G3’s Defensive Cyber team identifies and defines cyber risks presenting severe potential financial, regulatory, reputational or safety-related business impacts, and quantifies the possible costs incurred due to inaction. We produce costed actionable plans for resolution with defined owners, proposed technologies, and progress models to track remediation.


We build a bespoke approach to battle-test your cyber security with our team of government-trained specialists, from penetration testing and dark net monitoring through to our proprietary G3 Advanced Threat Attack Simulations. We advise how to better defend the critical tasks on your networks.

Cyber Due Diligence

We help our clients identify key cyber risks; assess technical cyber defences; evaluate cyber maturity; and quantify remediation costs of their target companies. We work both outside-in and with access to management and information systems.

Maturity Assessments

We conduct best-in-class cyber security reviews for our clients. We design tailored cyber security frameworks based on industry standards and regulations; determine Board-level risk tolerance; define current and target maturity; and develop costed, time-bound implementation strategies.

Advanced Threat
Attack Simulations

Our offensive offering goes beyond a standard penetration to mimic the tactics, techniques and procedures used by nation-state capable threat actors. We identify the gaps in your defences; define how the threat actors will exploit those gaps; identify what digital assets will be stolen and destroyed; determine business impact; and quantify the risk.

Cyber Advisory – Case Studies


North America

USA: Maritime. Full cyber risk assessment of a global SIGINT and space-based maritime domain awareness (MDA) solution provider.

Canada: Telecoms. Pre-deal cyber due diligence for a fibre-optic network and data centre provider.

USA: Professional services. Complete Cyber Risk Review of a US-headquartered law firm.

Latin America

Brazil: Mining. Pre-deal cyber due diligence including technical architecture, governance and risk management reviews.

LATAM portfolio: Private Equity. End-to-end cyber reviews of multi-geography assets for global private equity fund.

Mexico: Energy. Full cyber risk review, maturity assessment, OT architecture review and advanced penetration test.


European portfolio: CNI. End-to-end cyber reviews of multi-geography CNI assets for global infrastructure fund.

UK: CNI. Pre-deal cyber due diligence on a UK CNI provider for a global infrastructure fund.

The Netherlands: Energy. A rapid cyber review of the IT and OT networks at multiple client terminals of a bulk liquid logistics company following a supplier compromise.


South Africa: Telecoms. Cyber security crisis response coordination and advice to telecommunications provider.

Kenya: Energy. Full OT and IT cyber risk review of an international green energy provider.

Nigeria: Energy. Site assessment for a major exporter of crude oil and petroleum.


China: Financial services. Full cyber security review and policy development for large global bank.

Indonesia: CNI. Bespoke cyber maturity framework and risk assessment for a CNI asset for an infrastructure fund.

Japan: Professional services. Insider risk strategy development for an international law firm.


UAE: Aviation. End-to-end cyber risk review, maturity assessment and comprehensive programme of Advanced Threat Attack Simulations for an international airport.

MENA portfolio: CNI. Complete maturity and supplier security framework review across diversified investment portfolio.

UAE: Financial services. End-to-end cyber maturity review of a Middle Eastern Stock Exchange.


Czech Republic: Manufacturing. IP Protection Strategy for a leading manufacturing business.

Poland: Business services. Cloud architecture review and AWS penetration test.

Hungary: Energy. Muti site cyber risk assessment for international energy supplier for end-users.

Cyber Advisory – Case Studies

map-main north-america latin-america europe africa apac japan mena cee-and-cei south-asia australia central-america

Our Clients

  • Chief Risk Officers
  • Chief Security Officers
  • M&A Teams
  • Private Equity Deal Teams
  • Asset Managers
  • Law Firms
  • Corporates

In the last 12 months, G3 has worked on or for: