Cyber Scout speeds up cyber security enquiries and scoping with an AI powered WhatsApp chatbot
Cyber Scout
Overview
Cyber Scout is a Cheltenham based cyber security specialist helping UK organisations strengthen their security posture through penetration testing, vulnerability assessments, phishing campaigns, Cyber Essentials support and Operational Technology monitoring for environments that can include SCADA, PLC and DCS systems.
Their team is known for being friendly, thorough and highly consultative. As demand grew, that high touch approach created a new challenge: prospects wanted quick answers and fast scheduling while the team needed enough detail up front to scope work accurately.
The challenge
Cyber Scout faced three common friction points in the early stages of a customer relationship.
High volume enquiries with mixed technical depth
New enquiries ranged from non technical questions such as what Cyber Essentials includes to highly technical queries about OT environments and monitoring requirements. Handling this across email, web forms and calls created delays and interrupted deep focus work.
Slow scoping meant slower quotes
Accurate quotes rely on structured scoping questions per service. When scoping happened over multiple back and forth exchanges, prospects sometimes dropped out or booked time without the right context, leading to longer calls and rework.
Scheduling and start dates were hard to coordinate
Prospects wanted a meeting quickly and existing customers wanted to reserve delivery slots. Manually checking calendars, coordinating consultants and finding realistic start dates created admin load and occasional bottlenecks.
Why WhatsApp
Cyber Scout chose WhatsApp because it removes common barriers to engagement.
- No apps to download
- No new logins or passwords
- Personal familiar experience
For customers, it feels like contacting a helpful person. For Cyber Scout, it creates a single always on channel that supports quick decisions.
How the AI WhatsApp chatbot was implemented
The WhatsApp chatbot was designed to support the full journey from first question to booked meeting while keeping Cyber Scout in control of when a consultant steps in.
Always on service and question handling
The chatbot answers both technical and non technical questions about each service, including plain language explanations for services like penetration testing and Cyber Essentials and clearer context for OT monitoring where systems may involve SCADA, PLC and DCS.
It also guides customers to the next best step, whether that is gathering scoping details, booking an initial call or escalating to a consultant.
Structured scoping that matches how Cyber Scout quotes
When a customer is ready, the chatbot asks scoping questions aligned to Cyber Scout’s scoping documents for each service. This turns an unstructured enquiry into usable requirements that the team can quote confidently.
Customers who prefer not to answer everything are still supported. The chatbot can collect what they are comfortable sharing and then offer a call to fill in the gaps.
Meeting booking inside the chat
The chatbot integrates with Office 365 calendar to check availability and schedule meetings for:
- Initial enquiry meetings
- Technical scoping calls when appropriate
This removes the back and forth of suggesting times and waiting for confirmation.
Smarter experiences for existing customers
For repeat customers, the chatbot recognises them through CRM integration and understands what services they have used previously. This enables more relevant guidance, faster repeat engagement and a smoother route to booking follow on work.
Reserving delivery start dates for known scope projects
For projects that have already been scoped and where days of effort are known, the chatbot can identify realistic start windows and pencil projects into the calendar. This helps Cyber Scout protect delivery capacity while giving customers confidence on timelines.
Benefits and results
Faster response and higher quality enquiries
With AI powered 24 7 availability and instant responses, Cyber Scout can engage prospects immediately, even outside business hours. This keeps momentum high at the moment intent is strongest.
The chatbot can also handle multiple customers at once, removing bottlenecks during busy periods and ensuring every enquiry gets attention.
Better prepared calls and more accurate quoting
By capturing scoping details in advance, the team receives more complete information before a call. Consultants can focus on risk, approach and value rather than basic discovery.
This improves quote accuracy, reduces follow up cycles and supports faster time to proposal.
Improved customer engagement through personalisation
Because the chatbot recognises existing customers and their past services, it can tailor suggestions and routes. That makes the experience feel personal while still operating at scale.
Lower admin workload and cost savings
Automated scheduling and structured information capture reduce time spent on admin tasks. This creates cost savings on support effort while preserving Cyber Scout’s consultative quality.
Multilingual support for wider reach
Multilingual support allows Cyber Scout to confidently engage international stakeholders and UK based organisations with multilingual teams, especially for larger groups where procurement, operations and IT may not share the same first language.
Examples of operational improvements
Example 1: Penetration testing enquiries convert faster
A prospect exploring a penetration test can quickly understand options, provide key scoping inputs and book a technical scoping call in one continuous experience. Cyber Scout receives a clearer request and the prospect gets a confirmed meeting without delays.
Example 2: OT monitoring questions handled with clarity
Organisations with industrial environments often need reassurance that OT is understood. The chatbot explains OT monitoring in accessible language, highlights common system types such as SCADA, PLC and DCS and gathers the environment details needed to route to the right specialist.
Example 3: Existing customers secure delivery slots
A repeat customer returning for a known scope engagement can reserve a start window without waiting for email coordination. This reduces uncertainty and helps Cyber Scout plan delivery efficiently.
Additional features that could help Cyber Scout
Lead qualification and routing
Add intelligent qualification to identify sector, urgency, compliance drivers and key stakeholders then route to the right consultant, for example OT focused specialist versus governance and compliance support.
Document capture and pre audit preparation
Enable customers to securely submit relevant context such as network diagrams, asset lists, policy documents or Cyber Essentials evidence packs. The chatbot can check completeness and flag missing items.
Automated reminders and preparation packs
After a meeting is booked, the chatbot can send reminders and a short preparation checklist to ensure calls are productive and scoping is completed quickly.
Post engagement check ins and upsell prompts
After a project, the chatbot can schedule follow up check ins, collect feedback and suggest sensible next steps such as a retest, phishing refresh or ongoing vulnerability management.
Incident triage pathway
Offer a clear route for urgent incidents that captures key facts, sets expectations and triggers an immediate escalation to the right on call contact.
Reporting and insights
Provide a weekly digest of top enquiry themes, conversion rates from enquiry to meeting and common drop off points so Cyber Scout can continuously improve service messaging and pricing clarity.
Summary
By combining the convenience of WhatsApp with AI chatbot capabilities, Cyber Scout created a faster, more consistent way to handle enquiries, capture scoping details and book the right meetings. Customers get a familiar experience with instant support while Cyber Scout benefits from higher quality leads, smoother operations and more time for consultants to focus on delivering great security outcomes.
Example Conversations
See how this chatbot interacts with users
Hi—can you explain Cyber Essentials and help me get started?
Absolutely. Cyber Essentials is a UK government-backed certification that shows you’ve got key cyber controls in place. It focuses on five areas:
- Firewalls & internet gateways
- Secure configuration
- User access control
- Malware protection
- Patch management
At Cyber Scout we can guide you through scoping, evidence gathering, and completing the questionnaire (and Plus if you want the hands-on audit). To get you started, can I ask a few quick questions about your organisation?
Yes please. We’re a small company and want it mainly for supplier requirements.
Perfect—supplier requirements is a common driver. A few scoping questions so we point you at the right level:
- How many staff (roughly), and do you have many remote workers?
- Do you use Microsoft 365/Google Workspace, or on-prem email/files?
- Do you have an internal IT person/provider?
- Any servers or everything cloud-based?
- Do you think you’ll need Cyber Essentials Plus, or is standard certification OK for now?
If you’re not sure on any, just say “unknown” and we’ll fill gaps on a call.
We’re 28 people, mostly hybrid. Microsoft 365. We use an MSP for IT. No on-prem servers, just laptops and a couple of shared printers. Not sure about Plus.
Thanks—sounds like a straightforward Cyber Essentials scope. Given you’re cloud-first with an MSP, the key pieces are usually device setup (patching, malware protection), MFA, admin access, and making sure any “non-standard” devices (printers, routers) are included correctly.
Quick clarifiers:
- Devices: roughly how many Windows/Mac laptops?
- Mobiles: do staff access email on personal phones (BYOD)?
- MFA: is multi-factor enabled for Microsoft 365 for all users?
Then I can recommend standard vs Plus and line up an intro call.
About 30 Windows laptops. People use personal iPhones for email. MFA is on for most but I’m not 100% sure it’s enforced for everyone.
Got it. The BYOD email access and “mostly” MFA are the two areas we’d want to tighten up early—both are very manageable.
On Plus vs standard:
- Standard: self-assessment questionnaire (we help you complete it and get evidence in order).
- Plus: includes an independent technical check (device/user config sampling). Some suppliers prefer this because it’s verified.
If you tell me the supplier’s wording (e.g., “Cyber Essentials” vs “Cyber Essentials Plus”), we can be definitive.
Would you like to book a 20-minute intro call with a consultant? I can offer:
- Tue 11:30
- Wed 15:00
- Thu 09:30
Let’s do Wed 15:00. And the supplier just said “Cyber Essentials certification”.
Perfect—I’ll book you in for Wed 15:00 for a 20-minute Cyber Essentials intro with a Cyber Scout consultant.
Before I lock it in, can you share:
- Name
- Company name
- Email address (for the calendar invite)
Based on the supplier wording, standard Cyber Essentials is likely sufficient, but we’ll confirm on the call and outline the quickest route to certification.
Swipe for more →
1. Prospect asks about Cyber Essentials; Cyber Scout chatbot explains it, gathers scoping details, and offers call times with a consultant.
Hi—can you explain Cyber Essentials and help me get started?
Absolutely. Cyber Essentials is a UK government-backed certification that shows you’ve got key cyber controls in place. It focuses on five areas:
- Firewalls & internet gateways
- Secure configuration
- User access control
- Malware protection
- Patch management
At Cyber Scout we can guide you through scoping, evidence gathering, and completing the questionnaire (and Plus if you want the hands-on audit). To get you started, can I ask a few quick questions about your organisation?
Yes please. We’re a small company and want it mainly for supplier requirements.
Perfect—supplier requirements is a common driver. A few scoping questions so we point you at the right level:
- How many staff (roughly), and do you have many remote workers?
- Do you use Microsoft 365/Google Workspace, or on-prem email/files?
- Do you have an internal IT person/provider?
- Any servers or everything cloud-based?
- Do you think you’ll need Cyber Essentials Plus, or is standard certification OK for now?
If you’re not sure on any, just say “unknown” and we’ll fill gaps on a call.
We’re 28 people, mostly hybrid. Microsoft 365. We use an MSP for IT. No on-prem servers, just laptops and a couple of shared printers. Not sure about Plus.
Thanks—sounds like a straightforward Cyber Essentials scope. Given you’re cloud-first with an MSP, the key pieces are usually device setup (patching, malware protection), MFA, admin access, and making sure any “non-standard” devices (printers, routers) are included correctly.
Quick clarifiers:
- Devices: roughly how many Windows/Mac laptops?
- Mobiles: do staff access email on personal phones (BYOD)?
- MFA: is multi-factor enabled for Microsoft 365 for all users?
Then I can recommend standard vs Plus and line up an intro call.
About 30 Windows laptops. People use personal iPhones for email. MFA is on for most but I’m not 100% sure it’s enforced for everyone.
Got it. The BYOD email access and “mostly” MFA are the two areas we’d want to tighten up early—both are very manageable.
On Plus vs standard:
- Standard: self-assessment questionnaire (we help you complete it and get evidence in order).
- Plus: includes an independent technical check (device/user config sampling). Some suppliers prefer this because it’s verified.
If you tell me the supplier’s wording (e.g., “Cyber Essentials” vs “Cyber Essentials Plus”), we can be definitive.
Would you like to book a 20-minute intro call with a consultant? I can offer:
- Tue 11:30
- Wed 15:00
- Thu 09:30
Let’s do Wed 15:00. And the supplier just said “Cyber Essentials certification”.
Perfect—I’ll book you in for Wed 15:00 for a 20-minute Cyber Essentials intro with a Cyber Scout consultant.
Before I lock it in, can you share:
- Name
- Company name
- Email address (for the calendar invite)
Based on the supplier wording, standard Cyber Essentials is likely sufficient, but we’ll confirm on the call and outline the quickest route to certification.
2. A returning customer asks to book a repeat penetration test; Cyber Scout’s WhatsApp bot recalls prior scope, confirms updates, and offers dates.
Hi Cyber Scout, we worked with you last year on a pen test. Can we schedule a follow-up that’s basically the same?
Hi! Yes, we can get that booked. I’ve found your previous engagement in our CRM: an external web app + API penetration test for Acme Logistics, delivered over 3 days, with a short retest window afterwards. Does that sound like the one?
Before I reserve a delivery slot, have any of these changed since last time?
- Primary app/API URLs or hosting setup
- Major new features (auth, payments, admin portals)
- Testing window constraints (freeze periods)
Yep that’s the one. Same app and API base URLs, but we’ve added SSO with Azure AD and a new admin area. No change freeze. We’d like it in the next 3–4 weeks if possible.
Got it — adding SSO (Azure AD) and the new admin area is a meaningful change, but it still fits the same style of engagement.
Quick checks so we scope it cleanly:
- Is the SSO SAML or OIDC?
- Will you provide 2–3 test accounts (user + admin)?
- Any IP allowlisting/VPN needed for access?
Availability-wise, I can pencil in a 3-day delivery slot on:
- Tue–Thu 18–20 Feb
- Mon–Wed 24–26 Feb
- Wed–Fri 5–7 Mar
Which works best?
OIDC. Yes we can provide accounts. No VPN, but we do have IP allowlisting. 24–26 Feb works best.
Perfect — I’ll reserve Mon–Wed 24–26 Feb for the follow-up web app + API test.
For the IP allowlisting, please share the environment(s) we’ll be testing (e.g. prod/staging) and I’ll send the Cyber Scout tester IPs to whitelist.
Last couple of details to lock it in:
- Main contact for coordination (name + email)
- Preferred report recipients
- Do you want the same retest approach as last time (e.g. up to 4 hours within 2 weeks)?
Once you confirm, I’ll book it in and send a calendar invite + a short prep checklist.
Test in staging please. Main contact is Priya Shah (priya.shah@acmelogistics.co.uk). Report to Priya and Mark Dent (mark.dent@acmelogistics.co.uk). Retest same as last time is fine.
Thanks — booked in.
Penetration Test: Web app + API (incl. OIDC SSO + new admin area)
Environment: Staging
Delivery: Mon–Wed 24–26 Feb
Retest: Up to 4 hours within 2 weeks
I’ll email Priya the calendar invite and prep checklist shortly, and I’ll send the tester IPs for allowlisting in the same thread.
If anything changes (new endpoints, release dates, access constraints), just message me here and I’ll adjust the plan.
3. A prospect asks how OT monitoring works for SCADA; Cyber Scout explains approach, collects key environment details, and books a scoping call.
Hi—how does your OT monitoring work for SCADA systems?
Hi! You’re through to Cyber Scout.
Our OT monitoring for SCADA is designed to improve visibility without disrupting production. Typically we:
- Discover assets (SCADA servers/HMIs, PLCs/RTUs, historians, engineering workstations) and map communications.
- Passively monitor network traffic (e.g. industrial protocols) to spot abnormal behaviour, misconfigurations, and risky remote access—no active scanning on sensitive segments unless agreed.
- Alert + triage with clear severity, recommended actions, and OT-aware context.
- Report trends (asset changes, vulnerabilities where safe, and exposure) and help you prioritise fixes.
To tailor this, what SCADA platform/vendor are you running (if you can share)?
Mostly Siemens WinCC with a few older PLCs. Mix of Windows Server and some legacy kit. Remote access is via a vendor VPN.
That’s helpful, thanks. With WinCC + mixed-age PLCs, we usually focus on:
- Monitoring key paths between HMI/SCADA, engineering workstations, and PLCs
- Visibility of vendor VPN access (who/when/what systems touched)
- Detection of lateral movement signs on Windows hosts (where logging is available)
A few quick scoping questions so we can route you to the right OT specialist:
- Approx. how many sites and OT subnets?
- Do you have an OT DMZ or is it fairly flat?
- Any strict change windows / 24x7 operations?
If you’d rather, we can cover these on a short call.
Two sites. I think 3 OT VLANs total. There is an OT DMZ but it’s not perfect. Plant runs 24/7 so we’re cautious about anything active.
Got it—two sites, some segmentation, and 24/7 ops. In that case we’d keep the initial deployment purely passive (SPAN/TAP or existing sensor points) and work with your change process for any tuning.
Last couple of details to prep a productive scoping call:
- Who would receive alerts: OT, IT, or a joint team?
- Do you already have a SIEM (e.g. Microsoft Sentinel/Splunk) or would you prefer a standalone dashboard?
- Any compliance drivers (NIS2, ISO 27001, customer audits)?
If you’d like, I can book a 30‑min technical scoping call with our OT specialist. What’s your preferred weekday, and are you UK time?
Joint OT/IT team. We use Sentinel. No specific compliance driver, mainly risk reduction and better visibility. Yes UK time. Can do this week if possible.
Perfect—Sentinel + joint triage works well.
I can offer these technical scoping call slots this week (UK time):
- Tue 11:00–11:30
- Wed 14:00–14:30
- Thu 09:30–10:00
- Fri 15:00–15:30
Which one should I book, and what email should we send the calendar invite to?
Wed 14:00 works. Email is alex.morgan@northbridge.co.uk
Great—I’ve pencilled in Wed 14:00–14:30 (UK) for an OT monitoring scoping call with our specialist.
I’ll send the calendar invite to alex.morgan@northbridge.co.uk. Before I finalise, can you confirm:
- Your company name (is it Northbridge?)
- Best contact number for the call (optional)
If you have a high-level network diagram or a rough asset count (SCADA servers/HMIs/engineering workstations/PLCs), you can share it on the call—no need to send anything sensitive here.
4. A new prospect asks about a phishing simulation. Cyber Scout’s WhatsApp bot explains the process, gathers scope details, and books a strategy call.
Hi—do you run phishing campaigns for internal staff? We want to test our team and then do some training.
Hi! Yes—Cyber Scout runs controlled phishing simulations for UK teams, plus follow-up awareness training.
Typical flow:
- Quick strategy call to confirm goals and approach
- We build email templates + landing pages (safe, tracked)
- Run the campaign (often 2–4 weeks)
- Report: click rates, credential entry (if used), repeat offenders, department trends
- Targeted training + optional re-test
To point you in the right direction, roughly how many staff would be in scope, and what are you hoping to improve (e.g. reporting behaviour, reducing clicks, Exec targeting)?
About 120 people across the business. Goal is mainly to reduce click rates and get people to report suspicious emails in Outlook. Ideally we want something realistic but not too “gotcha”.
That’s a sensible approach—realistic, fair, and focused on behaviour change tends to land best.
A few quick scoping bits (answer what you can):
- Audience: all 120 at once, or phased by department?
- Difficulty: gentle baseline first, then harder follow-ups?
- Reporting: do you use Microsoft “Report Message” / “Report Phishing”, or another button/tool?
- Risk areas: finance invoice fraud, HR docs, IT password resets, delivery notifications?
- Training style: short video/module, live session, or bite-sized tips after a click?
If you’d rather, we can cover this on a 20-min strategy call and I’ll book it in here.
All 120 at once is fine. Start with a baseline then do a follow-up. We use Microsoft 365 and I think it’s the Report Message button. Biggest risk is finance invoice emails. Training: short module is best.
Perfect—thanks. Based on that, we’d likely propose:
- Baseline campaign (invoice-themed, realistic wording, non-shaming)
- Immediate feedback page + quick guidance on reporting
- Short module for those who interact
- Follow-up campaign to measure improvement
Two last checks so we scope correctly:
- Do you want us to capture credential entry (simulated), or track clicks only?
- Any excluded groups (e.g. executives, customer-facing mailboxes, new starters)?
If you’re happy, I can book an initial call with a specialist. What timezone are you in (UK?) and what days are best?
UK timezone. Let’s do clicks only. No exclusions. Best days are Tue or Thu this week if possible.
Got it: 120 users, company-wide, baseline + follow-up, finance-invoice theme, Microsoft 365 reporting, click tracking only, short module training, no exclusions.
I can see these 20-min strategy call slots (UK time):
- Tue 11:00
- Tue 15:30
- Thu 10:00
- Thu 14:00
Which one should I book, and what email should the calendar invite go to?
Thu 10:00 works. Send the invite to alex.taylor@northbridge.co.uk
Booked: Thu 10:00 (UK) strategy call with a Cyber Scout specialist. Invite sent to alex.taylor@northbridge.co.uk.
To make the call productive, if you can reply with any of the below (optional):
- Company name + industry
- Confirm whether users are mostly Exchange Online mailboxes
- Any recent phishing incidents (invoice fraud attempts etc.)
If anything changes, just message me here and I’ll move the booking.
5. A company contacts Cyber Scout about new compliance regulations; the chatbot explains services, requests policy documents, and books a review call.
Hi Cyber Scout—new UK regs have come in for our sector and we need to confirm our policies are compliant. Can you help us review what we have?
Hi—yes, we can help. We can run a compliance-focused policy review to check your current security policies against the new requirements, flag gaps, and suggest a practical remediation plan.
To point you to the right consultant, can I grab:
- Your industry/sector
- Which regulation(s) you’re aligning to (or a link/name)
- Rough company size (staff + number of UK sites)
- Any deadline (audit, customer request, board date)
We’re a UK fintech (~180 staff, 2 offices). It’s mainly around new FCA expectations and some customer security questionnaires. We have an internal audit in 6 weeks.
Got it—6 weeks is doable. For FCA-aligned expectations and customer assurance, we typically review governance + operational controls (policies, evidence, and how they’re implemented), then map findings to a clear actions list.
If you’re happy, you can send whatever you already have and we’ll sanity-check completeness before the call. Common starters:
- InfoSec Policy / ISMS overview
- Access Control + MFA policy
- Incident Response plan
- Risk management policy + latest risk register
- Supplier/Vendor security policy
- BCP/DR policy + test notes (if any)
You can attach docs here, or share a secure link.
We can share a secure OneDrive link. We have most of those, but our supplier policy is old. Do you also help with Cyber Essentials, or is that separate?
OneDrive link works—please include access for read-only if possible.
Yes, we do Cyber Essentials support as well. It’s separate from the FCA-focused policy review, but there’s overlap (access control, secure configuration, patching, malware protection). If Cyber Essentials is on your roadmap, we can note any quick wins during the review so you’re not duplicating effort later.
Before you share the link: are any documents marked highly confidential (e.g., incident postmortems, network diagrams)? If so, tell me and we’ll suggest the safest way to transfer.
Mostly policies and the risk register. No network diagrams. Here’s the OneDrive link: https://example.com/onedrive/cyberscout
Can we book a call this week?
Thanks—link received. I’ll queue this for an initial completeness check so the consultant can focus on the real gaps, not admin.
Yes, we can book a compliance review call this week (30–45 mins). What time zone should I use—UK time?
If UK time, pick a slot:
- Wed 11:00
- Thu 14:30
- Fri 09:30
Also, who should attend (role/title is fine): compliance, IT/security, operations?
UK time is fine. Thu 14:30 works. Attendees: Head of Compliance, IT Manager, and me (Ops Director).
Booked: Thu 14:30 (UK) for 45 mins with a Cyber Scout compliance consultant.
To send the invite, can you share:
- Your email address
- Names/emails for Head of Compliance + IT Manager
- Company name (as it should appear on the invite)
Quick prep (optional but helpful): reply with the top 3 worries—e.g., supplier risk, incident readiness, access control evidence—so we can tailor the agenda.
6. A prospect asks Cyber Scout about ongoing vulnerability assessments; the chatbot explains value, gathers infrastructure details, and books a consultation date.
Hi Cyber Scout — we’re looking to set up regular vulnerability assessments rather than a one-off. Can you tell me how it works and what you’d need from us?
Hi! You’re through to Cyber Scout on WhatsApp. Regular vulnerability assessments are a great way to keep pace with new CVEs, configuration drift, and changes in your environment.
Typically you get:
• Scheduled scanning (e.g., monthly/quarterly) across agreed assets
• Clear risk prioritisation + remediation guidance
• Trend reporting (are you improving?)
• Optional retests to confirm fixes
To recommend the right cadence and scope, can I ask a few quick questions about your setup?
- Rough number of endpoints/servers and how many sites?
- Any cloud (Azure/AWS/GCP) or mostly on-prem?
- Do you have external-facing systems (VPN, O365, web apps)?
Sure. About 180 endpoints, ~25 servers. One main office in Cheltenham plus a small satellite office. We’re on Microsoft 365 and Azure (some VMs), with a Fortinet firewall/VPN. Public website hosted externally. No OT/SCADA.
That’s helpful, thanks. With your mix of endpoints, servers, Azure and an internet edge, ongoing assessments tend to catch:
- Newly disclosed vulnerabilities affecting installed software/OS
- Exposure changes (e.g., ports/services, VPN config, cloud security groups)
- Missing patches and risky configurations that creep in over time
A couple more scoping points so we tailor it properly:
- Do you want coverage for internal scanning, external scanning, or both?
- Any compliance driver (Cyber Essentials, ISO 27001, customer requirement)?
- How do you prefer remediation to run: tickets into Jira/ServiceNow, or report + review call?
Both internal and external ideally. We’re working towards ISO 27001 this year and want something repeatable. We use Jira for IT tickets, and a short review call after each round would be useful.
Perfect — ISO 27001 plus a repeatable process is a common fit for an ongoing programme.
Last few details to size it accurately:
- For internal scanning, is there a site-to-site link between offices or should we treat them separately?
- Do you have separate networks/VLANs (e.g., staff, servers, guest, VoIP)? Approx how many?
- For external, besides the Fortinet VPN and website, any other public services (RDP, Citrix, mail gateways, APIs)?
After this I can propose a short consultation to agree cadence (monthly vs quarterly) and define the asset list.
There’s a site-to-site VPN so it’s basically one network. We have 4 VLANs (users, servers, guest, voice). Externally it’s mostly the VPN and a couple of Azure-hosted services behind a reverse proxy—no RDP open.
Great — that’s clear enough to move to a quick consult and turn this into an ongoing plan.
Proposed next step: a 30-min consultation with a consultant to confirm scope (asset list + auth options), agree cadence, and how we’ll feed findings into Jira + do the review call.
I can see these slots available (UK time):
- Tue 11:00
- Wed 14:30
- Thu 09:30
Which works best, and what email should we send the calendar invite to?
Wednesday 14:30 works. Email is it.ops@northbridge.co.uk.
Booked: Wednesday 14:30 (UK time) for a 30-min vulnerability assessment consultation. Invite will go to it.ops@northbridge.co.uk.
To make the call efficient, if you can reply with any of the below (even rough) that’d be ideal:
- Preferred scanning approach: credentialed (best coverage) vs non-credentialed
- List/count of key server types (AD, file, SQL, web)
- Who should receive the monthly/quarterly report
If you’d rather keep it light, no problem — we can gather it on the call.