This case study explores why Brentwood Council chose to enter into a long-term partnership with Cyber Management Alliance to conduct cyber crisis tabletop exercises. It also sheds light on why and how the Council decided to commit to continuously building its cybersecurity capabilities with CM-Alliance.

Client Goals 

The ICT Manager of Brentwood Council, Tim Huggins, articulated the following objectives while choosing to partner with Cyber Management Alliance:

• To meet a governmental requirement to ensure that there is cybersecurity awareness within the organisation.
• To help employees across seniority levels understand their individual responsibilities as far as cybersecurity is concerned.
• To help the board understand their specific roles and responsibilities during a crisis.
• To build a long-term relationship with a cybersecurity advisory firm and have them as a “trusted friend” that the Council can turn to for critical business and cybersecurity decisions and perspectives. 

 

Why Cyber Management Alliance?

Brentwood Borough Council aimed to fulfil its regulatory requirement of conducting cyber awareness-building workshops within the organisation by having an experienced external facilitator conduct its Cyber Crisis Tabletop Workshops.

The three primary drivers for hiring an external trusted advisor included:

• Expert facilitation: Professionally delivered awareness building exercises always create a greater impact on the participants and keep them better engaged.
• Trusted external expertise: Professional opinion and guidance from trusted external experts often helps sell the same message better within the organisation.
• Bespoke attack scenarios: The diverse experience of an external facilitator means a good blend of real-world examples and organisation-specific scenarios, making lessons learnt more compelling for staff at all levels.

Tim Huggins first met Amar Singh (CEO of Cyber Management Alliance, cybersecurity expert & the facilitator of the tabletop exercises) at an NCSC-approved training conducted for tech members of all local governments of Essex County. The workshop aimed to inculcate expertise and knowledge about cyber incident planning and response and also create shared knowledge across the county so local authorities could support each other.

Tim was exceptionally impressed with how Amar ran that workshop, melding technical expertise with a human touch. This was amongst the foremost reasons why he decided to engage Cyber Management Alliance to build cybersecurity awareness within his organisation, a government mandate.  

 

“I attended an NCSC-approved training conducted by Amar and when I assessed what I learnt from that workshop, I realised that Amar would be very useful for creating the kind of awareness I wanted to build within my organisation.”
”

–Tim Huggins, ICT Manager, Brentwood Borough Council

 

Scenario Building

Scenario-building is extremely important to a successful cyber tabletop exercise. It makes the crisis workshop more realistic and having a scenario based on the organisation’s specific systems and operating frameworks makes the session far more relevant with better learning outcomes. 

Tim Huggins and Amar Singh worked together to create a scenario that would truly drive home the point that cybersecurity is the responsibility of each individual.

The scenario, thus created, focussed on the pandemic era and what each staff member would do if everyone in the IT team was down with COVID-19 and a cyber-attack did occur.

While sounding simple and straightforward, as the scenario highlighted events that could actually take place at Brentwood, the staff members started realizing that the attitude that 'cyber is mainly the IT team’s responsibility', needed alteration.

Tim further elaborated on how this worked out for his organisation: “We made the scenario very real for Brentwood. There was a lot of healthy debate and discussions that helped everyone understand that cyber is actually everybody’s responsibility. It started to change the mindset and raised awareness of middle to senior management. The extended leadership team definitely understood that cyber has to be treated like a joint focus area.”

 

Client Experience

Brentwood Borough Council derived the following benefits from the Cyber Crisis Tabletop Workshop planned and executed in collaboration with Cyber Management Alliance:

• Development of muscle memory amongst board members regarding what they need to do in case of a cyber event.
• An increased understanding amongst the leadership and middle management about their individual roles and responsibilities in case of a crisis.
• The need to take a fresh and more incisive look at disaster recovery plans and business continuity plans was highlighted during the workshop.
• Working with a scenario that could actually take place at Brentwood created a sense of urgency amongst workshop participants about enhancing their understanding of cyber incident response and planning.
• Received support to showcase the cyber incident response plan as an overall business continuity plan for an internal audit. The workshop reinforced the fact that cybersecurity delivers business continuity for all functions. This was a paradigm shift in mindset for the organisation.

“I got complete support for one comprehensive policy for cyber incident response & business continuity. This was a reflection on the massive change in culture in our organisation.”

- Tim Huggins

 

Continuing the Engagement

Inspired by the positive response received for the tabletop exercises and the cultural change they have brought about, Tim Huggins, has opted to maintain a long term relationship with Cyber Management Alliance.
Tim has onboarded CM-Alliance as a “trusted friend/critical advisor” to Brentwood Council. This relationship entails the following: 

• CM-Alliance acts as a trusted partner to Brentwood and steps in as an advisor at the time of critical decisions and events.
  
• CM-Alliance is a trusted external expert providing advice and guidance on cybersecurity to Brentwood Council.
  
• CM-Alliance provides on-going open conversations about the organisational security posture and what infrastructural enhancements can be made to improve and build upon current state of cyber safety.
  
• Continuous emphasis on awareness building within the organisation.
  

“Apart from the workshops, we have started to build a continuing relationship with CM-Alliance so that we have an equation almost like “Phone a Friend” or a trusted advisor. We are engaged in an ongoing discussion about cyber wherein Amar will provide us technical and targeted advice for my tech teams. It’s great to know that there is someone I can reach out to for any discussion and trust their opinion. We do have an outsourced SOC and we have a great relationship with them. But I think it’s really important to have an independent consultant so that you know you can have an open conversation about the organisation’s infrastructure and security posture at any point."

- Tim Huggins