfaces”, not “Attack Surfaces”. The reality is that anything network-connected is a potential attack surface, so shift the focus from all potential attack surfaces to protecting what’s most critical. Think about protecting surfaces by creating a micro-perimeter around the most critical, valuable areas e.g. Do this by conducting an audit to pinpoint the most sensitive data, applications, and systems requiring the highest level of protection. Then, identify your Protect Surface DAAS elements – Data, Applications, Assets, Services.
  1. Understand your Readiness Perform a readiness assessment to
    • Identify business risks and pressures
    • Determine the overall security benefit
    • Identify current technology capabilities
    • Understand which specific areas will receive the most benefit from zero trust.

      This helps show which area you should begin your journey to feed into roadmap planning, and allows you to better choose solutions that meet your organisation’s needs.
  2. Develop a Zero Trust Roadmap
    Create a phased implementation plan that outlines the specific steps, timelines, and resources required across Define, Design, Formulate and Deploy stages. Ensure the roadmap aligns with your department’s broader security and IT strategies.
  1. Pilot and Iterate
    Start with a small-scale pilot project to test your zero-trust approach and gather feedback. Use the lessons learned to refine your plan and prepare for broader deployment.
  2. Secure Executive Sponsorship
    Gain buy-in and support from department leadership to ensure the necessary resources and commitment. Demonstrate the tangible benefits of zero-trust in terms of risk reduction, cost savings, and operational efficiency.

Working With Partners & Vendors

While tools and solutions are a component of the zero-trust model, they too often become the focus of government security teams looking for tangible ways to move forward. While tools can provide valuable data points, implementing zero trust effectively requires a more holistic, process-driven approach. Simply relying on a tool to assess one’s zero-trust posture is insufficient.

That’s why working with experienced advisors like Data#3 and Business Aspect, who can guide you through a comprehensive readiness assessment and the development of a practical zero-trust roadmap, is critical. This process-oriented approach, rather than a tool-centric one, can ensure that government entities have a clear understanding of their current state, their priorities, and the steps needed to achieve their zero trust goals.

This includes:

The final factor is understanding the vendor landscape. Vendor solutions are a critical implementation component, and aligning the right vendor solution is easier for a partner like Data#3, with its extensive vendor relationships and accreditations.

For example, government entities that have made significant investments in Cisco networking could use Data#3’s 25+ year relationship with Cisco to access their extensive security portfolio and zero-trust capabilities.

Conclusion

Implementing zero trust is a marathon, not a sprint. Government entities can chart a course toward a more secure, adaptable, and future-proof security architecture by taking a phased, strategic approach—identifying critical assets, assessing current capabilities, and partnering with experienced advisors. If you would like to discuss further please reach out to me using the contact button below or contact your account manager.

Interested in a hands-on opportunity to evaluate your cybersecurity maturity?

Data#3, in partnership with Cisco, will be hosting Security Resilience Assessment Workshops in 2025. These workshops will guide you through a self-assessment of your security posture using the updated CISA Zero Trust Model.

Register your details below to receive an invitation.

October 15, 2024; Sydney, Australia: Leading Australian technology services and solutions provider, Data#3, is proud to announce that it has been named Lenovo Infrastructure Solutions Group (ISG) ANZ Reseller of the Year.

The prestigious award was presented at the annual Lenovo Business Partner Gala Awards, which celebrated the achievements of Lenovo’s top partners across Australia and New Zealand.

Data#3 General Manager for Infrastructure Solutions, and valued member of the Lenovo Partner Advisory Council, Rob McCabe, commented, “We are honoured to be recognised by Lenovo for our innovative infrastructure solutions. This award is a testament to the skills and dedication of our team, combined with the strong partnership we have built with Lenovo.

“The growth of AI-related infrastructure means companies are seeking guidance on best practices throughout the entire lifecycle. Our most recent project successes spanned multiple industries, providing hybrid multi-cloud solutions that offer flexibility, scalability, and security across workloads from edge to cloud. Together with Lenovo, we look forward to continuing to drive secure and sustainable innovation in the infrastructure space.”

Lenovo A/NZ commercial director of channel and distribution, Kirat Khara, commented, “We are thrilled to congratulate Data#3 on being awarded the Infrastructure Solutions Group ANZ Reseller of the Year. This prestigious recognition highlights their remarkable triple-digit growth, driven by a strategic focus on leveraging the full breadth of our portfolio. Data#3’s ability to maximise the value of our solutions, combined with their strong market execution, underscores the depth of our partnership. We look forward to continued success together as we build on this momentum.”

Data#3 is the safe pair of hands when looking to modernise the data centre. Its experienced team is uniquely positioned to help companies achieve their business objectives. With deep expertise in data centre modernisation and software lifecycle, its backed by a global network of tools and resources, strong security practices, and proactive, world-class service.

At Kingsway Christian College, empowering students with the skills to excel in a digital world is a top priority. Enter Adobe Creative Suite, a set of industry-leading tools that help students create captivating images, graphics, presentations, videos, and digital experiences. Through Adobe Creative Suite, students can unleash their creativity, build essential technical skills, and prepare for success in an increasingly digital landscape.

“What’s really great is that you have multiple ways of getting to the same place. The way I do it is different from the students. When the students are excited about what they are doing, you’re going to get the best out of them,” said Lauren Clark, Teacher, Kingsway Christian College.

In this video, discover how Kingsway Christian College is empowering students to harness the power of Adobe Creative Suite to unlock their potential in modern media.

Are you ready to empower your school with Adobe Creative Suite?

As a Platinum Adobe Partner, Data#3 has extensive experience helping customers select and implement Adobe’s leading digital solutions. Let’s talk about how to:

Discover how XDR enhances threat detection and response

In these four episodes, Richard Dornhart, National Practice Manager – Security at Data#3, joins David Robbins, Director, APJC – Cyber Security Strategic Partnerships at Cisco, to tackle the four most common questions we hear about Extended Detection and Response (XDR).

As a Cisco Gold Partner, 2023 Security SMB Partner of the Year, and 2023 Cisco Customer Experience Partner of the Year APJC, Data#3 is ideally placed to help you answer these questions and guide you on the best way to implement XDR in your environment. Please reach out to your account manager or contact our team for more information.

The introduction of artificial intelligence (AI) into our professional lives is not just a technological upgrade – it’s a cultural revolution. Adoption of Copilot for Microsoft 365 (M365) is rapidly changing what the typical workday looks like. This change naturally brings about a lot of questions – including what exactly you should be asking your new AI tools for help with.

At Data#3, our Copilot for M365 Working Groups’ recent discussions have shed light on a pivotal shift in our work ethos. The group explored the concern that some individuals might feel reluctant to ask AI questions in areas where they believe they should already know the answers, or worry about how their inquiries might be perceived by their supervisors. After a lengthy discussion, the group concluded that asking even seemingly simple questions of AI should not only be acceptable – but encouraged.

The heart of this discussion revolved around the idea of a major cultural shift surrounding expertise, and what it means in the workplace.  Using AI is not about abandoning our expertise – it’s about augmenting it. The integration of AI into the workplace provides an opportunity to validate what we already know, learn new things and continue pushing the boundaries of what we can achieve.

Enhancing your daily workflow with Copilot for M365

In one of our recent Copilot for M365 Working Group workshops, the Data#3 team considered how asking AI questions they already know the answer to might help them become more adept at harnessing the power of AI.

Steve Bedwell, our technical maestro, might ask, ‘What are the latest advancements in Copilot Studio?’ While Steve is well-versed in this subject, his interaction with Copilot serves as a springboard for generating a nuanced technical narrative, enriched by his own expertise.

On the business front, James Creighton, Practice Manager at Data#3 could pose the question, ‘How can we leverage emerging markets for growth?’ Although he is familiar with this topic, Copilot’s insights could help him craft a business strategy that’s both innovative and grounded in data-driven analysis, and significantly less time consuming than doing so manually. In this example, AI provides articulate content that can be moulded to what he needs, rather than creating it from scratch.

Deborah-Ann Allan, Principal Consultant, known for her sharp insights, might inquire, “What are effective change management strategies when deploying cutting-edge technology?” Through Copilot’s insights, she can utilise ideas that can be tailored to resonate with organisational culture.

Our master trainer in Modern Work technologies, Alice Antonsen, might ask, “How can we enhance remote collaboration through training?” With Copilot, she can quickly and efficiently draft comprehensive training materials, which she can then refine through her deep understanding of the subject.

These are just some brief examples of how you might generate value by prompting Copilot for M365 with a question you already know the answer to. In practice, you’ll likely need to follow your initial prompts with additional ones to refine the output. By continuing to ask questions of your AI tools, you can craft your output to a stage where you’re relatively happy with a first draft. After that, you bring your know-how and experience, your thoughts and your heart to review and manually add the finishing touches.

Making the most of AI requires a cultural shift

That’s why it’s critical for organisations to make time for conversations like these. As we continue to navigate this cultural shift, it’s essential to recognise that asking AI for assistance is not a sign of incompetence – it’s a sign of strategic thinking. It’s also an acknowledgement that while we may know the answers, there’s always room for growth, refinement, and a fresh perspective.

As another example, we used Copilot for M365 to help draft this blog based on the transcript of an internal discussion. The initial draft made it easy to bring together several voices and provided a foundation to build on our team’s knowledge and language preferences—most importantly, in significantly less time. The ideas were ours, and the discussion took place between humans, but Copilot was able to create a well-structured blog once we provided clear directions on how to do so.

The journey we’re on at Data#3 is one of transformation, where AI becomes an integral part of our intellectual toolkit. It’s a journey that encourages curiosity, fosters innovation, and ultimately – we believe – leads to a more dynamic and empowered workforce. By embracing change with confidence, we can become more confident in using the power of our questions to unlock the full potential of AI in our workplace.

Take the next step with Copilot for M365

Interested in finding out more about how we can help you along your AI journey? Reach out to our team today.

Learn more about Copilot for M365