G3’s Defensive Cyber team identifies and defines cyber risks presenting severe potential financial, regulatory, reputational or safety-related business impacts, and quantifies the possible costs incurred due to inaction. We produce costed actionable plans for resolution with defined owners, proposed technologies, and progress models to track remediation.


We build a bespoke approach to battle-test your cyber security with our team of government-trained specialists, from penetration testing and dark net monitoring through to our proprietary G3 Advanced Threat Attack Simulations. We advise how to better defend the critical tasks on your networks.

Cyber Due Diligence

We help our clients identify key cyber risks; assess technical cyber defences; evaluate cyber maturity; and quantify remediation costs of their target companies. We work both outside-in and with access to management and information systems.

Maturity Assessments

We conduct best-in-class cyber security reviews for our clients. We design tailored cyber security frameworks based on industry standards and regulations; determine Board-level risk tolerance; define current and target maturity; and develop costed, time-bound implementation strategies.

Advanced Threat
Attack Simulations

Our offensive offering goes beyond a standard penetration to mimic the tactics, techniques and procedures used by nation-state capable threat actors. We identify the gaps in your defences; define how the threat actors will exploit those gaps; identify what digital assets will be stolen and destroyed; determine business impact; and quantify the risk.

Cyber Advisory – Case Studies


North America

IP protection strategy for a North American pharmaceutical business

Cyber risk review for a leading US-headquartered law firm

Cyber due diligence and penetration testing on a major US data center and fiber network operator

Latin America

Cyber due diligence on a major gas and electricity distribution operator

Combined standard penetration testing exercise with covert, targeted Advanced Attack Simulation for a bank

Cyber incident response and remediation for a private equity-owned industrials company


Supplier security risk assessment and policy development for a leading European port operator

Rapid cyber incident response and analysis for a leading European liquid storage provider

Cyber due-diligence reviews of key suppliers for a major UK critical national infrastructure programme


Site cyber security assessment for a leading waste-to-energy provider

Operational technology review for a pan-African financial services company

Cyber security review of a leading North African wind farm and solar plant operator


Ransomware incident exercise for a VC-backed AI technology company

Insider risk advice and strategy development for a Japan-based law firm

Cyber risk review of a group of portfolio companies for an Australian-headquartered investment fund


Advanced Attack Simulation for an Airport to mimic specific cyber threats

Cyber maturity review of a Middle Eastern Stock Exchange

Interim CISO for a key systemic asset in the Middle East to support in negating specific threats to the asset


Cyber maturity assessment of a leading heating and renewable energy provider

End-to-end cyber review for a critical national infrastructure provider

Operational technology review for a renewable energy provider in Eastern Europe

Cyber Advisory – Case Studies

map-main north-america latin-america europe africa apac japan mena cee-and-cei south-asia australia central-america

Our Clients

  • Chief Risk Officers
  • Chief Security Officers
  • M&A Teams
  • Private Equity Deal Teams
  • Asset Managers
  • Law Firms
  • Corporates

In the last 12 months, G3 has worked on or for: