SIEM Implementation at Sunstone Advisory: Our Journey as a Small Business in a World of dealing Big Players


As a small business, Sunstone Advisory understands the importance of robust cybersecurity measures to protect our valuable assets and clients. Security Information and Event Management (SIEM) systems have become a crucial component of our security strategy. In this article, we’ll share our experience implementing a SIEM solution for Sunstone Advisory and how it differs from the challenges faced by the large government organisations we are use to implementing and designing for.

Size and Complexity

At Sunstone Advisory, our size and organisational structure are significantly simpler compared to large government entities. Our smaller IT infrastructure allows us to focus on implementing a SIEM solution tailored to our specific needs, without the added complexity of managing sprawling networks and multiple departments.

The simplicity of our infrastructure made it possible to deploy a SIEM solution with fewer features, streamlining the implementation process and enabling us to focus on what matters most: safeguarding our clients’ data and our business assets.

Budget and Resources

As a small business, we face budget constraints that shape our SIEM implementation strategy. We chose a cloud based SIEM service, which offers lower upfront costs and scalability to grow with our business. This cost-effective approach ensures that we can allocate resources to other essential aspects of our operations while maintaining a strong cybersecurity posture.

Our limited IT resources also influenced our SIEM implementation. Whilst we have dedicated IT resources, we didn’t have a dedicated IT security team, our general IT staff took on the responsibility of managing the SIEM system. This approach has allowed us to remain agile and efficient in responding to potential security threats.

At Sunstone Advisory, we adopt a strategic approach to managing our cybersecurity by clearly defining roles and responsibilities. Our Chief Security Officer (CSO) is in charge of fostering a security-conscious culture, while our Security Officer (SO) ensures the development and enforcement of security policies. Meanwhile, our IT staff is responsible for implementing these policies in practice. We take immense pride in our efforts to maintain a strong alignment between these roles and our overarching security policy, demonstrating our commitment to a comprehensive and effective cybersecurity framework.

Compliance and Regulations

At Sunstone Advisory, we strive to maintain a high level of security and data protection for our clients. While we may not face the same stringent compliance requirements as large government organisations, we focus on implementing a SIEM solution that addresses our specific security needs and adheres to industry best practices.

Customisation and Integration

Our SIEM implementation journey required a straightforward system that could be quickly deployed and easily integrated with our existing IT infrastructure. We carefully selected a SIEM solution that offered seamless integration with our current systems, ensuring minimal disruption to our operations and maximizing the return on our investment.


Implementing a SIEM solution at Sunstone Advisory has been a valuable learning experience, highlighting the differences between small businesses like ours and large government organisations. By understanding our unique requirements and focusing on a tailored SIEM solution, we have successfully enhanced our cybersecurity posture while maintaining the agility and resourcefulness that defines our small business approach.

We hope that sharing our journey can inspire other small businesses to adopt SIEM solutions and prioritize cybersecurity in their operations, demonstrating that even in a world of big players, small businesses can stand strong in the face of cyber threats.

Maximise your ROI and impact. Minimise doubt and delays.

Tap into all the specialist analytical, project management and execution smarts you need.

  • Every confidence, every step of the way.

  • Go from red tape to green light.

    Smarter. Faster.

    Advisory services

    From enterprise architecture and strategic analysis, planning and procurement to capability, project and program management and delivery.

    Technical services

    From enterprise architecture and strategic analysis, planning and procurement to capability, project and program management and delivery.

  • Insights and articles

    See how we’ve been helping our clients in Defence and across government build Australia’s sovereign capability.
  • Put us to the test

    Tell us about your next project and find out how we’ll handpick a team that will make it happen.