Bridewell Consulting Limited

Security Assessment

Identification and evaluation of security weaknesses to help prevent security incidents
Bridewell has extensive experience in the assessment of security controls and the design and implementation of mitigations. With a focus on security threats, Bridewell will support you in understanding your security landscape.

Features

• Experienced highly qualified consultants
• Defined and tested methodologies
• Low overheads
• Understanding of modern cyber security threats
• Pragmatic Control Review and Selection Advice
• Plain English

Benefits

• Effective Risk Management and Controls
• High Value Data/Assets Secured
• Reduction in Security Events
• High quality work
• Cost effective and scalable
• Fast and flexible service
• Proven repeatable process
• Enhance reputation and trustworthiness
• Benchmark to measure the success of security programs

£500 to £1,600 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@bridewell.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

755592619109878

Contact

Anthony Young
03303 110 940
frameworks@bridewell.com

Planning

• Planning service: Yes
• How the planning service works: Bridewell's professionals have many years experience of working with cloud hosting and cloud software ensuring most effective security controls are in place to reduce risk of cyber breaches.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Bridewell consultants have a number of years experience of ensuring data is securely migrated to the cloud. Our consultants are experienced in a wide range of cloud solutions covering AWS, Azure, Google and other well known cloud products.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Other
• Other security testing certifications: Individual GIAC certs

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday to Friday 9:00 - 17:00 email support is available.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Telephone, email and onsite support as required.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SNR Certification UK Ltd
• ISO/IEC 27001 accreditation date: 10/01/2023, valid until 27/11/2025
• What the ISO/IEC 27001 doesn’t cover: Our current scope covers Business Management System (BMS) includes our ISMS and QMS implementation. It covers the delivery and support functions that underpin our services across Managed Security Services, Penetration Testing, Cyber Security and Data Privacy.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CREST SOC, Penetration Testing, and Vulnerability Management
  • CREST - ASSURE Cyber Audit Company IASME
  • ISO 27001, 27701 and 9001
  • PCI QSAC (EU and US)
  • SOC2 Type I
  • NCSC Certificate for Risk Assessment, Risk Management and Audit&Review
  • NCSC Security Architecture and Penetration Testing
  • NCSC Cyber Incident Response Level 2 and Cyber Incident Exercising
  • Microsoft Verified Extended Detection and Response Solution Provider
  • Microsoft Certified Security Solution Partner (Cloud Security and Threat Protection)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Bridewell has taken significant steps to promote sustainability and reduce our carbon footprint. We have moved to renewable energy sources, planted thousands of trees, and decarbonised our supply chain.; Bridewell is keen to be a leading business in the security industry demonstrating that being green is the way forward. We are currently a net zero company, offsetting all our carbon emissions of both our employees and their households. Alongside this we ensure our suppliers operate in a sustainable manner and where possible our offices are powered from renewable sources.; Bridewell believes fighting climate change benefits ourselves operationally, as well as our employees, shareholders and the wider community. As Bridewell expands we shall continue to closely monitor our EMS in accordance with the ISO 14001 standard, and increase initiatives to improve the environmental impact, in line with our Environmental Policy. We’re also looking at initiatives to help our people transition to electric vehicles, as well as to incentivise and encourage them to move to green energy suppliers.

  Covid-19 recovery

  Bridewell takes the health and recovery of our employees and clients incredibly seriously. We established numerous preventative measures, including working from home which continues to this day. Bridewell has worked closely with employees unfortunate enough to contract the virus, to ensure their return to work is as smooth as possible, with support in place for those who have experienced long covid.; Bridewell has a strong business continuity plan and continuity strategy to ensure we are prepared for incidents such as high levels of sickness, and have continued to recruit through the pandemic. We have invested heavily in reskilling individuals from other sectors, adding value to the cyber security industry, as well as supported a number of companies, that have been leading the way in the COVID 19 recovery, through our security services.

  Tackling economic inequality

  In Bridewell we are committed to ensuring a working environment that is accessible to all. We have a number of initiatives in place in terms of building early career enhancements and social mobility assurance. We hire people from all areas and backgrounds in the UK, and ensure that a number of people from economically disadvantaged areas are gaining access to our training programmes, allowing them the opportunity to build a successful career in cyber security.; We currently work with numerous schools and 6th form colleges around the UK and Ireland to provide opportunities for early career students that may not have otherwise had the chance to study at 3rd level or work within the Cyber Security industries.; ; As an example:; We currently work in partnership with Cyber Colleges Cymru as part of an initiative to find local talent for our customers based in Wales, we have also based our SOC in Cardiff to further support this. Cyber Colleges Cymru is a collective of four 6th form colleges located in a number of remote parts of Wales. Students from these areas may not have previously had the facilities or support to continue with further education. We run training days, immersive lab talks around the cyber modules they are studying, Capture the Flag Days, and bring Cyber to life giving the students a true understanding of what it would be like to work within a Cyber company and the roles they are capable of fulfilling. Our engagement also spans to working in partnership with University of South Wales, where we provide Apprenticeship Degree programmes for these students when they complete their college certifications/A Levels/equivalent.

  Equal opportunity

  Bridewell is an equal opportunity employer and, as part of the Equality Act 2010, treats everyone equally irrespective of; sex, sexual orientation, gender reassignment, marital or civil partnership status, pregnancy or maternity, age, disability, ethnicity, race, nationality, national origin, religion or belief. We have a number of systems in place to ensure people have the same opportunities across the company and place an obligation upon all staff to respect and act in accordance with our policy.; In Bridewell we strive to be fully inclusive supporting a diverse range of employees from varying socio economic and diverse backgrounds within our organisation. We work in partnership with the NCSC, CyberFirst, SheLeadsTech, regularly delivering talks encouraging and educating students on the different pathways into the cyber industry. We also work with schools all over the UK speaking at work experience and STEM conferences/talks to encourage all genders to work in IT.; We know that by having a hugely diverse company we can provide the best cyber security services for our customers.

  Wellbeing

  Bridewell aims to create and promote a culture based on trust, support and mutual respect within the workplace, where employees are able to talk openly about their job and mental health problems and to report difficulties without fear of discrimination or reprisal. Mental health problems can affect anyone regardless of their position and our policy applies equally to all employees.; We have certified mental health first aiders within Bridewell who can provide non-judgemental and confidential support in the first instance and guidance workplace counsellors and specialists who can help further should it be needed.; Bridewell also provides private health insurance for all of our employees and their families, and external support such as weekly yoga sessions.

Pricing

• Price: £500 to £1,600 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@bridewell.com. Tell them what format you need. It will help if you say what assistive technology you use.