Cyberfort Ltd

Cyber Security Services and Support

Our Cyber Security Services and Support service provides a set of security services delivering; Secure by Design to ensure risk is designed out at earliest stages, Security Resilience to enhance security resilience of your services, and Government Strategy alignment for compliance with HMG Cyber Security Strategy and Security Policy Framework.

Features

• Expert, business-aware Cybersecurity support, onpremise or offprem
• Agile extension of in-house Client Cyber Security teams
• Consistency underpinning Cybersecurity stages from concept to protective monitoring
• Ensure identified assets are secure and with NCSC-approved architecture patterns
• Assure all evolving ICT services and assets are identified
• Deliver Information Assurance Assessments aligned with standards and best practices
• Assess and evaluate solutions
• Effective risk countermeasures by developing risk assessment and management plans
• Compliance review against HM Government standards and NCSC best-practices
• Third-party supplier Information Assurance review

Benefits

• Ongoing Cyber resilience and incident response management
• Holistic, clear-to-understand evidence of conformance with risk policies and controls
• “Peace of mind” and visibility of risk at board-level
• Efficient access to expert resources when needed
• Upskilling, mentoring and training
• Helping to drive culture change
• Build on previous investments by ensuring ongoing assurance and compliance

£250 to £1,150 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidmanagement@cyberfortgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

552033982168290

Contact

Cyberfort Bid Team
01635 015600
bidmanagement@cyberfortgroup.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Managed MDR
  • Managed Vulnerability Management
  • Penetration Testing (ITHC)
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • CompTIA Sec +
  • CompTIA Net +
  • CompTIA CySA +
  • IASME CE Assessor
  • IASME CE+ Assessor
  • Offensive Security Certified Professional (OSCP)
  • Certified Cyber Investigator (CCI)

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No constraints

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Cyberfort’s Service Desk operates 24/7/365 and is the primary point of contact, undertaking initial triaging of any service requests, incidents, or events directly with the client. ; A ticket number is issued with an initial response within 15-minutes of logging a query. ; Resolution time goals will be calculated in accordance with a priority matrix.; Please refer to our Service Definition, for more details on our service response times and commitments. ; A ticket number will be issued with an initial response within the first 15 minutes of logging a query and resolution times will be subject to the priority rating assigned.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: Cyberfort’s service management model is designed to meet ISO 9001 and ISO 27001 guidelines and has been established in alignment with ITILv3 service management processes. ; ; We recognise that to support your business operational requirements we need to have in place the right team structure, governance and engagement processes. ; ; Our Standard Operating Procedures includes:; • Cyberfort’s Service Desk operates 24 hours a day 365 days a year and is primary point of contact for any incidents, requests or escalations.; • The Cyberfort Service Desk team will proactively manage all support calls to resolution, escalating incidents and problems in line with comprehensive operational level agreements, service level agreements and any third-party underpinning contracts.; • We place significant importance on the support and service management function that is provided for each contract according to operational requirements. ; • This is integrated into contracts and built into the price.; • Ongoing support and management will be led by a dedicated Account Manager supported by Service Delivery Manager, Technical Champion, and our team of specialists and subject matter experts.; ; Please refer to our Service Definition, for more details on our service management and commitments.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: Current certification accredited: 15/04/2024-17/04/2024
• What the ISO/IEC 27001 doesn’t cover: Cyberfort was first registered to ISO27001 in August 2019. At our recertification audit in 2023, there were no nonconformities or observations. 2024 Continual assessment visit resulted in no nonconformities or observations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: 2 Sec Consulting
• PCI DSS accreditation date: Current certification accredited on: 09/10/2023
• What the PCI DSS doesn’t cover: Requirement 3 Requirement 4 Appendix A1 Appendix A2
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • NHS Data Security and Protection Toolkit
  • NCSC IT Health - CHECK Service Provider
  • NCSC Assured Cybersecurity Consultancy - Risk Assessment/Management, Audit & Review
  • CREST Cyber Incident Response, Vulnerability Assessment & Penetration Testing

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Cyberfort support and act on fighting climate change through our Environmental Management System (EMS) which meets the requirements of our ISO:14001 certification. We have initiated programs designed to increase the energy efficiency of our operations, reduce waste, and protect the environment in communities where we work. Our environmental goals and achievements are published in our Carbon Reduction Plan (CRP), which is aligned to the requirements of CCS PPN 06/21. ; Our social value strategy addresses MAC 4.1 & 4.2 with the following commitments: ; Effective stewardship of the environment; We are committed to become a net-zero and environmentally conscious company by conserving energy, minimising consumption, reducing, and preferring low pollution materials, maximising environmental efficiency, whilst ensuring waste is managed and controlled. ; We support our environmental targets with the following initiatives: ; • Continue to reduce our carbon emissions, including 100% renewable energy, power saving modes, light replacement programmes, hybrid/remote working and cycle to work incentives. ; • Reduce water consumption, including water filter systems off the mains instead of using water providers, consider Water Butts around site as an alternative for gardening, and detection of increased water consumption to identify any leaks in facilities. ; • Adopt strategies to promote, reuse, recycle, recover energy and disposal of waste sent to landfill, including initiatives to reduce our plastic waste and targets for recycling of waste. ; • Deliver initiatives to support our environments, ensuring that we are protecting and encouraging native plants and wildlife. We’ve already introduced a small flock of sheep to our Ash site to help make our site more environmentally friendly, and at our Newbury site we limit operations to specific times to ensure protection of nightjars which is a protected wildlife species. ; • Consider who we purchase goods and services from ensuring providers are targeting net-zero initiatives and offer sustainable product and services.

  Covid-19 recovery

  Cyberfort support and act on Covid-19 recovery by encompassing initiatives that force for positive change. We have aligned the activities of our business by considering sustainability through the decisions we make as a business, including the way we operate, employ staff, engage with communities, and procure products and services, allowing us to cultivate a more sustainable, resilient, and inclusive society.; Our social value strategy addresses MAC 1.1, 1.3, 1.4 & 1.5 with the following commitments: ; Help local communities to manage and recover from the impact of COVID-19; We support Covid-19 recovery with the following initiatives: ; • Throughout the pandemic and to date we’ve maintained a recruitment drive, often offering positions to individuals affected by the impacts of Covid-19 in the industry.; • We upskill people new to Cyber via supporting Apprenticeship schemes.; • We remove any barriers for disadvantaged groups by adjusting our recruitment and selection processes and excluding bias.; • We promote health and wellbeing in the workplace, ensuring all our people have healthy lifestyles, thrive, and that they feel supported with the tools they need from us to be at their best. Including Mental Health First Aiders, confidential, and free-of-charge, support and benefits to all, including counselling and Private Medical Insurance.; • Since the pandemic we recruit fully remote or hybrid working roles, which allows us to tap into wider talent pools and therefore ensure we are accessing the best candidates without any locational barriers. ; • We are committed to working with small, diverse, high-quality business to procure goods and services, structuring our supply chain selection process in a way that ensures fairness and encourages participation by new and growing businesses.

  Tackling economic inequality

  Cyberfort support and act on tackle economic inequality, through supporting new businesses, new employment opportunities and development of new skills. ; Our social value strategy addresses MAC 2.2 & 2.3 with the following commitments: ; Create new businesses, new jobs and new skills; We are committed to ensuring that everyone is given the opportunity to develop in accordance with their ability, ambition and opportunities available, providing recruitment, training, development and progression opportunities to encourage everyone to reach their fullest potential.; We support tackling economic inequality with the following initiatives: ; • Attract, recruit, develop and retain the very best people at all levels.; • Upskill people new to Cyber via supporting Apprenticeship schemes.; • Actively support educational attainment across our workforce, including training to address skills gaps resulting in recognised qualifications.; • Support young people in the development of their passion for technology, introducing them to cybersecurity, and providing initiatives that support schools and colleges. ; Our social value strategy addresses MAC 3.1, 3.4 & 3.5 with the following commitments: ; Increase supply chain resilience and capacity; We are committed to work fairly and responsibly with our supply chain and ensure that we manage and identify cyber security risks. ; We support tackling economic inequality with the following initiatives: ; • Collaborating throughout the supply chain to adopt a fair and responsible approach to working with suppliers and partners.; • Supply chain selection process identifies opportunities to sub-contract with a diverse range of businesses, including new businesses, entrepreneurs, start-ups, SMEs, and VCSEs.; • We have measures within supply chain selection process to mitigate and manage cyber security risks within our supply chain, e.g. including NCSC cyber risk regime and Cyber Essentials/Plus certifications.

  Equal opportunity

  Cyberfort support and act on equal opportunities, fostering an inclusive culture that values people as individuals with diverse opinions, cultures, lifestyles and circumstances. All employees are covered by our Equality, Diversity & Inclusion Policy, which applies to all areas of employment including recruitment, selection, training, deployment, career development, and promotion. ; Our social value strategy addresses MAC 5.1 & 5.2 with the following commitments: ; Reduce the disability employment gap; We support the disability employment gap with the following initiatives: ; • We are signatories of the Armed Forces Covenant.; • We are a Disability Confident Employer and founding members of Neurodiversity in Business. ; • Our recruitment practices ensure we are disarming any barriers people with disabilities may face in the hiring process.; • Developing and supporting people with disabilities in gaining the skills they need to succeed.; Our social value strategy addresses MAC 6.1, 6.2 & 6.3 with the following commitments: ; Tackle workforce inequality; We support the tackling workforce inequality with the following initiatives: ; • Take reasonable and appropriate steps to encourage job applications from as diverse a range of people as possible and recruiting people with an impairment or disability.; • Decisions made relating to a person's promotion or career development must be free from discrimination.; • We provide training, development and progression opportunities to all staff supporting career aspirations. ; • Our Employee Resource Groups include Women’s Network, Inclusion Committee and Neurodivergent Community Group, providing forums for people who have a passion for, or a connection with, a particular aspect of equality, diversity and inclusion.; • Whilst not required under the Modern Slavery Act 2015 to have a policy, we have a zero–tolerance approach and have implemented a modern slavery policy.

  Wellbeing

  Cyberfort support and act on health and wellbeing through our Occupational Health and Safety (OH&S) policy in alignment with our ISO:45001 certification. We actively work on initiatives to promote health and wellbeing in the workplace, ensuring all our people have healthy lifestyles, thrive, and that they feel supported with the tools they need from us to be at their best. ; Our social value strategy addresses MAC 7.1 & 7.2 with the following commitments: ; Ensuring positive physical and mental health in the workforce, ensuring our people have healthy lifestyles.; We support our workforce with the following initiatives: ; • Mental Health First Aiders – We have 9 fully trained Mental Health First Aiders within our workforce. ; • Wellbeing Benefits – we provide confidential, and free-of-charge, support and benefits to all, including confidential counselling and support service available 24/7, 365 days a year and Private Medical Insurance with extra to cover employees for Mental Health support.; • Our Wellbeing Hub (on the Cyberfort SharePoint) provides various resources, self-help tools and guides to help individuals stay well and includes any previous recordings from workshops that have been run. ; Our future goals include: ; • Certified to ISO:45003 standard in 2024, which focuses on the “mental health” and “wellbeing” aspects of health and safety.; • Strengthening our commitments through 6 standards of the Mental Health at Work Commitment in 2024, to ensure that we continue to provide the right support as and when needed.

Pricing

• Price: £250 to £1,150 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidmanagement@cyberfortgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.