Bath & North East Somerset Council Case Study

5 mins

Bath & North East Somerset Council faced an outdated Cyber Incident Response Plan due to limited resources. They collaborated with Understanding Solutions and their experienced Cyber Security Consultant to develop a new plan in three weeks, covering potential incidents and staff training. This on-budget solution equips the council to confidently tackle cyber challenges.

Client Overview

Bath and North East Somerset Council serves as the governing body for the city of Bath and its adjacent areas within Somerset, England. The council plays a vital role in offering a diverse array of public services and amenities to the residents of Bath. These encompass housing, urban planning, waste management, transportation, social services, education, as well as cultural and recreational activities.

The Challenge

Faced with dwindling internal resources and expertise within the Information Governance/Cyber Team, Bath and North East Somerset Council confronted an outdated Cyber Incident Response Plan.

The passage of time since the plan's last revision, coupled with the council's engagement with new suppliers for information systems and services, had rendered the existing plan insufficient. Rapid changes in the technological landscape had left the internal IT department ill-equipped to create an effective cyber incident response plan that aligned with industry best practices.

The Solution

Drawing inspiration from the cyber security incident plan employed by the Scottish government, Bath & North East Somerset Council partnered with Understanding Solutions. Leveraging the expertise of the very Cyber Security Consultant who had previously crafted a similar plan for the Scottish Government, Understanding Solutions collaborated closely with relevant stakeholders. The team meticulously collected requirements, evaluated existing policies, and ultimately presented a comprehensive plan to the Bath Council. The result of this collaboration was a robust cyber security response plan developed within a span of three weeks. The project was concluded with a table-top exercise designed to simulate various cyber incidents.


Bath & North East Somerset Council now possesses an updated and comprehensive cyber response plan that effectively addresses a spectrum of potential incidents. The plan not only caters to potential scenarios but also ensures the Council’s staff members are adeptly trained to respond to cyber incidents. Understanding Solutions successfully delivered this solution within the stipulated timeframe and budget, thereby equipping the council to navigate potential cyber challenges confidently.

Key Outcomes

• Deployed one associate in the form of a Cyber Security Consultant

• Developed a new Cyber security response plan within a span of three weeks

• Delivered this solution on time and to budget