I spent the first eight years of my working life in a line technology role with a third-party supply chain and logistics service provider, joining in 1990 on completing an IT degree. When I left, I wa...

Dave Machin, Partner

Dave Machin

View Dave now

The people

It's the people that make Berkeley different to other consultancies. Bright, friendly, down-to-earth people who are both thinkers and doers. Working by your side, as consultants and colleagues, to get the right results.


About Berkeley

We’re about being there for our clients when it really matters. When it absolutely has to be right. Doing the right thing is both our ethos and sweet spot. And it’s why clients turn to us again and again.

 Management Consultancy Jobs


Whatever your long term career goals, we’re here to support you. Through an open dialogue, we help our people to build the capabilities, experiences and networks they need to boost their careers.

Cyber Security and Operational Resilience

Building the right capability and culture


Increasing cyber threats 

Operational resilience is the capability of organisations to continue to deliver critical services in the face of evolving threats to technology assets. The range and sophistication of cyber threats, from nation states, hacktivists and organised criminals, is having a profound effect on how organisations achieve operational resilience. 

Developing operational resilience 

Cyber security fears have bred a proliferation of frameworks and point solutions. Too often, however, these are used as silver bullets. Technology alone cannot be relied upon to deliver true operational resilience to cyber threats.

Cyber Security and Operational Resilience

When providing cyber security consulting to clients, from formulating resilience strategies through to delivering tangible change to their cyber security capabilities, our advice is:

  1. Know your business – what’s important versus what’s critical? What are the inherent organisational cyber security strengths and weaknesses?
  2. Don’t let great be the enemy of good – it’s easy to be seduced into attempting a leap to the gold standard. Before attempting wholesale organisational change, first ask “How good are we at the basics of cyber security?” It’s not glamourous but it’s essential. 

  3. Judgement over theory – with cyber security, it’s impossible to analyse your way to success. True operational resilience is achieved by being pragmatic - iterating through focused thinking and delivering meaningful change in manageable steps.

  4. People are as important as machines – too often cyber security is characterised as a technology arms race, but developing operational resilience relies as much on cultural and behavioural change within your business.

  5. Get into the heads of the decision makers – governance, organisation and ownership are everything. Effective operational resilience decision making should come from the top down, not from the side nor as an after thought.

Our recent cyber security and operational resilience assignments range from upfront strategy and risk management assessment, through to existing change portfolio assessments and delivery.

If you’d like to hear more about how we’re supporting our clients or if you would like to share perspectives, we’d be delighted to hear from you - contact us today.

Download PDF

See how we can help your business
Contact Us

We have placed cookies on your computer to help make this website better. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.
Close cookie warning