Sapphire

Cyber Security Technical Assessment (CSTA)

An assessment of your current technical investments against the recognised framework, Center for Internet Security (CIS) Controls. This assessment is intended to advise on the provision of technical elements of your cyber security program, the project plan over the coming year, and the resources required to achieve it.

Features

• Assesses threat landscape
• Prioritised list of actions and report
• Cyber risk assessment
• Reviews security architecture
• Addresses current threats and risks
• Reviews business objectives for security
• Offers future guidance on Cyber Security spend
• Offers future guidance on, technical controls, policy and procedural change.

Benefits

• Third Party Guidance across project implementation plans
• Broad Benchmarking against CIS control framework
• Advisory service to address reported weaknesses
• Guidance across technical security platforms, strategy and operational impact
• It allows for Visibility, Control and Focus
• Highlights insufficient controls and weaknesses across an organisation
• Suggests optimisation of existing technologies and acquisitions
• Assists with formulating comprehensive and adaptable cyber security strategies

£990 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at katie.smith@sapphire.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

862867101548007

Contact

Katie Smith
0845 58 27001
katie.smith@sapphire.net

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Security Governance and Compliance
  • Application Security and Data Protection
  • Security Monitoring and Response
  • Digital Identity Management
  • Threat and Vulnerability Management
  • Endpoint protection
  • Threat Intelligence Analysis Platform
  • Platform Security
  • Secure Cloud
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • OSCP
  • OSCE
  • CISSP
  • CEH

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: None, as the service will be defined during the project scope.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday to Friday 9x5 e-mail helpdesk support support@sapphire.net or 0845 58 27999. Questions are typically answered within 4hrs.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Level 1 - Sapphire Helpdesk; The first point of escalation should always be the Sapphire HelpDesk and escalation must be separate from the initial call to log the fault. The Cloud customer must obtain a case reference number for the fault.; ; Level 2 - Sapphire Professional Services Manager; This is the second point of escalation in the event of the HelpDesk being uncontactable or an increase in call priority being required. The Cloud customer should quote the case reference number provided.; ; Level 3 - Sapphire Business Services Director; This is the third point of escalation in the event of the Manager being uncontactable or a further increase in call priority being required.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS
• ISO/IEC 27001 accreditation date: 12/09/23
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We make sure that we recycle where we can and take appropriate modes of transport to get to clients. Our offices in Darlington and Glasgow are easily accessible by public transport meaning that many of our colleagues go to an office by these means. For other colleagues, we offer remote working, and colleagues are able to attend an office when they need ; ; We are pricing our services to encourage customers to prefer remote access and remote working where possible. One of Sapphire staff is undertaking a part time PHD studying the carbon consequences of cyber crime and it’s mitigation which is inclusive of Sapphire customers and partners.

  Covid-19 recovery

  We have encouraged our staff back to office working especially in the SOC which runs 24*7 shift patterns. We have recently engaged in local communities by hiring space in local charity buildings for company meetings as in house face to face meetings.

  Equal opportunity

  We have an Equal Opportunities policy which everyone in Sapphire adheres to. We are currently at 29% of females in our organisation, a number that has grown over the last few months. Our recruitment processes allow us to interview the best people for the roles we have available, and we insist on 50:50 short-lists for all roles. We value the views of others and see as a strength our openness to challenge. We employ military reservists, and are supportive of their overseas deployment commitments on behalf of HM Government. Recently we have signed documentation to join the NCSC Cyber First scheme to help young people especially women and girls to join the ranks of cyber professionals. We also mentor young people who are keen to move into cyber at some stage in their career.

  Wellbeing

  We take the wellbeing of our colleagues seriously; we offer an Employee Assistance Programme, have health cover, a pension scheme and Life Cover. We also provide opportunities for colleagues to Give Back to local projects/schemes and they can use a day a year to do this.

Pricing

• Price: £990 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at katie.smith@sapphire.net. Tell them what format you need. It will help if you say what assistive technology you use.