Building Cyber Resilience in AWS: How Hyperscale Consulting Helped Puffin Cottage Holidays Strengthen Their Defences
Company Background
Puffin Cottage Holidays is a well-established, family-run holiday lettings agency based in Pembrokeshire. The company markets over 180 self-catering properties and operates a custom-built Property Management System (PMS) hosted on AWS, which is central to their day-to-day business operations.
The Challenge
Following a series of high-profile ransomware incidents, including the M&S attack in April 2025, the management team became concerned about their potential exposure. Their reliance on the PMS for accepting and managing bookings meant that if it were taken offline due to a ransomware attack, the business would be unable to trade.
Lacking in-house AWS security expertise, the team were unsure how secure their environment was or how to build a cyber-resilient AWS architecture. They engaged Hyperscale Consulting to help them assess their security posture and develop a roadmap to strengthen their resilience.
Our Approach
We began with a comprehensive AWS cloud security assessment, which identified several key risks directly aligned with management's ransomware concerns. These included:
No incident response playbooks
Over provisioned permissions
Backups stored in the original environment, making them vulnerable to attacks that compromise that environment
Lack of threat detection and response procedures
We presented the findings to the management team and agreed on a phased roadmap to address their priorities.
Implementation
Phase 1: Foundations & Governance
Implemented a multi-account architecture separating production and non-production workloads, and workloads with different data sensitivity requirements
Identified control objectives aligned to relevant cybersecurity frameworks and automated enforcement and evaluation
Created logically air-gapped backup vaults to store immutable backups outside of the original environment
Created automated and auditable processes for the deployment of controls, landing zone configuration, and permissions, reducing the need for human access
Completed a full review of IAM permissions and reduced permissions in line with the principle of least privilege
Phase 2: Ransomware Resilience & Recovery
Implemented automated backups across all critical AWS resources with automated restore testing and compliance reporting
Designed and automated ransomware response playbook to meet a one-hour recovery time objective (RTO)
Phase 3: Threat Detection and Response
Developed and tested incident response playbooks for additional high-priority threats such as denial of service and credential compromise
Implemented automated correlation and enrichment of security alerts using data from multiple event sources to support both automated and manual incident analysis and response
Outcomes
Reduced risk of compromise by isolating workloads, enforcing control objectives, and reducing access permissions
Improved ability to detect and respond to a range of security incidents
Increased confidence in recovery, with the ability to respond to and recover from a ransomware attack within a tolerable timeframe
Puffin Cottage Holidays now operates with knowing that their AWS environment is resilient, recoverable, and aligned with industry best practices for cloud security and resilience
"From the start, Hyperscale really understood our business and the importance of keeping our booking systems running. They explained everything clearly and delivered exactly what we needed to feel confident about our security and resilience."
Ready to Strengthen Your Cloud Security?
Hyperscale Consulting helps organisations of all sizes strengthen their AWS security and resilience. Contact us to discuss how we can help you build confidence in your cloud environment.