PGI - PROTECTION GROUP INTERNATIONAL LTD.

Phishing Vulnerability Assessments

PGI has developed a Phishing vulnerability assessment that will measure the current cyber awareness of your workforce, and deliver targeted training to reduce the organisation's risk of exposure to this type of attack.

Features

• Bespoke template creation for your organisation
• Comprehensive reporting and campaign metrics
• Geographical location of the user opening the email
• Determine out of date browsers / plugins
• Can monitor who completes follow up training

Benefits

• Can promote a positive security culture
• Highlights exposure to phishing attacks
• Helps educate staff with bite sized videos
• Identify potentially vulnerable users

£750 to £1,000 an instance a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@pgitl.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

807443293923884

Contact

Mike Tipson
020 4566 6600
bidteam@pgitl.com

Planning

• Planning service: Yes
• How the planning service works: We work closely with you to understand your requirements, then develop a programme that meets your organisation's needs in an appropriate timescale.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: PGI’s Information Assurance Team, in conjunction with our operational red and blue teams, provides training relating to Cyber Security Awareness (1 day) and Cyber Security Fundamentals (2 days). ; ; Our experienced consultants provide real life scenarios and demonstrations covering a range of information security topics, including phishing. The courses delve into the threat actors and their motivations for launching phishing attacks, and also look at how organisations can help protect themselves through continued vigilance and education. These courses do not only cover phishing, but all aspects of Information Security. However, bespoke courses or one-to-one training for users could be developed if required. ; ; PGI’s operational trainers are qualified, relied upon and have worked for organisations in critical national infrastructure, government, corporate, charity and small-to-medium enterprises to help restore their systems which adds significant value to delivery of training, contextualised through real-life scenarios.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: PGI's Security Consultants use a simulation approach or ‘ethical attack’, to carry out a controlled phishing campaign over a duration agreed with you.; ; We use various techniques to uncover dangerous behavior taken by users that may result in disclosing passwords, user information, and other confidential data held by your organisation. The degree of email authenticity can be tailored, showing your employees just how convincing some phishing attempts can be.; ; By understanding your organisation’s security posture, you can make informed decisions on effective investment in education and technology, as well as improving your organisation’s level of security and awareness. This allows you to maximise the return of your cyber security budget, delivering demonstrable impact.; ; PGI's consultants will monitor and report on the following metrics throughout the exercise:; Opened phishing emails and malicious links clicked/ attachments downloaded.; Geographical location of the user opening the email to identify access in non-typical locations.; Out-of-date browsers and plugins, identifying vulnerable users.; Users who have opened a phishing emails but have failed to complete follow-up training.; Reductions in the number of successful phishing emails.; Reporting: At the end of the campaign, PGI’s experts will generate a comprehensive report providing an analysis of current cyber risk profile.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: CREST

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by a third-party organisation
• How the support service works: PGI's consultants would work with you to ensure that appropriate training is provided to staff on a regular basis, with repeated phishing assessments carried out to identify potential areas for improved awareness and guidance. This could be on a regular or ad-hoc basis.

Service scope

• Service constraints: PGI have no constraints on the services we provide. Work can be carried out on site or remotely, depending on client requirements.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Responses will normally be within one working day, unless in the middle of an incident / project when response times will usually be quicker. Weekend response times may be different, depending on contractual requirements.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Support levels would be agreed on a project by project basis. Cost for support will be determined based on client requirements. Typically each client will be assigned a lead contact, who may be one of PGI's consultants or may be part of the sales team. This will depend on the nature of the project being undertaken.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 28/04/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: CREST

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  PGI is an equal opportunity employer, with a strong focus on Diversity, Equity and Inclusion.

  Wellbeing

  PGI provides staff with support across mental and physical health.

Pricing

• Price: £750 to £1,000 an instance a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@pgitl.com. Tell them what format you need. It will help if you say what assistive technology you use.