2MG SOLUTIONS LTD

Cyber Vulnerability Management

Vulnerability Management service aimed at enhancing the cybersecurity of UK healthcare organisations through systematic vulnerability assessments, remediation guidance, and ongoing management to safeguard patient data and healthcare IT systems. Service delivers a comprehensive approach to identifying, classifying, remediating, and mitigating vulnerabilities within the healthcare IT environment.

Features

• Alignment to international standards including ISO 27001 and Cyber Essentials
• Alignment to government and NCSC policies and standards
• Alignment to Cloud Security Principles
• Independent product agnostic advice
• Establishment of governance structures including Terms of Reference
• Development of technical, procedural, physical and personnel security controls

Benefits

• Compliant with ISO and Cyber Essentials
• Understanding of risk assessment process minimising risk of insider threat
• Proportionate to business requirements providing value for money
• Fully documented structured and repeatable process ensuring knowledge transfer

£250 to £650 an instance a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@2mgsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

228297471855357

Contact

Marcin Glanc
020 3878 3900
sales@2mgsolutions.com

Planning

• Planning service: Yes
• How the planning service works: 2MG Solutions helps organisations identify, design and implement cybersecurity standards in the most complex services and secure environments. Our holistic and independent support allows buyers to maximise the value of infrastructure and software services. Initial Setup and Baseline Assessment: under 1 month.; Ongoing Scanning and Reporting Cycle: Monthly scans with quarterly comprehensive reviews.; Remediation and Compliance Updates: As needed, based on the findings and evolving cybersecurity threats. (Note: Implementational Planning and Timeline is a customised service, based on individual customer's scope and objectives)
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: 2MG Solutions typically adopt a model where they are integrated into the operational team to ensure the implementation lifecycle is adhering to operational processes in a specific organisation. Our approach is aimed to maximise training, train the trainer and knowledge transfer across the lifecycle, typically ending in an operational acceptance testing and formal handover process with an option for early life support.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Service allows to move application management and deployment to the cloud, providing access to cloud tools and deployment technologies.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: QAT testing is included in the service. UAT testing is coordinated with users nominated by customers.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: Other
• Other security testing certifications: CEH EC-Council

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Custom addition to the service, individually agreed with each customer.

Service scope

• Service constraints: -

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Custom element of the service, individually agreed with each customer.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Individually agreed with each customer depending on level of service purchased.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 05/04/2022
• What the ISO/IEC 27001 doesn’t cover: -
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  By safeguarding digital infrastructure, Cyber Vulnerability Management helps prevent cyberattacks that could disrupt healthcare operations, reducing the need for emergency response efforts and associated carbon emissions.

  Covid-19 recovery

  Ensuring the security of healthcare systems is critical for maintaining continuity of care and vaccine distribution efforts, thus supporting the recovery from the Covid-19 pandemic by safeguarding vital healthcare services.

  Tackling economic inequality

  Preventing cyber threats protects healthcare services that are often relied upon by economically disadvantaged communities, mitigating potential disruptions and ensuring equitable access to healthcare resources.

  Equal opportunity

  Secure digital systems promote equal access to healthcare services for all individuals, regardless of socio-economic status or geographic location, thus advancing the principle of equal opportunity in healthcare delivery.

  Wellbeing

  Protecting patient data and healthcare infrastructure safeguards individuals' privacy and trust in the healthcare system, contributing to overall wellbeing by ensuring the confidentiality and integrity of personal health information.

Pricing

• Price: £250 to £650 an instance a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@2mgsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.