Accessability Links

Cyber Consulting

We believe building security into systems at the earliest concept and design phases is the most effective way to secure the complex, integrated and inter-connected solutions that organisations rely on to operate and grow. However, we understand that this isn’t always possible and therefore we are assisting customers at all stages in their journey to offer the most secure and cost effective solutions.

Below is a summary of our solutions:

ISO27001 Implementation (end-to-end):
The creation/maintenance/ management of an Information Security Management System (ISMS) in accordance with the ISO27001:2013 standard; this includes either a certified or aligned ISMS implementation.

ISMS Internal/Pre-External Audit: To assist organisations in readiness for annual certification audits, either by a client/regulator or certifying body.

ISO22301 Implementation (end-to-end):
The creation/maintenance/ management of a Business Continuity Management System (BCMS) in accordance with the ISO22301 standard; this includes either a certified or aligned BCMS implementation.

Internal Audit: To provide an independent internal audit function to organisations wishing to secure Cyber/Business Continuity policies and processes from the inside out, internal audits can be performed against organisational policies, regulatory or legislative requirements.

Cyber Risk Assessment & Management: To provide organisations with an acute understanding of how to identify, manage and treat risks. As a Practice, we work with organisations to understand their risk appetite and help in managing risk to remain below an agreed threshold.

GAP Analysis: A discovery based assessment to understand and score an organisation against a given standard/requirement.  To understand and translate an organisation’s security maturity and posture and translating the gaps into a roadmap for remediation.  Typically, gap analysis can be against: IS027001/ ISO22301/GDPR/ Cyber Essentials.

Cyber Resilience Profiling:
Cyber Resilience is a broad approach that encompasses Cyber Security and Business Continuity Management with the aim of defending against potential cyber-attacks and ensure an organisation’s survival following an attack.

Cloud Security: Applying NCSC principles and guidelines, technologies, controls and policies can be recommended/deployed to protect data, applications and associated infrastructure of a cloud based computing system.

ITHC Facilitation/Remediation:
To provide a resource to act as a mechanism to translate the findings of an IT Health Check (ITHC) to the business, to prioritise findings based on the potential risk, to co-ordinate resources and budget to manage remediation tasks, and where necessary, seek alternative/ compensatory controls for areas of challenge.

10 Steps Implementation:
Based on 10 technical advice sheets released by NCSC, the advice sheets provide guidance relating to common cyber-attacks and allow organisations a relatively quick way of understanding their risk and putting in mechanisms to safeguard themselves.  The advice sheets provide an effective entry-level approach to cyber security management.

PCI DSS:
To provide organisations with qualified PCI specialists (ISAs and QSAs) to determine the scope / provide a gap analysis / assistance in the completion of SAQs / Perform a Report on Compliance (ROC) audit.

Back to Top