Incident analysis applying governance, risk, and compliance frameworks to real-world cyber security events.
Case studies are point-in-time analyses, applying the frameworks and regulations in effect at the time of each incident. They are not updated as standards change.
- NHS WannaCry Ransomware (2017) - CS-001 - mapped to ISO 27001
- AGCO Ransomware (2022) - CS-002 - mapped to NIST CSF
Fenn Agritech - a fictional UK B2B agritech SaaS company built as a hands-on GRC portfolio project. Includes policies, incident response, vendor assessments, and operational docs.