Skip to Main Content
Contact
Contact

Ayrshire College

Phoenix works with Ayrshire College to review and enhance its cyber security incident response planning. 

See how we can help your institution
Ayrshire college logo

 

Ayrshire College is a major further education institution in Scotland, serving over twelve thousand students across its three campuses in Ayr, Kilmarnock, and Kilwinning. The college has embarked on a digital transformation journey with Phoenix to modernise its infrastructure and explore the potential benefits of AI, most recently culminated in a substantial piece of work to strengthen its cyber security posture and resilience planning. 

Phoenix are the extended arm of my department. They’re the advisor, sounding board and solution provider all in one”

Brad Johnstone, Director of IT Infrastructure, Ayrshire College

Key facts

Employees: Over 800 staff

Students: over 12,000 annually

Locations: 3 campuses

Devices: Over 4,500 endpoints (Windows and Mac laptops/ desktops/ thin clients)

The sheer volume of conversations with Phoenix that start at A and move onto other things is second to none. It’s never a sales pitch. They’re a trusted advisor.”

Brad Johnstone, Director of IT Infrastructure, Ayrshire College

Challenges

Ayrshire College’s journey with Phoenix began with licensing support, however it has gradually evolved into a strategic partnership that has transformed the college’s digital infrastructure and cyber security posture. 

When it came to its cyber security posture and governance, the college faced several pressing challenges: 

AI governance and implementation

The college was interested in adopting AI tools like Microsoft Copilot but lacked clarity on governance, usage, and implementation. It needed guidance on how to effectively integrate AI into the college’s operations without it introducing new security risks

Rising cyber security threat

With the increasing prevalence of cyber threats facing all businesses and institutions, Ayrshire College recognised the need to develop a robust approach to cybersecurity to ensure the safety and integrity of its data and systems 

Requirement to coordinate responses

While Ayrshire College has a very skilled and capable team ready to respond to incidents as they arise, it recognised the importance of implementing a formal, structured plan to guide the response to a cyber attack 

As the college had embraced more cloud-based services and AI tools like Microsoft Copilot, the need for robust governance and security became increasingly clear. However, what began as a conversation about AI policy quickly evolved into a much larger initiative: the development of a comprehensive Cyber Security Incident Response Plan (CSIRP) for Ayrshire College. 

Phoenix led a 7-day engagement to review and enhance the college’s existing incident response framework. This included: 

  • Hosting a two-day interactive tabletop exercise with key stakeholders around a simulated cyber security scenario, with all learnings compiled into a comprehensive debrief and report  
  • Defining clear roles and responsibilities within the incident response team 
  • Establishing reporting and escalation procedures 
  • Developing scenario-based playbooks
  • Training key personnel on how to put the plan into practice

The result was a validated, actionable CSIRP that not only meets compliance expectations but also gives the college confidence that everyone knows what to do if a cyber incident occurs. 

The development and testing of the Cyber Security Incident Response Plan (CSIRP) has significantly improved the college’s security posture. The development process for the CSIRP also led to numerous complementary benefits for Ayrshire College: 

  • Gap identification: the process helped uncover areas of the college’s security approach that needed strengthening 
  • Staff upskilling: the additional training delivered as part of the process boosted the confidence of the college’s IT team and improved their ability to respond to cyber incidents 
  • Strategic alignment: the CSIRP is now seen as a critical component of the college’s broader security and governance strategy 
  • Enhanced maturity: the college moved from having no formal plan to having a comprehensive, tested, and validated CSIRP in a matter of months 
  • Cultural shift among college staff: the initiative helped foster a culture of openness, collaboration, and continuous improvement in cybersecurity between the IT team and the college at large, so that security is no longer seen as “just an IT problem” 
  • Trusted advisor: Phoenix has established itself as a trusted advisor to Ayrshire College, conducting regular check-ins, strategic reviews, and workshops. The CSIRP project has since expanded into broader business continuity and disaster recovery planning, with Phoenix continuing to support the college every step of the way 

The Cyber Security Incident Response Plan has put us in a much better place. The momentum we’ve got is unbelievable. We went from zero to a hundred in just two or three months.”

Brad Johnstone, Director of IT Infrastructure, Ayrshire College

Our specialists are here to help solve your challenges

Are you confident you know what to do in the event of a cyber attack? Work with Phoenix to test and develop a comprehensive Cyber Security Incident Response Plan (CSIRP) so that everyone knows what to do when a cyber incident occurs. 

Alternatively, email us at [email protected] or call 01904 562200 and one of our specialists will be in touch to discuss your requirements.