~/odmar
← Back to work

~/work/cybersecurity-strategy

Corporate cybersecurity strategy

EDR, VPN, MDM, privileged access management, and an incident response plan, rolled out group-wide.

Problem

The group’s cybersecurity posture was reactive: no unified endpoint protection, no formal incident response plan, and no way to measure how staff would actually respond to a real phishing attempt.

What I built

I defined and rolled out the group’s cybersecurity strategy: endpoint detection and response across all branches, a corporate VPN, mobile device management, and privileged access controls for administrative accounts, backed by a written incident response plan. I also ran live phishing and social engineering simulations with staff and turned the results into an ongoing security awareness program.

Outcome

A cybersecurity program with real coverage and a measured baseline, not just policy on paper, built on the same controls the group’s C-TPAT certification depends on.