Cyber Security Professional of the Year Roy Borekar advocates for smarter IT audits and compliance to future-proof Australian businesses. Photo: Michelle Kroll.
You wouldn’t drive a car for 10 years without a service, but many businesses do exactly that with their IT systems.
From outdated hardware to unsupported software and clunky phone systems, these aging setups may still run, but they quietly accumulate what’s known as technical debt.
Left unchecked, this invisible burden can slow productivity, expose your company to security risks and cost you more in the long run.
While some companies proactively conduct regular audits, many more are driven solely by compliance and certification needs.
Roy Borekar, director for comprehensive IT service provider Solution Tech, says that in an age of digital peril, conducting frequent audits should be part of a company’s ‘business as usual’ activities.
“Vendors like Microsoft push out notifications, patches and updates monthly, if not fortnightly or even weekly. Each time your providers change something, it slightly alters how your surrounding systems interact,” he says.
“If you don’t keep on top of it, you become the easy target for hackers who are just scanning the landscape, looking for low-hanging fruit with doors and windows open. And if you think you’re too small to be a target, think again. Small companies are targeted all the time – they just don’t make the headlines.”
Technical debt can present in many ways — most of which users chalk up to “computer gremlins” or the daily frustrations of digital life.
When staff adapt to a new baseline of systems failure, inefficiency gets baked into workplace culture, and it becomes tempting to keep putting fixes off.
“A lot of organisations, particularly in government, can’t update as frequently as they should either because they don’t have the right skill set or can’t afford to go offline to do so,” Roy says.
“Think about Centrelink or Services Australia — organisations like that need to schedule their maintenance, and it can cause frustration for users. But the alternative — leaving it, or delaying it — is far more dangerous.”
Frequent system crashes or slowdowns, staff complaints about sluggish or unreliable systems, difficulty integrating with newer tools or cloud platforms, or simply running older systems and hardware that multiple generations of technology have superseded are all signals that it’s time for an audit.
Solution Tech has 20 years of experience helping clients reach the gold standard of cybersecurity. Photo: Michelle Kroll.
An audit provides a full snapshot of current systems, identifies risks, inefficiencies and cost drains, and delivers recommendations — even a roadmap for upgrades aligned to a business’s goals and budget.
This includes Essential 8 compliance – a set of eight cybersecurity mitigation strategies required for all government agencies and departments to comply with the Australian Signals Directorate, and recommended for all private businesses.
“Unlike the public sector, Essential 8 compliance isn’t mandatory for private businesses, but that’s the baseline they must meet if they want to work with government, especially Defence,” Roy says.
“There are three levels of IT security maturity, and more and more, we’re seeing that everyone wants to work with businesses that have their cybersecurity in order. So it’s also a question of staying competitive.”
For 20 years, Solution Tech has readied businesses for the gold standard of cyber security, including the Defence Industry Security Program (DISP), of which Essential 8 is just one component, and ISO 27000 certification – an international standard for information security management systems.
Their audits have armed companies with competitive advantages through smarter tools such as AI and automation, modern cyber defences, compliance readiness, lower energy costs, better sustainability through cloud systems, scalability to respond to market shifts, and foster a more productive, happier workforce.
Roy, who was just named 2025 Cyber Security Professional of the Year – Government and Defence at the Australian Cyber Awards, says it’s wise to bring in a Managed Service Provider (MSP) with wide-ranging experience, but cautions against those who aren’t up to date with Australian standards.
“Anyone can call themselves an expert. Don’t be afraid to ask about your MSP’s qualifications and experience, look at their clients, their testimonials and their awards,” he says.
“Choose an MSP with a wide range of expertise, and one that’s vendor agnostic, so you’re getting the systems in place that are most fit for purpose.”
For more information, contact Solution Tech.
