Cyber Security Strategy Development & Cyber Awareness Training for a Charity

The Client

Large Charity – Cyber Security Strategy Development & Cyber Awareness Training

The Problem

This organisation is a large self-sustaining charity, which has grown substantially over the past several years and is continuing to grow at a steady rate. The organisation requires, holds, and manages substantial amounts of data in various formats, with most data being critical to the running of the organisation. The charity wanted a review of their information security posture with the view to improving information security throughout the organisation. They wanted to develop a Cyber Security Strategy that would be flexible, maintainable, fit for purpose and one that evolves with the organisation. They also wanted Cyber Awareness Training for all their people.

What We Did

We started by gaining buy-in from the Board to add weight to the project and to ensure a successful outcome throughout the organisation.

This project was delivered in phases and followed our tried and tested Project Life Cycle approach.

The 1st phase – Analysis and Planning – this phase covered the project management and deliverable side of things such as, Defining & Agreeing the Scope, Project Plan, Timeline, RAID log, Resource Planning etc…

The 2nd phase – Investigation & Risk – covered things such as, review of current Security Posture, review of ICT systems, Soft Systems, ICT Assets, Information Assets, Software, Access Controls, Policies, Procedures, Threat & Vulnerability Analysis, Risk & Mitigation plus Recommendations

The 3rd Phase – Implementation & Training – covered implementing processes, polices & procedures, implementing mitigation measures and recommendations. Setting up a continuous Cyber Awareness Training Program and delivering Cyber Awareness Training to over 300 employees.

The Benefits

  • Improve the charities Security posture
  • Improve Information Security
  • Improve Cyber Awareness through continuous engagement and training
  • Protect the Organisations Information
  • Protect the charities reputation
  • Protect their customers, partners and other stakeholders’ information
  • Recovery quickly, limit damage
  • Ensure legal conformity