Contact BlackFlag Advisory
Get a custom proposalSee your business the way a threat actor does.
BlackFlag Advisory is a Sydney-based GRC consulting firm delivering structured, evidence-based governance, risk, and compliance advisory for Australian businesses operating in complex, regulated environments. We specialise in passive OSINT assessments — using publicly available data to surface your organisation's external attack surface, technology exposure, credential breaches, email security gaps, and Privacy Act compliance posture, without accessing a single system.
Every engagement follows a disciplined five-phase framework, with all findings mapped to recognised standards including ASD Essential Eight, NIST CSF 2.0, ISO 27001, CIS Controls, and the Australian Privacy Principles. Deliverables include a structured risk register and a Board-level executive report that translates technical risk into clear, actionable language for non-technical decision-makers.
Founded by Cluny Archibald — a Bachelor of Cyber Security graduate with 20+ years of enterprise commercial experience — BlackFlag Advisory brings rare depth to GRC: formal cybersecurity qualifications combined with genuine business maturity.
-
Min project size
Undisclosed
-
Hourly rate
Undisclosed
-
Employees
2 - 9
-
Year founded
Founded 2025
No have been added yet...
Have you worked with BlackFlag Advisory?
Share your experience working with BlackFlag Advisory on a past project by leaving a review for buyers around the world
Contact BlackFlag Advisory
If you’re not seeing exactly what you need here, send this company a custom message. You can talk about your project needs, price, and timeline to get started on your project.
Sign in to see which brands trust BlackFlag Advisory.
Get connected to see updates from BlackFlag Advisory like new case studies, latest reviews, their latest masterpieces in their portfolio, delivered straight to you.