Contractual and Requirements Management
Within the modern market, the need to support contractual agreements with robust security structure has become a core principle in delivering managed services. Whether you are the customer (N), the prime supplier (N-1) or a sub-contractor (N-2), there is a need to manage the security requirement flow down and agreements between the organisations. We can support your organisations contractual commitment at every level, to ensure that security is paramount when dealing with your corporate IP, customer data or Payment card information.
In the modern agile world, it has become accepted that cloud environment will support all sizes of managed services or corporate data storage or processing. We have supported company in auditing these types of facilities to ensure the physical, logical and virtual architecture meet the needs of the data being stored or processed on your behalf.
Cyber Risk Management
Our Cyber Risk Management capability has been developed from our roots working within HMG organisations. We were active in the CLAS community supporting a number of High level projects to CESG policies and guidelines. We have provided CRM to space industry supporting Airbus Defence and Space to manage the risk process as the prime contractor to ESA for the Galileo project.
Cyber Architecture and design
The key fundamentals of security are imbedded in the root of the system architecture and design. Without an effective strategy at this level, the remaining security process can become difficult and expensive to manage or correct. We can provide consultancy to ensure you architecture has a sound baseline to work from. We also provide a service to review your current architecture to ensure there are no design issues that could allow an attacker to gain access to sensitive information. With our experience within HMG, the Space industry, the Mobile sector and critical national infrastructure we are more than capable of supporting both small business and corporate environments.
Secure Software Development and Testing
We have experience in supporting the software development lifecycle or the both the flight systems and GPS delivery for the Galileo project. This included the static analysis of development code and both dynamic application and network testing of the delivered system at the Satellite ground control station and the uplink facilities spread across the globe.
SOC delivery and analytical capabilities
We have extensive experience in provided consultancy on the development of SOC capabilities within the UK. This has involved the procurement and management of security systems form IDS, firewall and supporting SEIM capabilities. This includes the development of collaborative working between international organisations to provide operational and strategic response capabilities.
Training and Personal Development
We can help you develop your Cyber Security strategic training policy for your organisation, providing consultancy in training needs analysis and CBT packages. By working with your HR department we can either assist your organisation to provide in house development or assist in outsourcing the delivery of training as you require.
Cyber Security Policy and Management
Without the right balance of knowledge and experience, most organisation struggle to develop and effective Cyber Security Policy. We can provide consultancy in developing a bespoke policy to meet your organisations need. This will all us to develop a strategic management structure so that you can meet the modern Cyber threats head on. This will include the development of incident response, management and recovery processes to ensure you can effectively respond when the worst happens.
This field covers a vast area of compliances and controls, from the physical security of your premises, staff and documentation to the Cyber environment that you use to support your R&D, services and delivery. We can support you in all aspects of auditing your environment, providing detailed reports on current levels of controls, any areas that need improving and a strategy to support the development of a get well plan.
The service can extend into the review and Penetration testing and vulnerability assessment of your boundary and internal controls. This will provide the assurance that your cyber environment is configured to industry best practice, legislative policies and international standards.