Clanmil Housing
NormCyber’s full suite of managed security services enables one of Northern Ireland’s leading housing providers to reduce vulnerabilities by 60% in a month and save £235,000 annually
Case Studies //Cyber Security //
Clanmil Housing provides homes for more than 11,500 people across Northern Ireland. With a team of over 300, Clanmil delivers high-quality social housing, responsive repairs and vital support services —strengthening communities and addressing Northern Ireland’s ongoing housing crisis.
In brief
- Heeding the lessons of high-profile cyber-attacks, and motivated by a duty of care for its customers, Clanmil sought specialist help to fortify its cyber risk management
- Norm’s comprehensive Cyber Security Managed Service protects Clanmil across the full security spectrum—including managed detection and response, incident response, vulnerability management, penetration testing, and human risk management—with clear, actionable reporting for the Board
- Clanmil benefits from a continuous cyber resilience improvement programme, reducing manual work by 25% and saving 70% compared to in-house management
The challenge
As a customer-centric organisation, Clanmil prioritises safeguarding its customers from the impact of cyber breaches such as service disruptions, data breaches, and financial losses. Recent high-profile cyber-attacks have shown the potential extent of the fallout, with one UK council suffering a two-year service breakdown after hackers accessed and erased critical data.
Clanmil identified cyber security as a key strategic risk in its 2024 Risk Register, driven by three main challenges:
- People: Remote working and online services can make staff more vulnerable to phishing, malware and ransomware
- Processes: System recovery after a breach can disrupt essential services and lead to escalating costs
- Technology: Undetected security holes in legacy technology and a lack of proactive management can lead to vulnerabilities
As part of its 2026 Digital Strategy, Clanmil sought to strengthen its Cyber Incident Response Policy. Leadership recognised that while existing security processes had been effective, they were disconnected and difficult to scale. To achieve a robust, long-term cyber resilience strategy, Clanmil began evaluating managed security service providers.
“Cyber security was identified as a board-level risk, but we lacked the internal resources to deliver a robust cyber resilience programme— especially access to specialist knowledge. We recognised that by outsourcing cyber risk management, we’d gain an external expert perspective and a clear roadmap to drive long-term cyber resilience improvements. After evaluating multiple providers, we found the perfect partner in Norm.”
– Peter Grimley, Assistant Director of ICT, Clanmil Housing
The solution
Clanmil built a business case for a managed Security Operations service to provide:
- 24/7 monitoring across all ICT assets
- Incident Response support for rapid recovery
- Continuous vulnerability and patch management
- Phishing and cyber-attack simulations
- Specialist consultancy support
Clanmil deployed a comprehensive suite of managed security services, all centrally visualised in Smartbloc:
- Managed Detection & Response – 24/7 vigilance backed by a CREST-accredited UK Security Operation Centre (SOC). The service leverages frontline knowledge, global threat intelligence and automation to swiftly isolate and remediate threats.
- Incident Response – Rapid containment within 15 minutes, certified by the National Cyber Security Centre (NCSC) Norm is recognised as providing the highest technical standards of Incident Response.
- Incident Response Readiness – Leadership cyber-attack simulation exercises designed to rehearse and refine response strategies.
- Vulnerability Management – Continuous scanning of Clanmil’s 375 endpoints to detect and mitigate threats.
- Human Risk Management – On-demand, bite-sized security training and simulated phishing exercises based on NCSC and CIISec-certified content.
- Penetration Testing – Norm’s CREST-accredited ethical hacking goes beyond simply uncovering vulnerabilities, providing valuable context with actionable insights on high-risk vulnerabilities.
Beyond technology, a dedicated Focal Analyst was embedded within Clanmil, acting as an extension of its IT and security teams. With a deep understanding of Clanmil’s IT environment, commercial goals and day-to-day operations, the Focal Analyst provides actionable guidance to drive continuous improvements.
“Our business requirements spanned the full spectrum of security, but Norm’s modular Cyber Security offered the complete package. Most importantly, it gave us that measurable, centralised oversight we needed. The Smartbloc dashboard was a key differentiator that set Norm apart with clear, contextualised reporting, on-demand. It felt tailor-made for us from the outset,” Grimley said.
Now, decision-makers can track Clanmil’s Cyber Resilience Score at any time, within Smartbloc. This single, clear metric denotes the company’s overall cyber posture – while technical teams gain actionable insights and step-by-step guidance on the most effective next steps to strengthen their cyber defences.
“Before Norm, it was hard to demonstrate the ROI of our efforts to the Board. Now, our Cyber Resilience Score is a clear indicator of our cyber posture. The data is visualised and validated by Norm, and it’s structured in a way that even non-technical executives can understand. The Board’s reception was extremely positive, with our Finance Director remarking on its clarity and simplicity,” Grimley continued.
“Norm’s managed cyber security service is a complete deviation from our previous setup,” explained Grimley. “We did phishing training and penetration testing before, but these were separate activities and the learnings were difficult to act upon. Instead of trawling through a 300-page security report, we now access Smartbloc for clear, prioritised insights. It has completely transformed our security manager’s job – instead of looking for issues, he can focus his attention on resolving them.”
The results
At the outset, Clanmil set clear objectives: to strengthen security, enhance protection against cyber threats, ensure transparent reporting, and achieve compliance with industry standards. Norm’s services were deployed in under a month, delivering immediate, measurable improvements:
- 60% reduction in vulnerabilities within the first month
- 100% compliance with phishing awareness training within six months
- Critical vulnerabilities patched within 14 days
- Three weeks of manual effort saved per quarter, allowing internal teams to focus on proactive security enhancements
“Within just three working days, the first sensors were deployed, our Cyber Resilience Score was activated, and we watched in real-time as our cyber security posture took shape before our eyes. We were shocked to see what we didn’t see before.”
– Peter Grimley, Assistant Director of ICT, Clanmil Housing
Beyond the immediate security improvements, Norm provided unprecedented visibility into Clanmil’s risk exposure. Previously, annual penetration tests identified 42 vulnerabilities, but Norm’s real-time monitoring uncovered 7,000, providing a true picture of risk exposure.
“Before, penetration testing gave us a one-off snapshot of our cyber risk, whereas now, Norm provides continuous monitoring and much richer data. It’s the difference between an annual MOT to Formula 1-level telemetry—the visibility is unparalleled,” Grimley explained.
But more data didn’t mean more complexity—decision-making became easier than ever.
He continued, “Norm gave us more detail than we’d imagined, but at the same time, it wasn’t overwhelming. In fact, it made prioritisation clearer and decision-making faster. With Norm’s guidance, we are systematically reducing our risk exposure.”
Business Impact
Norm’s solution also delivered significant operational and financial benefits. By implementing Norm, Clanmil:
- Enhanced customer trust through stronger data security
- Improved service reliability with reduced cyber risk
- Increased employee productivity with a secure, streamlined system
Commercially, the decision to outsource cyber security to Norm was significantly more cost-effective than building the capability in-house.
“During the tender process, Norm far outperformed competitive offerings in both quality and pricing. Looking at commercial benefits alone, outsourcing to Norm cost just one-third of in-house management. And that’s before we consider recruitment and procurement costs. As a result, we estimate that Norm is saving us £235,000 annually,” said Grimley.
Most importantly, Norm’s managed security service freed up internal teams to focus on solutions rather than problems.
“We gained a substantial productivity benefit from Norm’s managed cyber security service. Norm is saving our teams at least three weeks of manual effort per quarter. More importantly, it shifts our focus from problem-finding to problem-solving. Instead of searching for vulnerabilities, we’re actively fixing them. That’s a game-changer,” said Grimley.
Looking ahead
The positive experience and measurable cyber resilience improvements have led Clanmil to look optimistically at the future. With Norm’s support, Clanmil has set ambitious future goals:
- 95%+ completion rate for cyber awareness training via an automated, web-based system, accessible on-demand.
- Ongoing phishing tests throughout the year, creating a realistic, adaptive security culture.
- Achieving a Cyber Resilience Score of 95%, placing Clanmil among the highest-rated organisations for cyber security.
Additionally, Clanmil is now expanding Norm’s services into supplier risk management and data protection—further strengthening its business continuity planning.
“Norm has transformed the way we approach cyber security. Their service is driving our 2025/26 operational plan, helping us make data-driven decisions, and shaping our future investments in security. We couldn’t be happier.” – Peter Grimley
