Case Study
Cyber Security & Operational Decision-Making

ContextAn overseas defence and security organisation required practical training to improve understanding of cyber risk, operational impact, and decision-making under pressure. The audience included personnel who were not cyber specialists but were responsible for planning, coordination, and leadership.

RequirementThe requirement was not technical training.
The requirement was to help people understand:

  • Who the real threat actors are

  • How attacks actually occur

  • What failure looks like in operational terms

  • How cyber incidents affect command, logistics, morale, and national stability

  • What practical protections matter in the real world

The emphasis was on judgement, not jargon.

ApproachTraining was delivered using a structured model:Threat - Effect - ProtectThis moved participants from understanding adversaries and vulnerabilities, through operational consequences, to practical defensive measures.Scenario discussion and case studies were used to connect cyber incidents to real operational outcomes such as degraded command and control, logistics disruption, and loss of public confidence.Interactive exercises were used to demonstrate identity compromise, defender fatigue, layered defence, and zero-trust concepts in a way that made the decision pressures visible rather than theoretical.

DeliveryThe programme combined:

  • Structured presentations

  • Scenario-led discussion

  • Case studies of real incidents

  • Interactive decision exercises

  • Facilitated debrief and reflection

The design deliberately avoided technical depth in favour of operational relevance and behavioural learning.

OutcomesParticipants left with:

  • A clear mental model of how cyber incidents unfold

  • Improved understanding of how cyber affects operations, governance, and national resilience

  • Greater awareness of identity, access, and human factors in security

  • Practical insight into layered defence and decision-making under pressure

  • A shared vocabulary for discussing cyber risk in operational terms

The most consistent feedback was that the training made cyber security understandable, relevant, and directly connected to real-world decisions.This approach forms part of the DWC “Sense” pillar and is typically delivered as short, focused sessions or multi-module packages depending on organisational need.

Format DeliveredMulti-module structured package
Interactive practical exercises
Facilitated discussion and debrief
Supporting slides and instructor notes

Developed and delivered in partnership with Join Momentum

-.. .-- -.-.
Registered in Northern Ireland · Company No. NI736868
Registered Office: Office 1612, 92 Castle Street, Belfast, Northern Ireland, BT1 1HE