Back to Case Studies
SOCManaged SecurityLeadershipStrategy

Building a Cyber Security Division from Zero

How I built a managed security services division from the ground up within an established MSP, growing it from concept to industry-recognised SOC provider in under three years.

2 min read

The Challenge

An established managed services provider (MSP) with a strong reputation in IT infrastructure recognised that their clients increasingly needed cyber security services. However, the organisation had no dedicated security team, no security service offerings, and no SOC capability.

The leadership team needed someone to build a cyber security division from scratch: defining the strategy, hiring the team, selecting the technology, and bringing security services to market.

The Approach

Phase 1: Strategy & Foundation

  • Conducted a market analysis to identify client security needs and competitive gaps
  • Developed a comprehensive business case with revenue projections and investment requirements
  • Defined the security services portfolio aligned with client demand and market trends
  • Established partnerships with key security vendors and technology providers

Phase 2: Team & Operations

  • Recruited and built a specialised cyber security team
  • Designed and implemented SOC operations with 24/7 monitoring capability
  • Developed standard operating procedures, playbooks, and escalation frameworks
  • Created client onboarding processes and service delivery models

Phase 3: Growth & Maturity

  • Launched managed security services to existing and new clients
  • Developed threat intelligence and proactive hunting capabilities
  • Implemented continuous improvement processes based on client feedback and threat landscape evolution
  • Built internal security consulting capability alongside managed services

The Outcome

  • Security division established and operational within the first 12 months
  • Revenue-generating from month one of service launch
  • Industry recognition, shortlisted as a finalist for SOC Provider of the Year at a national cyber security awards programme
  • Client security posture measurably improved across the portfolio, with quantifiable risk reduction
  • Team grown from zero to a fully operational joint operations security team

Key Takeaways

  1. Business alignment is critical. Security services must be designed around what clients actually need, not what's technically interesting
  2. Start with quick wins. Deliver immediate value while building long-term capability
  3. Invest in people first. Technology is important, but the right team makes the difference
  4. Measure and communicate ROI. Security must demonstrate business value to sustain investment

More Case Studies

ComplianceGovernmentMFAEssential Eight

Security Uplift to Win Government Contracts

An Australian enterprise needed to rapidly improve its security posture to meet government contract requirements. A targeted security uplift programme delivered compliance and opened new market opportunities.

AutomationInfrastructureSecurity by DesignEfficiency

Automated Secure Site Deployment: Weeks to Days

A national enterprise with 180+ sites needed to dramatically reduce the time to deploy new locations. An automated, security-first deployment methodology cut delivery from weeks to days.

Facing a similar challenge? Let's talk.

Discuss Your Challenge

Make a Difference With Expert Guidance

Let's Work Together