~/work/cybersecurity-strategy
Corporate cybersecurity strategy
EDR, VPN, MDM, privileged access management, and an incident response plan, rolled out group-wide.
Problem
The group’s cybersecurity posture was reactive: no unified endpoint protection, no formal incident response plan, and no way to measure how staff would actually respond to a real phishing attempt.
What I built
I defined and rolled out the group’s cybersecurity strategy: endpoint detection and response across all branches, a corporate VPN, mobile device management, and privileged access controls for administrative accounts, backed by a written incident response plan. I also ran live phishing and social engineering simulations with staff and turned the results into an ongoing security awareness program.
Outcome
A cybersecurity program with real coverage and a measured baseline, not just policy on paper, built on the same controls the group’s C-TPAT certification depends on.