Challenge
Blackpool Skills Academy had never previously undergone a penetration test and required a comprehensive internal infrastructure assessment to identify potential vulnerabilities within their network. As an active educational establishment, the client faced constraints in providing physical access to their premises, adding complexity to the testing process. Additionally, the organisation needed expert support during the initial scoping and network discovery phase to help define the test parameters and uncover hidden risks.
Routine testing is critical to managing cyber threats. According to the UK Government’s Cyber Security Breaches Survey 2023, over 50% of medium and large businesses had experienced a breach in the last year.
Solution
Methods was engaged to deliver a thorough internal infrastructure penetration test, using a mix of industry-standard tools and tailored attack scenarios. The engagement included:
Collaborative scoping: an initial discovery call ensured the test was aligned with the client’s needs and constraints
On-site internal penetration testing: conducted within the network to identify exploitable vulnerabilities
Simulated 'Car Park Attack': executed from outside the physical perimeter, targeting the Wi-Fi infrastructure
Regular client updates: clear, ongoing communication kept stakeholders informed of progress and preliminary findings
Comprehensive reporting: delivered a detailed report featuring an executive summary, technical insights, and actionable remediation advice.
Despite access limitations, our consultants were able to effectively map the network, assess internal risks, and provide strategic recommendations.
Impact
Following our assessment, Blackpool Skills Academy’s managed IT service provider swiftly implemented our recommendations, resulting in significant improvements to the organisation’s cyber security posture. Key outcomes included:
Identified and remediated vulnerabilities within the IT infrastructure
Recognised and addressed technical debt, enabling long-term stability
Improved overall cyber resilience, supporting a proactive security strategy.
The client was highly satisfied with the clarity and depth of our findings and appreciated the real-world impact of our advice on their operational security. The engagement not only mitigated risk but also demonstrated the organisation's commitment to safeguarding its digital environment.