Download PDF
logo

Service

Cyber Security Strategy

Oct 2025

Burness Paull LLP – Incident and continuity planning

The full-service Scottish law firm is proud of its ISO27001 accreditation, and brought in Waterstons to help review and refresh both their incident response and business continuity response plans, ensuring they are reflective of the current threat landscape. 

David Dove

Executive Information Security Consultant

Results at a glance 

  • Updated response plans and created supporting tools to match the current threat landscape  

  • Increased awareness of response documentation across the firm, ultimately improving response capability in the event of an incident  

  • Created a ‘risk free’ environment within which both operational incident response and wider business continuity response team members could test and validate of their response capability, identifying opportunities where they could further improve. 

What we did 

In light of the recent cyber-attacks hitting big name brands, many organisations are looking at their response capabilities and incident plans – some of which haven’t been updated in some time.  

With the ISO 27001 framework requiring that response plans are reviewed and updated at least annually and reflective of the current threat landscape, Waterstons was engaged to support in a complete review and update of their response capability, introducing best practice improvements, and provide a completely independent assessment of the capability through multiple interactive exercises.  

We did so through: 

  • Reviewing the current incident response plan and providing recommendations to further improve its usability 

  • Performing a business impact analysis to document critical business functions, as well as supporting assets 

  • Updating firm-wide business continuity plans and operational departmental runbooks to establish a uniformed and streamlined approach 

  • Creating and facilitating three customised rehearsal exercises to test and validate response to a major cyber-attack, involving business continuity and senior management  

  • Sharing a findings and recommendations report to support the firm’s ISO 27001 certification audit, as well as establish a list of future considerations to further improve their response capability. 

What the client said 

“Waterstons provided invaluable support in developing and improving our existing Business Continuity and Incident Response plans. This involved an in-depth review of and tailored feedback on our existing plans, which were then tested via simulation exercises. These exercises were expertly delivered, and it was evident that David and his team had developed a good understanding of the structure of our firm and the roles and responsibilities of the relevant individuals. The exercises were focussed and realistic, and very well received by all involved.  

“The accompanying reports were clear and concise, giving us appropriate action points for continuous improvement. Overall, we are very happy with the service provided and will likely continue the relationship, for independent scenario testing, going forward.”