Scaling Cyber Resilience in a High-Stakes Digital Environment
Empowering a global enterprise to embed cyber resilience, drive secure change, and foster a culture of cybersecurity through people-centric transformation.
Project Overview
A large, complex global organisation operating across multiple regions with a diverse workforce and high-stakes digital infrastructure launched a multi-year Cybersecurity Programme to strengthen its resilience in an increasingly complex and high-risk digital landscape. Sysdoc was engaged to provide strategic and tactical Change Management support across a wide range of initiatives, ensuring that people remained the first line of defence.
The Challenge
The organisation was undergoing a significant transformation in its digital security posture, driven by the need to unify multiple cybersecurity initiatives under a cohesive strategy while maintaining business continuity and user engagement. Key challenges included:
Strengthening cybersecurity across technical, governance, and cultural dimensions.
Rapidly adapting to remote working demands.
Driving adoption of new systems and processes across a diverse, global workforce.
Embedding cybersecurity awareness and accountability into the organisational culture.
Coordinating multiple interdependent projects under a unified cyber strategy.
A critical challenge was ensuring that employees and third parties understood their role in maintaining cybersecurity - even when it wasn’t part of their core responsibilities.
Sysdoc began its engagement in November 2017 by designing and deploying a comprehensive Cybersecurity Awareness Training programme. This included an ongoing Phishing Awareness campaign embedded into Business-as-Usual (BAU) activities. Key activities led by the Change Manager included:
Responding to employee queries on cybersecurity practices.
Facilitating cyber workgroups on topics like Business Email Compromise.
Delivering presentations across business units.
Launching initiatives to keep cybersecurity top of mind (e.g., Cyber Safe Week, branded screensavers, mouse pads).
Reviewing and refining Cyber Safe assets.
Developing an Information Security Awareness Portal.
Development of a new Information Security Standard, applicable to all employees of the organisation.
Establishing a global Cyber Ambassador network.
Creating client-specific e-learning aligned with the Information Security Standard.
Deploying the Ironscales phishing simulation tool to 30,000 desktops, with supporting communications and training.
Provided support for the development of the new Cybersecurity Operating Model.
Later, the client appointed a permanent Cybersecurity Lead. This allowed Sysdoc to shift focus toward broader Change Management support across the Cybersecurity Programme, while continuing close collaboration with the new lead.
Our Approach
Sysdoc applied a people-centric, business-led change approach tailored to the maturity and impact of each initiative.
Our work spanned four key pillars of the Cyber Programme:
Key OCM Deliverables
Change Strategy & Business Deployment Plans.
Role-based Change Journeys & Champion Networks.
Stakeholder Engagement & Communications Planning.
Training Materials (e-learning, videos, lunch & learns).
User Guides & Transition Plans.
Capability Maturity Assessments.
Business Readiness Planning.
Project Highlights
Governance, Risk & Compliance
ServiceNow IRM Implementation: Enabled Cyber GRC and Group Risk teams to manage governance and controls effectively, with Super Users embedded in design and training.
Cyber Continuous Assessment Framework: Developed reusable onboarding journeys and guidance for evolving stakeholder groups.
Third-Party Risk Management (TPRM): Delivered role-based education and aligned project frameworks to improve compliance and reduce last-minute escalations.
Identity Management
SailPoint IdentityNow Rollout: Onboarded 100+ critical applications with targeted training and quarterly communications.
Secure Document Repository Implementation: Supported stakeholder engagement, document analysis, and training for secure handling of classified information.
Privileged Access Management (CyberArk): Delivered change support for secure access protocols for internal and third-party administrators.
Technical Enhancements
Zscaler Agent & VPN Split Tunnelling: Improved remote working performance and security by enabling direct internet traffic routing via Zscaler, reducing network load and enhancing device protection.
The Outcome
Sysdoc’s involvement helped this technology-reliant enterprise with extensive systems integration, third-party partnerships, and a need for scalable, secure digital practices:
Embed sustainable cybersecurity practices across business units.
Drive adoption of new technologies and secure processes.
Foster a culture of cyber awareness and accountability.
Empower Change Champions to lead business-led transformation.
Deliver consistent, role-specific training and support materials.
The Cybersecurity Programme significantly enhanced a large, complex global organisation operating across multiple regions with a diverse workforce and high-stakes digital infrastructure’s cyber resilience, with people at the heart of its defence strategy.
No items found.
No items found.
No items found.
No items found.
Related Case Studies
We believe that the best way to showcase our expertise and the value we bring to our clients is through real-world examples.
