What we do

What do we do?

Beyond Blue partners with clients to tackle their most complex cyber and resilience problems.

The team engages at all levels but specialises in assisting and advising boards and senior management, with first-hand experience dealing with the unique challenges cyber and resilience poses for leadership. We recognise that our clients’ questions and problems are typically distinct and unique and draw upon the team’s extensive experience of advising and working at the highest levels of government, financial institutions, and critical national infrastructure to deliver innovative, tailored approaches that enable our clients to effectively manage the dynamic landscape they operate in.

Our core services

  • Bringing innovative approaches and varied experience to tackle your most complex problems
  • Providing strategic advice on national strategies, corporate strategies, crisis management, and cyber and resilience issues
  • Developing and running exercises, training, and capacity building
  • Offering an independent view of your threat landscape and risk exposure
  • Supporting cyber and resilience transformation through:
    • Target operating model design
    • Change programme management
    • Portfolio optimisation
    • Embedding new security and resilience models into the business

Our Experience

Between us, we have more than 60 years’ experience in delivering systems, structures and technologies for defence, security, and intelligence, at the highest levels of government.

We have supported clients in defining strategies to mitigate their dynamic and evolving cyber and technology risks, whilst helping clients prepare for, respond to and recovery from material cyber and technology incidents.

In the boardroom of major banks, Insurance Companies, Government Departments and FTSE Corporate entities we have delivered cyber workshops and facilitated exercises whilst at ExCo level we have delivered training and briefings in incident management, operational resilience, cyber crisis management and regulatory response.

We have conducted in depth cyber futures, threat, and control reviews and undertaken independent reviews of transformation programmes, managed risk modelling and developed target operating models.

In some of our clients’ darkest times, we have supported them in their real-time response to cyber and technology crises, advising Executive Committees and senior leadership in their response strategy, stakeholder management and communication strategies

For Scotland, David is currently leading the cyber strategy development whilst Paul is undertaking a nationwide review of infrastructure resilience for a national Academy.

We sit on the advisory boards of major retail and investment banks, and of internationally renowned Universities.

Our Beliefs

  • Technology risk starts with cyber, but rapidly moves beyond, into broader risk management, incident handling, and crisis management.
  • Resilience needs to be pragmatic, dynamic, and adaptable, and organisations will only survive and thrive if they can deal with tactical threats and anticipate strategic trends.
  • Both the problem and the solution can be found in culture and people, with the close support of senior leadership, technology, and process.
  • Resilience is a long-term investment that requires buy-in across all levels of the organisation; for an organisation to be truly resilient, the organisation’s definition of resilience needs to be understood and advocated by all employees.
  • Effective operations must combine with incident management and be firmly placed always in the context of the business.

In all of this, we hold that an understanding of the threat landscape and the context is key – not just at the business or the industry level, but at the national level also. A business sits in a relevant environment – their threat landscape is unique and must reflect their individual situation.