Incident Response Readiness Planning
NCC Group Incident Response Readiness Planning services help organisations achieve improved incident response through maturity gap assessment, development of incident response policies and procedures, incident playbooks and run books. In addition to the provision of organisational training to improve resilience and the ability to respond to cyber-attacks.
Features
- Incident response healthcheck against ISO27035 standard
- Incident response healthcheck against NIST SP800-62 standard
- Incident response healthcheck against CREST Maturity model
- Incident response governance
- Incident response policy documentation creation
- Incident response plan/procedure documentation creation
- Incident response playbook/runbook documentation creation
- Presentation of maturity in RAG format
- Incident response templates
- Incident response management and reporting
Benefits
- Improves maturity of incident response capability
- Improves awareness of incident management within the organization
- Assists internal IT teams with responding to cyber security incidents
- Improves stakeholders collaboration to respond to and resolve incidents
- Provides repeatable processes for incident response handling
- Ensure cyber incident and breaches are correctly reported
- Ensures incident root cause analysis is completed
- Provides alignment to industry incident response models
- Significantly reduce potential cost and impact from security incidents
- Highly experienced advice and assurance
Pricing
£1,400 a person a day
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 3 8 9 8 8 3 1 2 5 4 6 8 0 7
Contact
NCC GROUP SECURITY SERVICES LIMITED
Karen Fryatt
Telephone: 07717800461
Email: tenders@nccgroup.com
Planning
- Planning service
- No
Training
- Training service provided
- No
Setup and migration
- Setup or migration service available
- No
Quality assurance and performance testing
- Quality assurance and performance testing service
- No
Security testing
- Security services
- Yes
- Security services type
- Security incident management
Ongoing support
- Ongoing support service
- No
Service scope
- Service constraints
- No
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 9 to 5 (UK time), Monday to Friday
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Support levels
- Please see details on the service levels within the service definition document.
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- LRQA
- ISO/IEC 27001 accreditation date
- 07/12/2023
- What the ISO/IEC 27001 doesn’t cover
- None - All requirements of the ISO27001 certification is covered across all of our UK sites, services and personnel
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- ISO 9001:2015
- Cyber Incident Response (CIR)
- PCI Approved Scan Vendors/PCI Qualified Security Assessor
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
We are at the early stages of our sustainability journey and over the past few years have been building capability internally and undertook our first materiality assessment in early 2023. Insights from this assessment formed the basis of our new sustainability strategy, which has also been developed to align with our new business strategy. We have identified the following key ‘Action on Climate’ areas: • Greenhouse gas emissions • Product Innovation and impact • Opportunities in clean tech • Energy Management Our Future and Ambition - Our ambition is to set credible science-based targets that enable us to define how we will achieve net zero emissions before 2050. In the year ahead to continue the journey toward our net zero ambition our focus is on: • Enhancing our Scope 3 emissions by reporting on Purchased Goods and Services, and colleague commuting. • Identifying opportunities to transition to renewable energy sources for our leased office buildings and data centres. • Procuring a new travel tool, which improves how we book (lower carbon options) travel and report on the subsequent emissions. • Launching our new colleague engagement climate change programme, helping to educate and embed conscious decision making at every level of the organisation NCC Group as a business has signed up to the Carbon Disclosure Project to make it easier for our clients to understand and account for our emissions as part of the services we offer, but also to enable us to gather our significant supplier emissions. Our first report is due early in 2024 from the submission we made in July 2023. Having already reduced our carbon footprint by 4.6% per employee, we will continue with decarbonising our business in support of our net zero transition.Covid-19 recovery
Our priorities since the start of the pandemic are colleagues welfare and customer safety and we have successfully managed our business through this time of uncertainty. Homeworking and Cyber Protection We have a demonstrable track record of successful remote working for both back-office functions and client delivery. We were quickly able to switch to remote working at the start of the pandemic in March 2020 and our colleagues have continued to work successfully from home, delivering remote client services, and have maintained hybrid working practices. As restrictions have eased and life has begun to return to ‘normal’ we have kept our flexible, hybrid working arrangements. Supporting the Workforce During the covid pandemic we created employment for over 200 front-line technical specialists, which increased our global net headcount by 8.1%. We did not furlough colleagues and implemented a range of services to care for their mental and physical wellbeing to ease burden on the NHS by taking care of our colleagues. Supporting Customers Due the nature of our business the majority of our services can be delivered remotely. We also provided advice and guidance to customers with practical solutions to protect their operations and continued to invest in our service offerings to support short-term and longer-term needs in preparing for the emerging future, post pandemic. In total during 2021 and 2022 we invested 4,841 days on technical security research, which contributed significantly to conference presentations, vulnerability advisories, research papers, blog posts and open-source tools being released.Tackling economic inequality
We play an active role supporting regional ecosystems, including the UK cyber clusters identified in the UK Government’s recent Levelling Up White Paper. For example, in Greater Manchester we have supported the GM Cyber Resilience Centre and engaged with Manchester’s investment promotion agency MIDAS. And, in the Cyber Valley (Cheltenham), we are an active member of the CyNam networking and collaboration community, supporting joint CyberFirst Schools-CyNam initiatives like the CyberTV channel for aspiring cyber professionals. To develop the pipeline of next generation cyber consultants we engage with local schools, colleges and universities to help open opportunities for careers in cyber security for all. We continue to work with specific Universities and FE establishments, which specialise in relevant courses, and have contributed, to the SQA's development of specific curricular activity. We are closely involved in the selection of the GCHQ’s Academic Centre of Excellence (ACE) universities and support their continued expansion with lectures and presentations. We also support GCHQ’s CyberFirst Girls Competition in a bid to encourage young women to consider cyber security as a career. We hire talent that is representative of society providing an internal training programme that supports return-to-work, career change, Service leavers and others to develop cyber skills based on aptitude not pre-existing skills. We then invest in our team by supporting personal research and continuous skills development into their scheduled work. We also pay for their attendance at international tier 1 security conferences to present their research. We created a Women’s International Network to complement a positive environment for women in the workplace while actively supporting colleague resource groups providing equality, diversity, inclusion, support and advice as mentioned above that helps us ensure that we are an attractive and fair employer for all.Equal opportunity
NCC Group is committed to providing equality of opportunity to all colleagues without discrimination and applies fair and equitable employment policies which seek to promote entry into and progression within the Group. Appointments are determined solely by application of job criteria, personal ability, behaviour, and competency. Our annual report provides statistics of our workforce diversity and is measured and updated on a regular basis. Colleague resource groups We continue to create an environment where all colleagues feel psychologically, emotionally, and physically safe to be authentic, representative of the diversity of the world they live in, share their personal experiences and have equal opportunities to achieve. Our inclusion and diversity plan underpins our growth strategy and continues to evolve as our voluntary colleague resource groups, established in 2020, embed into our way of life at NCC. In addition to resource groups for our four focus areas: Gender, LGBTQIA+, Neurodiversity and Race and Ethnicity, we have welcomed the formation of new groups for Accessibility, Climate Change and Giving Back. The Women’s International Network The Women’s International Network is complementary to our colleague resource groups and is designed to: • Create a safe space for women to be themselves • Inspire development of and attract more women to NCC Group The network is for those who identify as women and who are passionate about making NCC Group an even greater place to work. Connecting globally via Teams, the network is divided into local chapters led by senior women to ensure we have sponsorship at the highest level. Over the past financial year, we saw the establishment of a Breast-Feeding Support Group, the launch of our Menopause Library and Support Group, and a month-long International Women’s Day campaign, bringing colleagues together in our local offices as well as virtual events.Wellbeing
NCC are firmly committed to the following health and well-being pillars. Mental wellbeing - A network of trained Mental Health First Aiders, providing support to colleagues, complementing the Employee Assistance Programmes in place. Managers are offered training in mental health awareness, throughout the year we run various campaigns ensuring it’s okay to talk about mental health. Physical wellbeing - We embrace hybrid working practices and colleagues are supported financially to set up homeworking. We launched a salary sacrifice benefit – Holiday Buy Scheme – enabling colleagues to purchase up to five additional days off. Additionally, long-service colleagues received additional days off added to their annual allowance with the first milestone for an additional day being four years. Financial wellbeing - Our UK financial wellbeing programme included introducing new mortgage broker benefits and free one-to-one pension adviser meetings as. We launched Perkbox, a global discounts and perks app which also includes access to a wellbeing hub. Diversity and inclusion - We have created an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing personal experiences and have equal opportunities to achieve, and that is representative of the diversity of the world they live in. In 2020 we established our colleague resource groups in support of our four focus areas: Gender, LGBTQIA+, Neurodiversity, and Race and Ethnicity, and in 2022 we launched an Accessibility group. Each of the groups has a people team partner who supports it in running engagement activities, enabling change.
Pricing
- Price
- £1,400 a person a day
- Discount for educational organisations
- No