DEMYSTIFY SECURITY LIMITED

Secure by Design as a Service

Embrace the UK Cabinet Office's Secure by Design framework with our service, focusing on core principles and proactive measures. We prioritise key activities such as threat modeling and risk assessment practices to embed security into every stage of development. Our approach fosters resilience, compliance, and trustworthiness in digital ecosystems

Features

• Continuous and interative risk assessment
• Collaborative Threat Modelling increasing traceability
• Alignment with UK Cabinet Office Secure by Design framework

Benefits

• Reduction in and increased understanding of risk.
• Increased value and awareness through risk management
• Increased collaboration and understanding
• Tailored, customised and proportionate security controls
• increased awareness and empowerment of existing, in-house security capability

£700 to £1,200 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at naveed@demystifysecurity.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

244171593451186

Contact

Naveed Saeed
07811016096
naveed@demystifysecurity.com

Planning

• Planning service: Yes
• How the planning service works: We collaborate closely with buyers to strategize the seamless integration of cloud hosting or software services within their organizational framework. Through comprehensive consultations, we assess the specific requirements and objectives of the buyer, considering factors like scalability, performance, and security. Our process begins with a thorough analysis of the buyer's current infrastructure, identifying any potential gaps or areas for improvement.; Once objectives are defined, we develop a tailored implementation plan that aligns with the principles of the UK Cabinet Office Secure by Design framework. This plan encompasses key milestones, timelines, and resource allocation to ensure a smooth transition to cloud hosting or software services. We prioritize proactive measures such as risk assessment, threat modelling, and secure coding practices to embed security into every stage of implementation.; Throughout the process, clear and transparent communication is maintained to keep the buyer informed and involved in decision-making. We also provide ongoing support and guidance to address any challenges or concerns that may arise during implementation. Our goal is to empower buyers to leverage cloud hosting or software services effectively, maximizing the benefits while minimizing risks.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: In our Secure by Design consultancy, we specialize in guiding buyers through the strategic process of migrating to the cloud or transitioning between cloud services. Our approach is rooted in proactive planning and expert advice, aligned with the principles of the UK Cabinet Office Secure by Design framework.; ; We begin by conducting thorough assessments of the buyer's current infrastructure and objectives. Based on this analysis, we provide tailored recommendations and design a migration strategy that prioritizes security and compliance. Our consultancy services include advising on best practices, selecting appropriate cloud services, and optimizing architectures for efficiency and resilience.; ; Throughout the consultancy process, we offer ongoing support and guidance, ensuring that the buyer's migration journey is smooth and successful. We provide expert insights on potential risks, mitigation strategies, and opportunities for improvement. Our goal is to empower buyers with the knowledge and expertise needed to make informed decisions and navigate the complexities of cloud migration with confidence.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security audit services
  • Other
• Other security services: Cyber Apprentice Management and coordination

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Our consultancy provides strategic guidance and advice for cloud migration and security. However, successful implementation relies on buyer cooperation and commitment. Project timelines may vary based on infrastructure complexity and regulatory requirements. While we offer recommendations, implementation is the buyer's responsibility. We can support and advise throughout, but buyers should allocate resources accordingly to ensure effective execution. Being mindful of these factors ensures a smoother transition and maximizes the benefits of our service.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We will work with customers to introduce a support capability that aligns with the SLA that best meets the requirement
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Basic Support: Provides essential assistance during standard business hours (Monday to Friday, 9 AM to 5 PM) via email or phone. This cost-effective option suits projects with minimal support needs.; Standard Support: Offers extended support with faster response times via email or phone during business hours. Ideal for mid-sized projects requiring more comprehensive assistance.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • UK Cyber Security Council Chartered Principle
  • Certification Information Security Auditor
  • Certified Information Security Manager
  • Certified Information Systems Security Professional

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  We promote inclusivity and diversity by offering accessible, user-friendly consultancy services that cater to diverse needs and capabilities, ensuring equal opportunity for all stakeholders.

  Wellbeing

  Our consultancy prioritizes the wellbeing of public sector employees and citizens by promoting secure, resilient cloud solutions that safeguard data privacy and facilitate remote collaboration, fostering a healthy work-life balance and peace of mind.

Pricing

• Price: £700 to £1,200 a unit
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at naveed@demystifysecurity.com. Tell them what format you need. It will help if you say what assistive technology you use.