SMEs are usually the main victim and the primary focus of cybercriminals. An interior design company has reported that multiple companies in their circle of acquaintances have at least experienced a cyberthreat before - some of which have suffered financial losses or damages to intellectual property. For this reason, the interior design company wants to develop a plan of action that allows them to react in case of a cyber-attack. Additionally, the company desires an as-is analysis of their current IT-security situation and to develop preventive measures meant to improve their cybersecurity.

The development of the desired solutions started by conducting an as-is analysis according to the ICT-Minimum standard to evaluate and acquire an accurate assessment of the IT-security of the company. Based on this assessment, preventive measures for the three most critical weak points of the company are developed. Furthermore, a plan of action was devised for the company to be able to stay in operation after a cyberattack, minimize potential damages, and react in a professional manner. It serves the employees of the company as a playbook in case of a cyberattack.

The first document, a preventive measurements plan, focuses on the interior design company's three most critical weak points describing preventive measures to support the company in improving these areas. By conducting the IT-security analysis using the ICT-Minimum standard, the aspects Asset Management, Awareness and Training and Information Protection Processes and Procedures were identified as being the lowest scoring areas of the company's existing IT-security. The document contains preventive measurements addressing each section individually, providing detailed information, knowledge, and instructions on how to improve them. The second document, a plan of action, focuses on the incident response processes and procedures. The plan of action is intended on guiding the company through the event of a cyberattack. To achieve this, the document contains a response plan that outlines the different actions and processes needed based on the severity level of the cyberattack. Furthermore, three actions/processes were further outlined in their own sections due to their complexity and importance. These being Cyber-Incident Analysis, IT-Recovery Plan and Public Relations Strategy.