Cyberis Limited

Incident Response Retainer

Cyberis provides an incident response retainer service with guaranteed response times. Our Incident Response Team (IRT) will help you manage incidents effectivity and limit damage to your assets and reputation, from first call to resolution. We are CREST accredited under the Cyber Security Incident Response (CSIR) scheme.

Features

• CREST CSIR accredited service
• Remote support via zero-configuration remote VPN device and onsite response
• HMG SC cleared consultants
• Thorough onboarding process with integration project
• IASME Cyber Essentials and Cyber Essentials Plus
• Wide experience in public sector networks, including PSN, HSCN, GSi
• CREST Certified Testers in Applications, Infrastructure and Simulated Attack

Benefits

• Cyber Incident Response retainer with defined SLAs
• Guaranteed access to our IRT when an incident occurs
• End-to-end incident lifecycle coverage
• Unused hours can be used against other scheduled services
• Quarterly retainer review meetings and dedicated account manager
• Complementary incident readiness services are also available
• Services are governed by ISO 9001 and ISO 27001 processes

£1,100 to £1,500 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@cyberis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

853457207648424

Contact

Pre-Sales Team
01684353514‬
info@cyberis.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • GBEST
  • CHECK
  • CREST
  • Cyber Scheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Responses to email enquiries typically within one business day. Response times outside of UK working hours vary.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: We will provide a dedicated account manager. During the 12-month retainer period we will provider quarterly retainer review meetings. This will include reviewing the incidents that we have responded to, discussing any improvements that can be made, and understanding any organisational or process changes. Our Project Management Office (PMO) is also available to support you.; ; Our standard retainer service includes guaranteed access to our IRT with defined SLAs, 24x7x365 incident reporting, initial triage within 4 hours, remote support within 8 hours and onsite assistance within 24 hours. 40 hours of inclusive incident response is provided as standard; additional hours can be negotiated and additional response time purchased as needed when an incident occurs.; ; Before we start the retainer service, we will conduct an integration project with you. This allows us to gather relevant information about your organisation, systems and processes so that when you call our Incident Response Team, they have all the background and access they need to hit the ground running.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 04/10/2023
• What the ISO/IEC 27001 doesn’t cover: Not applicable - all services are covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: IASME Governance Gold

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are aware that reducing our direct impact on the environment represents significant benefits for us, our clients, suppliers and the wider community and as an employer Cyberis is committed to understanding and reducing our impact by actively managing our waste, emissions and consumption of natural resources. We comply fully with all environmental legislation. ; In the office environment, we have taken several small steps to reduce our energy consumption – such as installation of LED lighting throughout our premises, energy efficient hot water taps, reduction of boiler operating temperatures and the installation of smart thermostats. We also use E.ON Next, as an energy supplier providing electricity backed by 100% renewable sources. ; Transportation is the major contributor to greenhouse gas emissions, with personal automobiles accounting for more than half of the total. An estimated 98% of employee carbon footprint comes from commuting. Due to remote working, fossil fuel consumption decreases vastly and people who work from home are reported to save 3.6 million tons of greenhouse gases per year. As a result, the majority of the Cyberis team work remotely and we have implemented processes to enable most of our testing work to take place remotely, reducing the requirement for travel to client site.; For example, where we need to connect to on-premise systems on a regular basis, we have developed a secure Remote Pentest Device (RPD) that can be used to support robust and secure connectivity. We also support efficient delivery through customer VPNs and cloud-based solutions for connectivity to systems, in a secure manner, with a significant reduction in the requirement for testing to take place on site and a subsequent reduction in travel necessity and environmental impact.

  Covid-19 recovery

  Cyberis has been committed to supporting the local community in managing and recovering from the impact of COVID-19. As part of this commitment, we supported our staff, suppliers and customers in achieving these same goals. ; During the pandemic, and since that time, Cyberis supported several clients in migrating their infrastructure to the cloud in a secure manner and supporting home workers in roles that were traditionally office based. Specific security testing designed to combat the inherent risks of these business changes has enabled our clients to continue to work in a safe and secure manner while balancing the ongoing requirement for staff to work from home on a part or full-time basis. ; From the beginning of the pandemic, we retained the services of the local suppliers contracted to maintain Cyberis office spaces despite office closures during periods of lockdown, supporting them in continuing to operate and retain staff without extra financial uncertainty. ; Many of Cyberis’ staff have continued to work from home since the beginning of the pandemic, and a number of staff taken on during the period are permanently home based. In order to support the mental health and wellbeing of all staff, the entire business gather for a weekly Teams meeting, where every individual has the opportunity to talk with colleagues, seek advice, stay connected to the wider team and build collegiality. ; Cyberis have also undergone a period of expansion and have been in the position to build a training programme and support retraining within the cyber security industry, including recruitment of new team members that were affected by redundancies during COVID-19.

  Tackling economic inequality

  Cyberis is a growing SME, seeking to encourage more individuals onto career pathways within the cyber security industry where there is a real skills shortage with over 10,000 vacancies in cyber security across the U.K. ; As we facilitate remote working for all employees, opportunities with Cyberis are available UK-wide, including potentially in deprived areas and for individuals who may find working home more suitable for their circumstances, such as those with disabilities or caring responsibilities (statistically predominantly impacting women) that prevent them from travelling to an office on a regular basis.; Making this opportunity for employment open beyond those already working in cyber security will support in addressing the Cyber Skills Gap. Cyberis run a successful Academy programme which recruits individuals with no prior experience in commercial cyber security testing and comprehensively upskill them to a highly competent level.; We also support increase of supply chain resilience and capacity by actively supporting programmes within our community which aim to engage those who face barriers to employment – such as neurodiverse individuals – and get them involved in the cyber security industry. We do this by volunteering time to IASME’s neurodiverse cyber security training programme. We also support community programmes within The Cyber Scheme via volunteered/sponsored time aimed at developing skills in the cyber security market.; Additionally, our more senior consultants are experts in their fields and regularly contribute to security conferences, podcasts and articles. Articles are regularly posted on our blog covering a variety of security issues and penetration testing techniques and we are in the process of developing this resource to provide "Introduction to Penetration Testing" guides and signposts to useful third-party resources which will help industry entrants gain baseline knowledge that will improve their employment prospects when looking to navigate a route into penetration testing.

  Equal opportunity

  Cyberis is a strong supporter of inclusion and diversity within the cyber security industry and considers the importance of tackling workforce inequality throughout its policies and processes.; Cyberis has an excellent record on staff retention and supported by focusing on employee wellbeing and development opportunities. We have proactively taken steps to improve inclusivity and the health and wellbeing of our colleagues, for example, dynamically varying working patterns to support changing personal needs, accommodating requests for role and responsibility changes to accommodate changing mental health needs, appointing Mental Health First Aiders and launching a comprehensive Employee Assistance Programme. We also plan to implement the six standards in the Mental Health at Work commitment.; Our recruitment processes are also under constant review to support inclusive practices, for example utilising virtual interviews to increase inclusivity - reducing the expectation on candidates to travel for interview if this may be a blocker for them in line with our policy to facilitate remote working for all employees supporting individuals who may find homeworking more suitable for their circumstances, such as those with disabilities or caring responsibilities (statistically predominantly impacting women) that prevent them from regularly travelling to an office.; Beyond initiatives to support our own staff and new entrants, Director, Gemma Moore, helped establish CREST's Inclusion & Diversity Working Group, which is tasked with improving inclusion across the technical cyber security industry. We also actively encourage our employees to support related industry initiatives, such as the National Cyber Security Centre (NCSC) Diversity & Inclusion Survey and we have signed the Respect in Security pledge, and fully support this. We have a zero-tolerance approach to any form of harassment.

  Wellbeing

  The health and wellbeing of our colleagues is important to us, and we strive to create an inclusive and supportive environment for all employees. Cyberis has an excellent record on staff retention supported by focusing on employee wellbeing and development opportunities.; We have proactively taken steps to improve inclusivity and the health and wellbeing of our colleagues, for example, dynamically varying working patterns to support changing personal needs, accommodating requests for role and responsibility changes to accommodate changing mental health needs, appointing Mental Health First Aiders and launching a comprehensive Employee Assistance Programme. We also plan to implement the six standards in the Mental Health at Work commitment. We also plan to use the recommendations in the Voluntary Reporting Framework to help us track employee wellbeing annually and use this information to inform process change and transformation.; The dynamic working patterns support our colleagues to value their work-life balance and have enabled people to, for example, attend events at their children’s schools or allow time to participate in hobbies. Additionally, this environment of supporting and encouraging colleagues to value balance and their health and wellbeing has included supporting colleagues with additional time off work to compete in sporting events. ; Furthermore, Cyberis organises biannual team social events to support team building and wellbeing throughout the company by fostering a community spirit. We have also recently re-structured the business to appoint additional line managers improving capacity for effective people management and regular one-to-one time, which is particularly important for our remote workers.; We also improve community integration via volunteering in the community. As a member of Cyber Scheme, we volunteer ten consultant-days per year to support community projects coordinated by the Cyber Scheme. We support IASME’s neurodiverse cyber security training programme by volunteering time to provide careers talks to attendees.

Pricing

• Price: £1,100 to £1,500 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@cyberis.com. Tell them what format you need. It will help if you say what assistive technology you use.