Edinburgh Trams partnered with Acumen Cyber to upgrade and modernise its cyber defences while reducing the growing workload cyber security was placing on its in-house IT team.
Play video
Edinburgh Trams operates and maintains the capital city’s tram network on behalf of the City of Edinburgh Council. Although a relatively small organisation with around 300 employees, Edinburgh Trams is pivotal to delivering a safe, reliable, and socially inclusive transport for residents and visitors.
In a demanding urban environment, Edinburgh Trams must cope with unexpected events, complex scheduling demands, and meet critical safety requirements. The internal IT team managing the organisation’s infrastructure, ticketing systems, and cyber security is small which means that streamlined processes and efficiency are essential.
Prior to engaging Acumen Cyber, Edinburgh Trams faced multiple challenges:
Limited Internal Resources
The internal IT function is run by a lean team with wide-ranging responsibilities, making 24/7 cyber security coverage difficult to achieve in-house.
Disparate Legacy Systems
A range of ageing tools were due for renewal. These systems lacked modern capabilities for XDR, vulnerability management, and incident response.
Reactive Security
The team previously relied on traditional periodic penetration testing and vulnerability scans. There was a clear need to move towards continuous monitoring and proactive security.
Acumen Cyber provided a hybrid managed cyber security solution, tailored to Edinburgh Trams’ needs.
MXDR Services with Threat Intelligence
Supporting Edinburgh Trams’ move from periodic testing to continuous security, Acumen Cyber deployed a hybrid managed MXDR solution underpinned by a UK-based 24/7 SOC. Modern endpoint detection and response (EDR) technology was rolled out to deliver real-time threat detection and response.
All events are now monitored and correlated through a next-gen SIEM platform, ensuring threats are identified and investigated in context. Unlike traditional SOC models, Acumen Cyber engineers take full incident ownership, ensuring faster resolution. Edinburgh Trams’ IT team collaborated with Acumen Cyber’s engineers to achieve full visibility of all SOC alert investigations.
Vulnerability Management & Dark Web Monitoring
To reduce risk across a fragmented and aging technology estate, Acumen Cyber implemented continuous vulnerability scanning and dark web monitoring, providing Edinburgh Trams with greater visibility across its entire attack surface. Dark web monitoring added an extra layer of defence by continuously scanning hidden forums and marketplaces for compromised credentials and sensitive data.
Virtual CISO (vCISO) Consultancy
As part of its engagement, Acumen Cyber provided vCISO consultancy to support long-term cyber resilience. This included embedding cyber security into governance, aligning Edinburgh Trams’ operational priorities with business risk.
Acumen Cyber worked closely with the internal team to design custom reporting outputs tailored to board-level key performance indicators (KPIs). These reports now form part of weekly management updates and executive packs, giving stakeholders clear insights.
Acumen Cyber’s CREST-accredited SOC in Glasgow ensured 24/7 incident response, boosting trust and confidence through seamless collaboration.
Improved visibility
The introduction of enterprise-grade monitoring and threat detection has significantly enhanced visibility across Edinburgh Trams’ IT estate. Enhanced metrics now provide a clearer understanding of activity across the network, helping the IT team and the board to understand what’s happening in real time.
Improved Reporting & Communication
Custom reporting outputs have streamlined internal communications, reducing the time spent preparing board reports and operational updates. This allowed cyber risk to be communicated with clarity and confidence.
Rapid implementation
The Acumen Cyber solution was deployed in line with the agreed schedule, coordinated around other high-impact projects within the business. Acumen Cyber’s technical team worked directly with the internal IT lead at Edinburgh Trams to ensure alignment with internal frameworks and reporting structures.
Strategic Foundations for Long-Term Resilience
Acumen Cyber’s solution not only addressed immediate security gaps but laid the groundwork for long-term planning. This structure has helped shape a strategic roadmap used to support budget approvals, prioritise investments, and align board-level focus with cyber resilience goals.
Streamlined Operation
Automated reporting has significantly reduced the time the IT team spends preparing updates for management and the board. With metrics now embedded into weekly operational meetings, communication has improved across departments.
Collaborative Delivery
Acumen Cyber’s hybrid model has allowed the internal IT team to remain actively involved in implementation and day-to-day operations. Rather than fully outsourcing cyber security, the team retained access to tools and dashboards, gaining hands-on experience while benefitting from expert guidance.
Acumen Cyber engineers ‘own’ the problem
Unlike traditional tiered approaches where tickets are passed between teams and disappear into a queue, Acumen Cyber engineers take full ownership of incidents from start to finish. This accountability ensures faster resolution and a better client experience. The internal IT team retained access to key tools such as SentinelOne and Tenable, ensuring visibility, control, and the opportunity to stay hands-on with day-to-day security.
Doug Curry, IT Manager - Edinburgh Trams
Acumen Cyber’s 24/7 CREST-accredited SOC in Glasgow provided deep insight into the Edinburgh Trams’ security needs.
Doug Curry, IT Manager - Edinburgh Trams
By partnering with Acumen Cyber, Edinburgh Trams has taken a major step forward in building a modern, responsive, and transparent approach to cyber security. This has not only delivered stronger visibility and incident readiness but also fostered a collaborative working relationship that continues to evolve.
The Acumen Cyber team offered a tailored approach carefully aligned with Edinburgh Trams’ operational needs and security goals. With enhanced monitoring, expert support, and a shared commitment to continuous improvement, Edinburgh Trams is well positioned to contain cyber risk while strengthening its security posture.
Complete the form below to download the Edinburgh Trams Case Study.
