Consult, Design, Deliver
Kelima is a boutique ICT consulting company and KelimaSEC is our cyber security division.
Our aim is to offer affordable premium quality security consulting to create outstanding business value. We deliver a diverse range of security consulting, design, assessment, and penetration testing services.
We focus on providing real-world value to our clients. Our security skills cover the spectrum from C-Level enterprise architecture and risk through to deep technical software and hardware penetration testing. These skills have been honed against high security environments within Government and Utility sectors, and practiced through the lens of both client and service provider.
Our delivery philosophy is to be honest about what’s possible and what’s not. One size does not fit all. Our experience designing and implementing solutions, and conducting risk assessments and penetration tests, allows us to see security from both the attacker’s and defender’s perspective. This drives our pragmatic approach. We work closely with our customers to ensure the proposed solution can provide tangible business benefit; and won’t proceed if it can’t.
Over the last 10 years, our team’s had experience and involvement in a range of security engagements.
Some recent examples include Smart Meter Programs, IT/OT Security Strategies, and Security Testing and Evaluation.
Smart Meter Programs
Lead security consultancy and thought leadership for Victorian smart meter implementation projects for utility organisations.These projects involved the design and implementation of core security services to support the deployment of meters throughout Victoria.
As well as design, we conducted detailed hardware penetration testing, to component level, of the smart meters, communications cards, and supporting infrastructure.
IT / OT Security Strategies
The design and delivery of strategies for the secure integration of IT and OT systems for a number of Australian water and electricity utilities.
A business-driven risk-based approach that focused on pragmatic and realistic outcomes.
The use of industry standard guides and tools including IEC 62443, ISO/IEC 27001/2, the NIST Cybersecurity Framework, and DHS Cyber Security Evaluation Tool (CSET), to drive actionable and auditable change across the organisations.
A business case and strategic direction for the secure integration of IT and OT functions, while improving the operational visibility and auditability for the business.
Security Testing and Evaluation
Penetration testing and evaluation of Home Automation and grid integration IoT devices and associated cloud-based management infrastructure.
Penetration testing and risk assessment of enterprise-grade virtual hosting and orchestration solutions, including physical and virtual network infrastructure and management and monitoring systems.
Penetration testing of internal and Internet-facing systems for critical infrastructure providers.
Penetration testing of SCADA applications including Internet and mobile integration capabilities.
Our Core Strengths
Our delivery philosophy is to be honest about what’s possible and what’s not. One size does not fit all. Our Core Strengths lie in:
Honest advice. Trusted thought leadership.
Infrastructure security design and implementation, specialising in Government and Critical Infrastructure providers.
Assessment of business and technical risk using industry standard or custom risk managment frameworks. KelimaSEC utilises ‘attack tree’ analysis to provide an objective view of the risks, and the mitigating controls that provide the most business value.
Penetration testing services against application, network, and hardware infrastructure, including smart meters and emerging IoT systems.
Design, implementation, integration and migration to cloud-based solutions.
KelimaSEC Security Methodology
See below for some of the clients we've worked with
See below for some of the partners we've worked with
The core team at Kelima has worked together on large-scale projects for over 15 years. Kelima was formed with the ethos that the team has many great individuals, but it is as a collective team that we excel.
Security Solutions Architect
Chris is an accomplished solutions architect with experience working across a wide range of industries. His expertise lies in secure networking and infrastructure solutions (with emphasis on Microsoft infrastructure, Azure, AWS, VMware, Citrix & Cisco networking technologies), with skills in architecting, designing and implementing solutions across a diverse range of platforms and solutions. Chris is a CISSP certified security practitioner and is passionate about ensuring that security is an effective and integrated component of any solution.
Security Practice Lead
An accomplished security architect and qualified penetration tester with over 20 years’ experience in the Utilities, Government and Defence sectors. Karl's extensive security, networking, and Critical Infrastructure experience enables him to work as a trusted advisor at a technical and strategic level on solutions ranging from smart meters, industrial automation and IoT, through to cloud enablement and security policy development. Karl's a Project Management Professional (PMP) and a former CCIE (#2061) with multiple SANS qualifications.
With extensive experience in the information security field, Michael has worked in a range of consulting assignments across utilities, government and the commercial sector. He has been involved in both technical and strategic information security consulting, including policy development, security audit and review, threat and risk assessments, security architecture and design, and penetration testing. Development of an ISMS to the ISO 27001 standard and establishment of a Security Operations Centre are part of his background. Michael is a Certified Information Systems Security Professional (CISSP).
To have someone contact you, fill out the form below and we'll respond as soon as possible. We look forward to working with you.