Think Cyber Security

Redflags® Real-time Security Awareness

Redflags® from ThinkCyber is a behavioural risk solution that diverts people away from high-risk activity, in the moment, to deliver a measurable reduction in operational risk . By uniquely applying behavioural and learning science to create ongoing, contextual security awareness Redflags delivers meaningful outcomes for its clients.

Features

• Realtime, desktop nudges alerting users to possible risky actions
• Reminders only delivered when relevant applications in use
• Brief and digestible content to keep engagement rates high
• Ability to click through to detailed content for further education
• Rollout a wide range of Out-of the Box campaigns
• Deliver focussed campaigns targeting high risk users
• Deliver real-time security alerts to the desktop during an incident
• Dashboards showing engagement, content dwell times, click throughs, Q&A
• Adapt campaigns according to behaviour based metrics
• NCSC-accredited content

Benefits

• Measure reduced operational risk: divert users away from risky behaviour
• Reduced user impact: drip-feed low-friction, engaging content
• Greater knowledge retention: campaigns are real-time and contextualised
• Increased visibility of risky behaviours: Easy to understand metrics
• Measurement of engagement: Baseline behaviours with/out interventions
• Always up-to-date: Continually refreshed campaign content
• Reach everyone: Change online behaviours across all users
• Quick and easy deployment: No AD or Outlook dependencies

£1.80 to £48 a person a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tim.ward@thinkcyber.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

322657327903826

Contact

Tim Ward
0203 151 8045
tim.ward@thinkcyber.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements: Client supports.Net Framework 3.5+ (Windows 7, 10)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Direct support not required by users.; Support provided to IT / IT security Product Owners; 48 hours
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Customers can contact our support services via our help desk email address support@thinkcyber.co.uk. ; ; Contact automatically creates a support ticket, which is then allocated to the relevant support team to progress. ; ; ThinkCyber will aim to provide initial confirmation of receipt targeted within 60 minutes.; ; Feedback / query response targeted within 48 hours.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: 1) Onboarding kick off to agree scope of product use and any customisation requirements; 2) Campaign and content design phase if procured; 3) Issue installer for IT team review, deployment and connectivity configuration; 4) Advice and guidance for managed roll out by IT team; 5) Agree content go live; 6) Commence measurement and reporting aspects of service
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Reports on engagement are available on a monthly basis.; Full exports of raw engagement data can be issued on request.
• End-of-contract process: Delivery and display of awareness content will cease at the end of the contract. Content can be continued on renewal.; ; Reports will remain available for 30 days at end of contract. ; ; Customers are requested to uninstall the software application from client machines.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Reports are accessible from our Redflags Portal allowing client administrators to view staff engagement with Redflags® stories and nudges, including dwell times, click throughs to more information and answers to any questions. Where users have been nudged for a specific behaviour, the number of nudges per user and their engagement with delivered content will be included in reports, offering a measure of risky behaviours.; ; Content is curated by ThinkCyber administrators to client requirements.
• Accessibility standards: None or don’t know
• Description of accessibility: Service interface used solely by client support teams. Uses standard email tooling.
• Accessibility testing: None
• API: No
• Customisation available: Yes
• Description of customisation: Bespoke services are available to use the RedFlags® framework to deliver customer content and branding through each of the delivery mechanisms available:; ; RedFlags® Phishing Threat Awareness: Customer sourced phishing examples integrated into syllabus by ThinkCyber where appropriate – as part of the service.; ; RedFlags® Alerts: Customer sourced alerts. Customised by the customer as part of the service.; ; RedFlags® Security Stories: Customer own content and branding. Customised as a chargeable service by ThinkCyber.; ; RedFlags® Behaviour Change Triggers: Campaign design / customer content and branding. Customised as a chargeable service by ThinkCyber.

Scaling

• Independence of resources: Our service will scale if user demands exceed processing capacity.

Analytics

• Service usage metrics: Yes
• Metrics types: Across all of the RedFlags™ toolkit, your security awareness team gains visibility of engagement, dwell times on content, click-throughs and answers to questions per user and in aggregate. These are accessible through the Redflags™ portal.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Reports on engagement are issued on a monthly basis.; Raw engagement data can be issued on request.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: No data upload required

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Content is pushed down to clients removing dependencies on external services for delivery of the service.; ; Content servers reside in Amazon Web Services (AWS). ; AWS use commercially reasonable efforts to make the Included Services each available for each AWS region with a Monthly Uptime Percentage of at least 99.99.
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Other
• Other user authentication: Users access service through logging into corporate desktop. Application access to content secured via client certification authentication, and certificate pinning.; Reporting portal access requires 2FA.
• Access restrictions in management interfaces and support channels: Access to management interfaces is restricted to individual (fully qualified) IP addresses.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Other
• Description of management access authentication: Management access is authenticated via username and (strong) password. Access to management interfaces is restricted to individual (fully qualified) IP addresses.; Access to server configurations requires 2FA

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: IASME Governance Standard

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials.; Cyber Essentials Plus.; IASME Governance Standard; Our governance processes align with the IASME governance standard.
• Information security policies and processes: Information Security governance is owned at Company Board level. Our overall approach is driven by a combination of risk- and compliance-oriented factors. ; ; We define our own information security policies and processes, aligned with Cyber Essentials and the IASME governance standard.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Tight control to smallest possible number of administrators who can change configuration.; All software products are stored and managed in a version control / software configuration management toolkit. ; Deployments are run through a testing process before release.; Major changes/releases are agreed by a Change Advisory Board.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Proactive patch monitoring and rollout. Periodic vulnerability scanning/penetration testing, including on new releases. Remediation of all Critical/High/Medium vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monthly assessment of available log data to identify a defined set of anomalies.
• Incident management type: Supplier-defined controls
• Incident management approach: Recording of incidents in an incident log, and reporting to board level. Incidents involving personal data to be handled in accordance with GDPR requirements.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  We have recently sponsored a Women in Cyber Event as we have a strong cultural approach to equal opportunities with the cyber/tech space. ; We also pride ourselves on employing staff in line with equality of opportunity across the company.; We also have staff who volunteer within the STEM network to provide mentoring and discussion with the next generation of cyber/tech workforce across all economic and socially diverse backgrounds.

  Wellbeing

  We are currently working on enacting a number of wellbeing initiatives and benefits for staff within our organisation.

Pricing

• Price: £1.80 to £48 a person a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 4 week trial demonstrating Redflags®; Demonstrating Security Stories, Reminders, Real-time nudges and reporting.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tim.ward@thinkcyber.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.