Thales UK Ltd

Secure by Design

As authors of the MoD DefStan for Secure by Design (SbD), Thales have extensive experience and expertise advising customers on the integration of the Secure by Design principles and adaption of Cyber Security Management Systems. Our integration service, product, or solution facilitates the transformation to embed a cyber-security culture.

Features

• Left shift of cyber security
• Through life risk management
• Continuous assurance of security posture
• Integration of cyber security and safety
• Assessment and maturity journey towards cyber security resiliency
• Embedded security into design, removing consequences of “bolt on security”
• Scalable, repeatable, methodical and systematic approach to security
• Principles and objectives based application of cyber resiliency.
• Traceable to standards and regulations.
• Framework assimilates into BAU end-to-end, including supply chain.

Benefits

• Left shift to find risks earlier
• Protect customer, product and your reputation throughout product life
• Continuous risk management for better reaction to threats
• Translate technical risks into business risks, improved contextual risk knowledge
• Maturity growth of product, service and solutions, meeting government requirements
• Better integration of your customers’ true security needs
• Reduce design cost, evidence based control inclusion only as required
• Proactive risk management and link to SOC
• Evidence based approach to business reasoning of cyber inclusion
• Better communication to suppliers of your threats and fears

£650 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at fcmo@uk.thalesgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

827172744607865

Contact

Phaedra Warnes
07974 011385
fcmo@uk.thalesgroup.com

Planning

• Planning service: Yes
• How the planning service works: The essence of “Secure by Design” is managing the risks through the entire lifecycle and supply chain of your product, service or solution. The Thales Secure by Design service and products help you capture and define the threats and risks earlier in the design, implementation and execution of your product, service or solution. Addressing the risks earlier in the life cycle reduces costs through removal of rework, managing change when change is less impactful and integrating the decision behind risk treatment through the full business stack and governance.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Through understanding the risks and threats to your product when moving to the cloud, you can clearly define what to look for and how to mitigate where appropriate.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security incident management

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: None

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: N/a

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 22 November 2023
• What the ISO/IEC 27001 doesn’t cover: The Thales UK Secure Connectivity Services (SCS) Information Security Management System (ISMS) incorporates the people, processes and technologies supporting a portfolio of network services.; The services include the Thales SCS; PSN Connectivity for DNSP and PSNSP services, PSN Gateways services, Secure & PSN Remote Access Services, PSN IPED, Secure Connectivity Services, Cybels Authenticate, Cybels Vigilance, NOC Services and secure hosting. In accordance with SOA ver 7.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  Thales UK has a clear focus on fighting climate change. Thales has set itself a target of becoming a Carbon Net Zero company by 2030, powered by cleaner energy used more efficiently at our sites and for our business, with renewable energy supplies. ; ; There are several strategies that Thales and our Cyber offerings implement to fight climate change, including:; ; 1) Sustainable future. Thales has put fighting climate change at the centre of its strategy, highlighted by the fact that tackling climate change is one of the 4 Thales strategic pillars. Thales Cyber security and consultancy offerings have enabled companies to develop secure and sustainable products, prevent product recalls, learn digital lessons and reduce rework that go towards meeting their strategic sustainability objectives and tackle climate change.; ; 2) Travel reduction. Thales has introduced a Smart Working model to reduce the travelling required by the workforce. One pillar of this is arranging virtual meetings with Customers, Stakeholders and interested parties. Thales has also deployed numerous tools to enable Thales UK to effectively operate via remote / smart working. It is expected that meetings under G-Cloud could implement this methodology to offer the same benefits to the customer. Our Cyber Security Consultants, including those specialising in Cyber Security Management have championed this approach for several years, reducing the need for Thales and customers to travel to physical meetings.; ; 3) Carbon reduction. Thales strives to implement carbon reduction, through a series of targets to reduce carbon emissions annually. Smart working, championed by our Cyber Security Consultants and offerings has been a key enabler of this strategy. Additionally, services enabling secure collaboration mean that businesses do not need to procure additional new hardware, thereby having a positive environmental impact.

  Tackling economic inequality

  For the theme of “Tackling Economic Inequality” Thales’s methodology centres on a number of Sub themes these included: Levelling up, Increasing productivity and Education & Training.; Levelling up - Geographical Challenges; ; Thales is committed to the UK prosperity as a whole and drives economic activity in all parts of the country. In 2020, Thales supported over 25,400 jobs in the economy, driving growth in all four nations of the UK.; ; Thales works with local government and institutions to provide opportunities for local people and to support redevelopment of deprived parts of the UK. A recent example includes:; Investing in Wales - In partnership with Blaenau Gwent Council, the Welsh Assembly and the University of South Wales, Thales established a £20m National Digital Exploitation Centre in EbbwVale. It’s generating new jobs in high-demand and high-skill areas for a region that has suffered from economic inequality. ; ; Education and Training: Thales is committed to the professional development of the contract workforce and provides access to learning opportunities to ensure employees have knowledge and skills to keep up with the pace of technological change. ; ; Thales has an established early careers programme that attracts both apprentices and graduates (A&G) from a diverse background. In 2023 we hired 154 A&G colleagues, with a 2025 objective of at least 10% of all new hires to be graduates/apprentices.; Where appropriate due to Security Aspects, Thales will enable A&Gs to work alongside projects teams to learn ‘on the job’ and gain valuable insights beyond academic lessons. ; ; School STEM Workshops. Careers Fairs & Volunteering: Thales has an established partnership with the Smallpeice Trust to deliver STEM and careers workshops to members of underrepresented groups in schools/colleges serving disadvantaged communities. ; ; All employees benefit from 24 hours yearly allowance for volunteering.

  Wellbeing

  Thales considers the health and wellbeing of our people to be fundamental to our success as a business. We have a well-established health and wellbeing (H&W) support provision, which has enabled us to rapidly provide critical support to our employees where and when it is needed most. ; In 2017, Thales signed the Time to Change pledge, publically stating our commitment to changing the way we think and talk about mental health in the workplace. We have trained 200+ of our people in Mental Health First Aid, a network of supporters who can recognise the early signs of mental ill health, listen whilst assessing for crisis, and provide information. ; Help @ Hand; Thales provides every employee & their families access to an Employee Assistance Programme - A 24/7 helpline for in the moment emotional and practical support, or signposting onward resources, such as healthcare or local assistance. ; In 2021 Thales developed a ways of working model to support and equip teams, individuals & people managers with resources and frameworks to promote our hybrid ways of working following the pandemic, the framework will promote a culture of wellbeing and psychological safety for teams to work effectively within the new working culture.; Sustained & continued support; Thales also has a dedicated Employee Relations team to provide specific and tailored interventions. Thales will work alongside Occupational Health, H&W providers and rehab services to establish adjustments and tailored programmes to enable employees to return to work in the manner that is safest for them.; Thales will track and monitor working patterns to ensure that all hours worked are booked in the ERP Systems to actively monitor loading on individuals so that individuals maintain a healthy work/life balance. Any significant deviations from the norm will be raised in sprint planning reviews to inform resource balancing actions.

Pricing

• Price: £650 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at fcmo@uk.thalesgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.