What the client asked – We were engaged by an independent oil and gas company to help them visualise their cyber risk.
What we did– we conducted threat, risk and impact analysis.
+ Threat assessment – We worked with the client to identify likely threat groups, common attack paths and attack behaviours to create relevant threat scenarios
+ Risk assessment – We conducted qualitative and quantitative research to build a NIST aligned risk assessment. We used the output of this work to provide additional context to our threat work.
+ Impact analysis – Following our controls assessment and incident response desk top exercise, we identified gaps in the clients approach to response and recovery prompting a review of their Business Impact Analysis.
We stay on top of our industry by being experts in yours.