Cybersecurity

Our Cybersecurity experts help client protect their digital enterprise against cyber attacks and internal malicious behaviour. 


Transforming the front and back-end of one’s business to make the most of new ways of working is a strategic imperative and doing so securely with effective cyber defence is a powerful enabler. 

Our expertise and unique approach

Our UK Cybersecurity Consulting team  has proven experience of defining and implementing the right strategy, target operating model and Governance, Risk and Compliance structures to help clients ensure their security design and operations support strategic objectives and business continuity. We support our clients throughout their digital and Cybersecurity transformations with services integrated into the Cybersecurity strategy, along with protection and monitoring capability.

This team is part of a global network of over 50 specialist security strategy consultants with vast experience helping clients understand and resolve complex Cybersecurity challenges in all verticals: defence, aerospace, government, telecom, finance, transportation, energy & utilities, health care and manufacturing.

They are an important part of a much larger global Capgemini Cybersecurity practice of over 2500 experienced security professionals delivering a wide range of security services including security technology implementation and infrastructure service

The Cybersecurity consulting offer addresses a wide range of security management challenges. The following is a list of key services that are currently part of this offer:
 

  • Maturity Assessment – We design transformation programs (quick wins, hot topics and mid-term roadmap) based on a 360° approach (technology, people, process, regulation) leveraging international standards and our own methodology.
     
  • Organisation Transformation and Professionalisation – We take a holistic approach to transforming Cybersecurity management, encompassing Information Technology, Operation Technology and Data Protection, through a qualitative and quantitative assessment of resources (internal and outsourced), organisation and governance. We help organisations professionalise delivery of enterprise Cybersecurity services supporting them with target organisation design, developing job descriptions (CISO, DPO, analyst, architect, etc.), populating RACI matrices, designing governance scheme, framing sourcing strategies and creating training / certification programs.
     
  • Awareness & Change Management – We put people at the heart of Cybersecurity by helping to deploy a tailor made Cybersecurity cultural change plan (communication, awareness and training) according to organisation’s risk profile, relevant issues and availabilities of resources and budget.
     
  • Data Classification/Protection/Privacy/Leakage – Based on a maturity assessment, we develop Cybersecurity programs focussed on protecting critical data throughout its lifecycle. We help identify critical data assets and build a data management roadmap including data governance, data classification, identity and access management, storage and destruction, encryption and data leak.
     
  • Economics and Cyber Insurance – For our more mature and largest clients, we also conduct assessments of Cybersecurity budget and its split between organisation, protection and supervision. We analyze OpEx and CapEx, people and tools. We also enable our client to review their cyber insurance policy.
     
  • Crisis Management for C-levels – Cyber attacks is commonplace and we help senior leaders at clients to be ready to manage Cybersecurity crisis (by elaborating and testing concrete scenarios in their business and operational context). 

Our track record

Recent examples of our work include:
 

  • UK Utility Developed a security strategy and designed a security operating model to secure a major IT transformation programme re-wiring the IT infrastructure to introduce cloud based services and bring new ways of working to the IT department.
     
  • Transport infrastructure provider Designed and supported the implementation of a strategic Identity & Access Management service for one of the UK’s leading transportation infrastructure provider.
     
  • UK Government Department Developed an organisation design and capability management framework to deliver the department’s vision of developing and sustaining a world class security team.
     
  • UK Utility Developed a holistic identity and access management strategy that address all emerging identity security related needs across the organisation including customer, partners and employees.
     
  • UK Government Department Benchmarked against industry best practice and other government departments, the ability of the department to use enhanced data analytics and data matching with cyber intelligence feeds to undertake and prevent fraud/error.
     
  • UK Utility Energy suppliers in the UK must sign up to the Smart Energy Code (SEC) and integrate with the Data Communications Company (DCC) in order to meet license obligations to operate Smart Metres. Developed detailed requirements and an operating model to meet the SEC security obligations and integrate securely with the DCC.
     
  • UK Government Department Assessed the need for an identity solution, designed user journeys for the to-be processes and consequently inform the design of the new digital services of the department. Use this analysis to build a high level business case for the best interim solution.