Identec is a specialist engineering consultancy based in North East England, providing bespoke control and automation solutions to clients across the manufacturing and industrial sectors. As the company continues to grow and adopt increasingly connected technologies, its leadership team recognised the importance of understanding and improving their cyber resilience. To assess their position and identify practical steps for improvement, Identec approached Armstrong Watson for a cyber health check.
Armstrong Watson’s cyber security team carried out a thorough cyber health check using the National Cyber Security Centre’s (NCSC) Small Business Guide framework. This involved a detailed review of the business’s governance, access controls, technical safeguards, user awareness, and third-party dependencies.
Identec’s existing approach showed a number of well-established practices, but the health check also revealed important areas requiring attention, especially in relation to admin-level user access and the continued use of unsupported software that could pose security risks.
Cyber Security Manager Rebecca Wilson met with the Identec team to explain the findings and talk through a tailored set of practical, prioritised recommendations.
Following the health check, Identec has begun implementing several key changes, including revised user access controls, updating operating systems, improved update procedures, and the introduction of regular staff security awareness activities. These improvements are helping to reinforce the company’s security posture and safeguard its client and project data.
“The health check process was incredibly helpful and surprisingly eye-opening,” said Gary Vasey, Managing Director of Identec.
“Some of the questions asked highlighted risks we’d never even considered but, once pointed out, seemed really obvious—like users having admin rights on their devices. It’s easy to miss things like that when you're focused on day-to-day operations. Rebecca and the team made the whole process accessible and straightforward. It was worth every penny for the reassurance and clarity it’s given us—we now have a much better understanding of our cyber risks and how to manage them.”