Cyber Incident Response

Thursday 2 March 2023

Cyber Incident Response

We were brought in to provide project management services for a cyber incident response team to support a client organisation that was responding to (and recovering from) a recent cyber incident.


The client had been the subject of a phishing and ransomware attack that had disabled its whole operational and backend network and encrypted a significant amount of its data. We were tasked with providing project management and support for the cyber incident response team.


Firstly, the challenge was to get basic operations back up and running quickly, while recovering. Secondly, we needed to reinstate a broader set of systems as well as introduce a modernisation programme.


We were brought in to provide initial project management-type services to help manage the day-to-day initial crisis response of the attack and prioritise the cases that the team needed to respond to most urgently. After this initial step, our role was to put together a phased approach to restore broader services and introduce a new governance and control regime while working within a multi-disciplined team of suppliers.


We introduced much-needed structure, governance, processes and discipline into the team and laid the foundations for the client to introduce a more structured digital modernisation programme.