Energy Research
For the last two years Opliciti partnered with an internationally recognised energy sector organisation, headquartered in London with offices in the USA, Singapore and Japan.
We delivered security direction enabling security certification, policy development, security technology integration and security operations solutions.
Client requirement:
The client was concerned that some of its operations could attract attention for state-backed cybercrime. Opliciti was initially engaged to develop visibility of the client’s cyber security threat and risk but were then engaged following the threat and risk reporting to mature the client’s security posture.
Client requirement:
The client was concerned that some of its operations could attract attention for state-backed cybercrime. Opliciti was initially engaged to develop visibility of the client’s cyber security threat and risk but were then engaged following the threat and risk reporting to mature the client’s security posture.
Opliciti deliverables and value:
Opliciti performed qualitative and quantitative analysis to build organisation context and identify an initial threat profile. Opliciti drew on threat intelligence data from world-renowned intelligence sources to build a picture of possible threat groups and Tactic, Techniques and Procedures (TTP).
Furthermore, we used this work to create scenario-based attack tree examples drawing on MITRE ATT&CK framework. Opliciti also conducted a NIST-based cyber security maturity assessment. The assessment identified the organisation’s current state across NIST areas, IDENTIFY, PROTECT, DETECT, RESPOND and RECOVER, recommending proportionate security controls aligned with each sub-category; cognisant of both the threat and scenario-based activity outcomes.
Following a review of the threat and risk, we were further engaged to improve the client’s security posture, supporting deployment of Microsoft 365 technologies and the implementation of Microsoft Sentinel. Our configuration of Microsoft Sentinel included bespoke non-standard connections, specific-use case design, support monitoring and response and staff mentoring.