top of page

Cyber Resilience Consultancy

P3M Works was selected by The University of West England to join their bank of Digital Consultants to provide cyber guidance and support to a select number of SME organisations through their Workforce of the Future support programme.

Overview

The Challenge

UWE wanted to provide expert cyber guidance to SMEs they were supporting, to raise their cyber hygiene levels and promote cyber security across the region. P3M Works helped UWE shape an effective cyber resilience and education package that could be scaled across SME organisations remotely or in person and achieve the following objectives:

- Achieve baseline understanding of the supported organisation’s cyber risk by conducting a cyber review.
- Mitigate the threats and vulnerabilities identified in the cyber review.
- Equip the supported organisation with tools and techniques to maintain their cyber health.
- Provide bespoke cyber training.

Our Approach

P3M Works worked with UWE to create a bespoke cyber resilience and education package that would bring targeted organisations to a baseline cyber security standard, which was aligned with IASME Cyber Essentials.  P3M Works deployed cyber consultants to the supported SME organisations with the initial objective of conducting a review of their current cyber security posture. During and after this initial objective, P3M Works spent time with each SME organisation’s cyber security lead to ensure that the objectives we had identified remained relevant. Some organisations required specialist tailoring which is detailed in the below examples. 

Example 1: School​

P3M Works delivered cyber consultancy to a school that had recently suffered a cyber-attack. P3M Works tailored the consultancy objectives to better suit the school’s circumstances, this included conducting: 

Cyber-attack recovery planning and tabletop exercises based on real world scenarios.

Reviewing and producing policy.

Producing materials for a cyber culture campaign.

 

Example 2: Defence SME

A defence SME organisation required enhanced technical review and remediation of their IT/OT systems after the cyber review revealed several vulnerabilities in the configuration of assets and accounts. We also: 

Produced bespoke training on how to use their chosen office suite and security software. 

Produced policies that align with industry to enable compliance with partner organisations when winning new work. 

Delivered a mini Information Security Management System so that the SME could keep track of all relevant information security knowledge. 

​​
Example 3: Professional Services Firm

This professional services SME had limited cyber security protection measures in place, however they were aware of this issue and had support from the firm’s leadership to enhance their cyber maturity. P3M Works spent time addressing processes and organisational culture to prep the company for technical changes such as the implementation of Multi-Factor Authentication (MFA) and VPNs. 

Advised on tools such as VPNs, firewalls, mobile device management and MFA methods to cover technical cyber risks. 

Developed processes, including developing a bespoke Joiners, Movers and Leavers process to decrease the likelihood of information leakage due to employee movement. 

The Outcome

SME organisations were able to achieve Cyber Essentials if they chose to and gained confidence with cyber security controls and functions, which resulted in a more positive cyber security culture, rather than a culture of concern. Furthermore, they understood their key vulnerabilities and their path to further organisational cyber maturity.

bottom of page