Hit Essential Eight, guard IP, and keep your Defence contracts - practical tactics for Aussie defence SMEs.

Small and mid-sized firms sit at the sharp end of Australia’s defence supply chain. They build smart kit, hold sensitive data and keep prime contractors moving - yet many still treat security as a box-ticking chore. In this episode of Intelligence Optimised, host Todd Crowley sits down with veteran security strategist Aaron Pollard to spell out what “good” now looks like.

 Key talking points
✔️Why cyber security outranks physical guards and gates in 2025.
✔️The jump from Top 4 to Essential Eight maturity level 2 and what it costs.
✔️Using Defence Industry Development Strategy grants to fund your uplift.
✔️Mapping and marking intellectual property so it doesn’t walk out the door.
✔️Leveraging ASIO outreach and insider-threat training to turn staff into sensors.
✔️Scoping controls only to defence-facing networks to save cash.
✔️How workforce shortages and ASD’s Red Spice program are pushing salaries north.

📍Why it matters
Defence expects the same security baseline from a five-person CNC shop as it does from the primes - fail to meet it and your purchase orders disappear. Aaron breaks down the hidden levers SMEs can pull: narrow the system boundary, pick the right managed service provider, and use grant money only after a Defence-issued Maturity Action Plan. The result: compliance you can actually afford, and information assurance your customers will bank on.

Whether you manage a niche software team in Adelaide or a composites plant in Brisbane, this conversation hands you the playbook to cut risk, lift resilience and keep delivering capability across the Indo-Pacific.

Find deeper briefs and step-by-step guides inside Vaxa Bureau.