CBB Case Study 2025

Cybersecurity Managed Services for Community Business Bureau (CBB)

CBB is a socially-driven organisation dedicated to strengthening the not-for-profit sector. Through personalised salary packaging, expert advisory services, and strategic partnerships, CBB helps not-for-profits become more sustainable, capable, and impactful, empowering them to create positive change in more lives.

CBB engaged Logi-Tech to support their journey toward PCI DSS compliance, seeking both the technology and expertise required to meet rigorous security standards. With a strong understanding of the threat landscape and its impact on business operations, Logi-Tech translated complex compliance requirements into practical, achievable actions.

The PCI DSS defines security requirements to protect environments where payment account data is stored, processed, or transmitted. PCI DSS provides a baseline of technical and operational requirements designed to protect payment account data. The PCI Security Standards Council (PCI SSC) is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

Supporting CBB

Achieving PCI DSS compliance is a significant undertaking, and CBB approached it with a long-term view. We worked closely and diligently with their team, implementing fit-for-purpose technologies while also advising on forward-looking solutions to support future decision-making.

Recognising the cost and governance implications of security enhancements, we focused on value, ensuring each step was strategic, justifiable, and sustainable. Through proactive monitoring and management of the current toolset, we've provided CBB a clear view of their environment and ensured critical assets, such as firewalls, remain up to date and secure.

This collaborative approach has delivered measurable progress. Today, CBB benefits from improved visibility, maintained security controls, and a clear understanding of the remaining capability gaps along with a roadmap of the technologies that will enable CBB to fully achieve PCI DSS compliance. - David Hombsch, Chief Technical Officer, CBB

Enhancing CBB's Cybersecurity Maturity through Strategic Implementation and Ongoing Support

As part of CBB's journey towards PCI DSS compliance, Logi-Tech implemented continuous automated penetration testing, delivering ongoing assurance through regularly scheduled assessments. These include Black Box, Grey Box, vulnerability scanning, and password cracking tests, configured and cycled weekly to maintain robust visibility of the environment. Any issues identified are swiftly remediated, followed by retesting to confirm successful resolution.

To further strengthen CBB's cybersecurity posture, Logi-Tech deployed a suite of best-practice solutions:

1. Airlock Allowlisting – Enforcing a strict security posture through application-level allowlisting.
2. Trend Micro XDR – Providing advanced threat detection, email filtering, and phishing prevention.
3. KnowBe4 Training – Delivering ongoing cybersecurity awareness campaigns, with a focus on PCI DSS-specific education tailored by Logi-Tech.
4. Azure-Based Disaster Recovery – Ensuring business continuity through secure, cloud-based backup and recovery services.

The result

These strategic implementations have resulted in a well-managed, secure environment. CBB has made significant progress toward PCI DSS compliance, far exceeding their previous position, with consistent visibility and governance in place.

Executive-level cybersecurity reports are provided to the Board monthly, supported by detailed technical reports to ensure transparency and informed decision-making. Regular fortnightly meetings enable proactive discussion of findings and remediation efforts, ensuring alignment and accountability.

Throughout this partnership, Logi-Tech has maintained a high level of trust and responsibility in managing CBB's ICT environment. Our commitment to honesty, integrity, and strategic foresight is recognised and appreciated by the client.

All solutions are designed with long-term growth in mind, typically supporting a five-year lifecycle, and are built to balance on-premise capability with scalable, cloud-based resilience. This forward planning enables predictable budgeting, minimises disruptions, and ensures a secure and sustainable future for CBB.

Download the Case Study