Cyber Essentials

Cyberfort are accredited by IASME to assess and certify organisations under the National Cyber Security Centre Cyber Essentials scheme. This service includes:

• CE Certificate
• Free Cyber Insurance up to £25,000
• 6 Hours Consultancy Support (within 30 days of commencement)
• One free re-submission within 30 days

Cyber Essentials Plus

This more comprehensive service includes:

• CE+ Certificate
• Free Cyber Insurance up to £25,000
• External vulnerability scan
• Assessment and Internal Vulnerability Scan
• 10 Hours Consultancy Support (within 30 days of commencement)
• One free re-submission within 30 day

Penetration Testing

Cyberfort is accredited by NCSC to provide penetration testing under NCSC’s CHECK scheme and accredited by CREST to deliver Penetration Testing, Vulnerability Scanning and Cyber Essentials assessments.

We’ll support you to build in delivering innovative cyber security solutions underpinned by cybersecurity best practices, delivered by our team of accredited CREST certified testers, using approved methodologies against the latest vulnerability databases. From day one you will have a combination of the best people and resources, using the best tools, delivering a best-in-class experience.

Our services include   :

• Network and Infrastructure Testing
• Network Device Configuration Reviews – including Firewalls, VPNs, Switches etc.
• End User Device Testing including Windows, Linux, macOS
• Web application assessments
• Mobile application assessment (iOS and Android)
• Cloud Security Review (Microsoft, AWS and GCP)
• API Assessments
• Wireless Network Testing
• Social Engineering and Phishing
• Red Team and Purple Team Exercises

Vulnerability Management

Our vulnerability scanning is accredited by CREST​.

Vulnerability management includes continuous scanning of your external assets providing you with visibility of all findings, including an executive summary, risk scoring, remediation advice and vulnerability analysis

Incident Response

Cyberfort’s Incident Response (IR) service works to contain, mitigate, and recover customers’ businesses, throughout the lifecycle of a cyber incident. Through a process of identifying, analysing, containing, remediating/recovering and root cause analysis, we can bring you back online. Our IR services include data breaches, and external post-incident reviews to improve your future defences.

Our Incident Response services will help you to prepare for potential incidents and tests and evidences these preparations; services include developing response plans, developing and implementing incident playbooks, conducting tabletop exercises, crisis scenario tests/models, and ensuring forensic readiness to collect and preserve evidence.

Additional support services ensure compliance with legal/regulatory bodies, aiding in cyber insurance claims, and supporting organisations with public relations during incidents.

• 24×7 Incident Response
• Dedicated Incident Response Manager assigned for critical incidents as point of contact
• Dedicated Incident Responder assigned for high incidents as point of contact
• Services included:

• • Network Forensics
  • Endpoint Forensics
  • Cloud Forensics
  • Mobile Device Forensics (where available and applicable)
  • Log File Analysis
  • Cyber Threat Intelligence
  • Technology Recovery
  • Malware Analysis
  • Criminal and legal support

• • Tabletop Workshops
  • Cyber Response workshop

Governance Risk and Compliance

Cyberfort will assess you by undertaking a security posture health check that is aligned to the relevant standards. Below are examples of standard and regulations that we have assessed organisations against: 

• GDPR
• NIST Cyber security Framework
• NCSC Cyber Assessment Framework
• ISO 27001
• CIS Controls

Our health check includes:

• Q&A session with the client’s team
• Review of Infrastructure/Security Operations
• Review of Data/Information Security
• Review of policies, procedures and processes.
• Review Staff training and awareness
• Review of Third-party assurance
• Review of Incident Response, Business Continuity and Disaster Recovery

The results of the Health Check will be a report which will provide you with an action plan to ensure you can evidence that you are improving your security posture in line with appropriate standard for the client.

Virtual Chief Information Security Officer (vCISO)

Our vCISO as a service solution offers the client access to the following:

• Our Experienced Cyber Security Experts. You will be assigned a lead consultant who will have the ability to reach back into our teams to ensure you have access to experts who have held leadership CISO roles and have valuable industry experience.
• Day-to-day management of your Security programme
• • Management review meetings
  • Training and awareness
  • Internal audits
  • 3rd Party supplier reviews
  • Risk Management Methodology (including Risk Workshops and interviews)
  • Maintenance of policies & procedures
  • Updates on current threats and vulnerabilities

Virtual Data Protection Officer (vDPO)

Our vDPO as a service solution offers you a virtual Data Protection Officer with access to the following:

• Our experienced cyber security and data protection experts. You will be assigned a lead consultant who will have the ability to reach back into our teams to ensure you have access to experts who have held leadership CISO roles and have valuable industry experience.
• Regulatory compliance and governance. Our vDPO will manage and communicate with stakeholders/regulators/audits for all data protection matters and data privacy requests.
• Day-to-day management of your Data Protection Function
  
  • Management review meetings
  • Training and awareness
  • Internal audits
  • 3rd party supplier reviews
  • Creation and maintenance of data protection policies & procedures