Broadgate, part of Ortecha, supported a global energy trading business to assess its cyber security posture, identify where risk was building and take targeted action. The engagement strengthened enterprise-wide security controls, improved regulatory readiness and delivered over £5m in commercial savings through structured vendor negotiation and focused implementation.
Scope:
Impact:
Our client operated a complex, global technology estate spanning multiple operating companies and jurisdictions.
Security controls had grown unevenly over time. Different tools. Different standards. Different levels of control.
At the same time, regulatory and data privacy pressure continued to increase.
Leadership knew they were carrying risk. But they didn’t have a clear, shared view of where exposure was building or which controls really mattered.
This wasn’t just a tooling problem. It was a clarity problem.
The client needed an independent partner who could assess their current posture, expose where risk was accumulating and help them focus action where it would make the biggest difference.
We brought a structured, evidence-based approach. No noise. No blanket recommendations. Just clear insight into what mattered most.
We focused on turning uncertainty into informed action.
1. Expose hidden risk
We assessed the client’s cyber security posture across key domains, including email, endpoints, cloud access and mobile devices.
This exposed gaps and inconsistencies where risk had been building quietly across the organisation.
2. Prioritise what actually mattered
Instead of recommending broad upgrades, we helped the client focus on the areas of highest exposure.
This meant strengthening controls where risk was greatest, without creating unnecessary disruption across the business.
3. Strengthen controls and improve commercial outcomes
We supported the selection, negotiation and rollout of targeted cyber security capabilities across central and regional teams.
Alongside the security uplift, we led vendor negotiations to secure stronger commercial terms.
The difference was clear.
Risk that had been hidden became visible. Gaps were understood. Action became focused.
Security controls are now more consistent across the organisation, with improvements targeted where they matter most.
At the same time, we delivered over £5m in savings through renegotiated commercial terms.
This wasn’t about doing more. It was about doing the right things.
In complex organisations, cyber risk rarely comes from a single failure. It builds quietly over time through inconsistency, fragmentation and lack of visibility.
Fixing that starts with clarity.
By assessing the real state of the environment and focusing action where exposure is highest, organisations can strengthen security without unnecessary cost or disruption.
That’s what this engagement delivered. Stronger controls. Better decisions. And a more controlled, resilient cyber environment.
A large global energy trading organisation operating across multiple regions and legal entities. Highly complex. Highly distributed. And operating in an environment where cyber risk, data privacy and regulatory scrutiny are constant.
Partner, Technology Transformation
Partner, Technology Transformation
