Waterstons Limited

Cyber Security Consultancy

Waterstons Cyber Security team provides: Security Consulting, Security Operations Centre (SOC), SIEM, Risk Assessment, Critical Incident Response, External & Internal Auditing, Pen Testing, Attack Simulation Training, Vulnerability Assessments, Cyber Certification Services - ISO27001, ISO22301, NIST,DISP, Security Architecture, Cyber Strategy, Cyber Essentials Plus, Cyber Resilience Audit (CRA)

Features

• ISO27001, ISO22301 , ISO14001, NIST, Certification & Training
• Cyber Essentials Plus
• CREST 24/7 Security Operations Centre
• Cyber Security Manager as a Service
• Cyber Security Strategy & Governance
• Vulnerability Assessments
• Incident Response
• GDPR & Data Protection Advice
• CREST Penetration Testing
• NCSC Cyber Resilience Audit (CRA) Scheme

Benefits

• Enhance your teams skills and bridge your cyber security gaps
• Strengthen your best line of defence - your people
• Achieve security certification
• Third party risk assessment assurance
• Reduce risk and increase security
• Ensure proactive responses to network/security incidents
• ISO9001 & ISO27001 Accredited
• NCSC Certified Consultancy
• BSI Associate Consultancy
• Provision of Independent audits against Cyber Assessment Framework (CAF)

£875 to £1,875 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tender@waterstons.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

256597579284448

Contact

Colin Speirs
0345 094 0945
tender@waterstons.com

Planning

• Planning service: Yes
• How the planning service works: Our dedicated cyber resilience team work with you to design, implement and optimise pragmatic controls to ensure your critical data and systems are always protected – helping you sleep easier at night. We recognise that no ‘one size fits all’ when it comes to cyber security, so our services are tailored to suit your needs.; ; Our dedicated security team provide insight into legislative and regulatory requirements to ensure any cloud migration plan safeguards your data appropriately at all times.; ; We use the full breadth of our sector and technology expertise to develop a plan that meets your needs, not just now, but for years to come. Our aim is to reduce the cost of your IT service, ensuring it provides a return on investment. We bring real-world experience that will identify the pitfalls and opportunities present in any cloud migration. We aren’t afraid to challenge assumptions or ask difficult questions.; ; Waterstons provide a bespoke service based around your needs - whether you need a full IT cyber strategy, a service selection exercise, or just a bit of advice to help you migrate a specific technology.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Waterstons’ Technology & Cyber teams have extensive experience and knowledge with a wide range of best-of-breed cloud and on-premises technologies. We leverage this knowledge to design a migration plan that is bespoke to your organisation, utilising a number of in-house and vendor-supplied migration tools and technologies, as appropriate. Our understanding of the range of options that are available allows us to select a migration path than best fits you organisation’s needs and budget.; ; We will take on as little or as much of the work as you require – working with your own teams and managing relationships with third party vendors as required.; ; Where additional customisation is needed or unique requirements exist, our Bespoke development team can fill in the missing links by crafting additional tools, or customising cloud services to better fit your organisation.; ; For large projects involving multiple vendors, our Transformation team can assist by providing experienced project managers, as well as change managers to help steer your organisation on their journey to the cloud.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Waterstons are ISO 9001 and ISO27001 accredited, and use our quality management system to ensure our solutions are delivered to time, quality, and cost. Our people are committed to excellent customer service, with customer satisfaction being the primary metric by which we evaluate performance.; ; We have a team of specialists who perform audits of existing services. This audit typically consists of a technical review of the systems in scope, and may also include a review of service management (ITSM) and organisational readiness.; ; Waterstons have a number of specialists with considerable experience and knowledge of industry best practices. Depending on the complexity and scale of the audit, a number of specialists may be involved to gather information and make recommendations. All findings will be collated in an easily digested report, with key risks highlighted and prioritised using a Red/Amber/Green system. Each risk details the potential impact, suggested remedial actions, and associated costs.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • ISO 27001 Implementation Consultancy
  • GDPR and Data Protection Consultancy
  • Cyber Essentials and Cyber Essentials Plus
  • Security Manager as a Service
  • Security Training and Awareness
  • Network Attack Simulation and Vulnerability Assessments
  • Security Programme Management
  • Phishing Simulation
  • Managed Cyber Security Services
  • Business Continuity and Cyber Resilience
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Other
• Other security testing certifications:
  • Cyber Essentials & Cyber Essentials PLUS Assessors
  • Certified Information Systems Security Professionals (CISSP)
  • Certified in Information Security Management Principles (CISMP)
  • Certified Information Security Managers (CISM)
  • NCSC-Certified Board-Level and SIRO Trainers
  • ISO 27001 Lead Auditors & Implementors
  • PCI-DSS Assessors

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
• How the support service works: We have a Managed Services Division who deliver all support services for our clients. Within the division we have a Service Desk who provide reactive and proactive support for all incidents. The Service Desk is staffed by engineers with both general skills and specialist skills in Infrastructure Technologies, Cloud Technologies and Software Development. The Service Desk undertake both incident management and problem management, ensuring that repeat incidents are minimised.; ; Our engineers own the incident throughout its lifecycle to resolution in order to provide continuity and speedy resolution, escalating to specialists where required. ; ; We have a specialist technology team that support the Service Desk with in-depth technical skills in a number of technologies including Office 365, Azure and technologies that support other Cloud and Hybrid infrastructures. ; ; We also have a bespoke software team that configures and implements solutions in the cloud for our clients.

Service scope

• Service constraints: There are no known constraints. We work with our clients to provide a Bespoke Service that meets their individual needs.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We operate a remote Service Desk from our UK & Australian offices 24x7x365.; Indicative response times are dependent on severity;; ; Very High - 90% responded to in 15 minutes,; High - 80% responded to in 30 minutes,; Medium - 80% responded to in 4 hours,; Low - 70% responded to in 1 day,; Very low - 70% responded to in 5 days.; ; Calls can be raised for urgent break-fix issues (Very High and High).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: Our support levels are bespoke to the client’s requirements. We provide proactive and reactive in hours support and reactive out of hours support. The support levels provided can vary from basic third level escalation all the way to a fully outsourced and managed service.; ; Costing is based on the individual requirements of the client and is reviewed on a bi-annual basis to ensure it continues to be fit for purpose. ; At additional cost, we provide a reactive out of hours service for urgent incidents. This is handled on a charge-per-call basis. A retainer can be paid on a monthly basis which reduces the charge-per-call out.; ; We apply a client management structure which means our clients will be designated with a Client Director and Client Manager. Dependent on the service provided, the client manager role may be carried out by the role of a Service Manager. A Client Team will also be brought together from all areas of Waterstons business to work together to ensure that we’re continually meeting your needs and helping you push your business forward.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institute
• ISO/IEC 27001 accreditation date: 01/10/2023
• What the ISO/IEC 27001 doesn’t cover: Waterstons Information Security Management System (ISMS) covers all Waterston’s people, processes and technical systems worldwide in line with Statement of applicability Version 1.8 dated 16/11/2021.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CREST SOC Certified
  • CREST Penetration Testing
  • NCSC Assured Cyber Consultancy

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Waterstons are committed to working towards a net zero position with Carbon Emissions. This is to ensure we can play our role in contributing to the statutory target set by the Climate Change Act 2008 for at least a 100% reduction in UK greenhouse gas emissions by 2050 (compared to 1990 levels). We will do this by: • Reducing our impact due to transport and travel. • Ensuring we offer virtual meetings and events over in person where appropriate. • Considering carbon offsetting options. • Ensuring in person events are near public transport links • Utilizing electric pool vehicles where practical PPN 06/21 We have measured and published our baseline carbon emissions report in line with the Cabinet Office Procurement Policy Note (PPN 06/21). Environmental Working Group We have an established Environmental working Group within Waterstons to accelerate our journey to Net Zero. The group meets regularly to discuss and deliver sustainability strategy, initiatives, insight and awareness for the wider business and our clients.

  Tackling economic inequality

  At Waterstons we recognise and support the principles of the UK Governments Social Value Model and in particular the measures businesses like ours can take to improve economic, social, and environmental wellbeing to tackle economic inequality in the UK. As we endeavour to continually improve economic equality in our organisation we measure and monitor the effect that our initiatives have on our business, our clients and wider communities we work in.; As an organisation operating in a vibrant and rapidly expanding sector, we employ a range of activities to encourage people from a wide range of economic backgrounds and underrepresented in the workforce to consider a career in IT with Waterstons. They include; Creating Opportunities through our Business Growth ; Supporting Young People into Employment ; Investing in Education & Training ; Supporting Apprenticeships; Investing in Schools & Educational Establishments ; Volunteering; Donating & Fundraising

  Equal opportunity

  We are committed to delivering on our Diversity, Equality & Inclusion (DEI) strategy and are serious about the work we are doing to be recognised as an inclusive, customer focussed organisation, both inside and out. Waterstons adheres to the Equality Act 2010 and take all reasonable steps to provide a safe and healthy working environment which is free from harassment, in which all employees are treated with dignity and respect.; Our aim is to ensure that our workforce is truly representative of all sections of society and the local community in which we work. It is our commitment to our people, to ensure everyone feels comfortable, respected, and included at all times. Our people are supported and encouraged to develop to their full potential, and we provide meaningful opportunities for our people to develop their understanding. Our policy aims to protect employees from discrimination, harassment, and bullying by affirming our commitment and to enable us to assess, review and improve.; Equality is not about treating everyone the same; it is about ensuring that access to opportunities is available to all by taking account of people’s differing needs and capabilities.; Diversity is about recognising and valuing differences through inclusion, regardless of age, disability, gender, racial origin, religion, belief, sexual orientation, commitments outside of work, part-time or shift work, language, union activity, HIV status, perspectives, opinions and person value. This is not an exhaustive list and is intended to outline the protected characteristics of an individual as a minimum.

  Wellbeing

  At Waterstons we have a dedicated Wellbeing team supported by a site on the company intranet. The team and site offers access to a range of services and resources which supports our commitment to employee wellbeing. ; This includes:; • Employee Assistance Programme – Employees have access to a confidential 24/7/365 employee assistance programme offering advice on health & wellbeing issues and information & support on personal legal and financial matters; • Private Healthcare Cover – This is provided as standard to all Waterston employees; • Dental Scheme; • Eye tests & glasses; • Life Assurance Cover; • Unlimited Annual Leave to support a positive work/life balance; • Family Friendly Leave – We operate a flexible approach to all types of family leave including maternity, paternity, adoption or shared parental leave.; • Flexible Working – We’re proud to operate flexible and agile working as the norm; • Life Assurance; • Company Sick Pay; • Free Fruit & Snacks; • Annual season ticket loan

Pricing

• Price: £875 to £1,875 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tender@waterstons.com. Tell them what format you need. It will help if you say what assistive technology you use.