Executive Summary
C3IA Solutions was approached by an embedded Programme Manager who had worked alongside the C3IA Security Director whilst supporting a previous Government Cyber and Digital Security contract. The client was in the process of establishing a Governance focused approach to Risk Management but it was apparent that they required additional capability to deliver the 1st Line Cyber Support to manage incidents and events as they were occurring.
C3IA Solutions was initially tasked with establishing a team of 3 National Cyber Security Centre (NCSC) Certified Professionals (CCP) to develop, monitor and deliver security operations procedures, standards, testing plans and technical baselines aligned to the new security Target Operating Model (TOM). The team’s role was to deliver continuous improvement to mitigate cyber risks aligned with IT Divisional strategy and industry best practice. Additionally, the team was required to develop management consoles, security incident and event management, correlation tools, and other analysis mechanisms to assess trends and risks in collaboration with service providers. They were also required to assess and interpret threats, vulnerabilities and environmental changes that affect cyber risk within the company framework and investigate to successful resolution Cyber-attacks and incident impact analysis.