top of page


Cyber Risk Advisors
specialises in cyber security
and technology risk advisory.

It serves boards, board risk committees, executive management including CEOs, CIOs, CISOs, and CROs, and transformation program leaders.

Our goal is to help your organisation understand the desired outcomes, including your board obligations to shareholders and key stakeholders. We will help you solve your organisation's greatest issues with respect to regulatory, industry, and company policy compliance and to protect what matters most in terms of loss of value, regulatory sanctions, or brand and reputation impacts.

How do we do it?

We know the right questions to ask and will provide practical insights from years of industry and consulting experience in managing cyber security risks and solutions. With an eye on the future, to stay ahead of cyber adversaries, we also offer advice on how your organisation can transform existing cyber security approaches into effective security solutions.


Key solution areas include governance, management of information security transformation, identity and access, threat and vulnerability, privacy, and resilience. We advise on the design and deployment of digital, technology risk, and information security frameworks, standards, and strategies to deliver the right outcomes.



Cyber Risk Advisors will show you how to make a step change in managing cyber security risks by improving your organisation’s governance, strategy, operational model, and technologies. We will this through the identification and assessment of key risks and develop remediation plans to protect critical information and systems while achieving compliance with complex and diverse regulations, industry standards, and company policies.


Management and transformation

Based on your risk appetite and capabilities to manage risk and security, we can help you devise a future forward security improvement program through visioning activities that includes business strategy and market analysis, assessments and measurement of cyber capability, gap analyses and planning activities that will result in a optimised and measurable cyber security program.


Crisis Risk Management

With more than 25 years of leadership experience, CRA can also be deployed at a moment's notice, to lead the recovery of an impacted or breached organisation in any industry, as a project leader, advisor or as a seated cyber security IT, risk, or audit executive.



Cyber Risk Advisors Pty Ltd is please to announce we merged with IIS Partners based in Sydney, effective 1 January 2018 and will continue to trade under the IIS brand.


This merger further strengthens CRA, provides critical privacy capabilities for our clients and a full-time presence in Sydney and Brisbane, as well as complementary industry competencies. It also signals a new phase in IIS' growth by establishing a full time presence in Melbourne.


Mike Trovato
​​Michael Trovato, Managing Partner

Cyber Risk Advisors was founded by a leading industry expert to be an outcome- focused and cost effective alternative to traditional large firm consultancies – independent and objective. Years of experience dealing with tough regulators, hard-edged auditors, demanding business executives and CEOs, CIO/CISOs, has developed key insights and execution capabilities that will help you meet your personal and  business KPIs and governance requirements and obligations.


Our founder and Managing Partner, Mike Trovato, is a results-oriented, internationally-recognised information security, risk and technology leader with 30 years of credentialed cyber security and technology risk governance, executive management, program transformation, and innovation experience. 


He was formerly EY’s Asia Pacific, Oceania, and Financial Services Organisation Cyber Security Leader – building the largest and most successful “Big-4” cyber security team for the past ten years. Prior to that he was GM Risk and Security, National Australia Bank. In New York, he was a Partner in KPMG’s Information Risk and Advisory Services team; a Senior IT Auditor at Salomon Brothers; and a Senior IT Executive, MasterCard International.


Mike is a graduate of the Australian Institute of Company Directors (GAICD); an

Independent Non Executive Director; Security and Risk and Finance and Sustainability Committees of .au Domain Administration Ltd (auDA); a former Board Member of ISACA Melbourne, and a Director of the Australian Information Security Association (ASIA). He is a Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), and a Payment Card Industry Qualified Security Assessor. The bulk of his experience has been in Financial Services, with strong Government, Energy, Information, Communications, and Media Industries experience as well.


CRA has access to a range of independent cyber security and risk consultants in Australia, the United States and Israel, and Mike conducts business travel freely as a US and Australian national.

bottom of page