Cysiam Limited

UK-based 24/7/365 Security Operations Centre (SOC) Managed Service

CYSIAM’s Uk-based 24/7/365 Security Operations Centre (SOC) provides a threat-led Managed Detection and Response (MDR) service. Alongside world leading technology partners (we are Splunk SIEM & Crowdstrike EDR resellers), we provide managed security services to increase your ability to detect early and respond quickly to incidents on your network.

Features

• 24/7/365 Managed Detection and Response (MDR)
• Cyber Threat Intelligence (CTI)
• Threat Hunting
• Endpoint Detection and Response (EDR)
• UK-based Security Operations Centre (SOC)
• Cyber Incident Response
• Digital Forensics
• Security Incident and Event Management (SIEM)
• Splunk and Crowdstrike partners & resellers
• Fully vetted team

Benefits

• Detect and investigate suspicious activity on your network
• Hunting and mitigation of the most likely cyber threats
• Inform you of likely cyber threats specific to your organisation
• Cyber incident response minimising disruption to your business activities
• Digital forensic investigations to return to business-as-usual with confidence

£800 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rupert.ryan@cysiam.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

887344943860073

Contact

Rupert Ryan
07376019394
rupert.ryan@cysiam.com

Service scope

• Service constraints: Constraints on what is allowed and what is out-of-bounds for both Pen Tests and Red Team exercises will be agreed with the client prior to any activity taking place.
• System requirements: None

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: N/A - service dependent
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: An initial scoping meeting will determine the maturity of the user's security function and priorities of the exercise.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All relevant data will be provided to the user at the end of the contract including a recommendations report.
• End-of-contract process: A full report on the findings of the Pen Test or red Team exercise will be provided including recommendations and proposed fixes.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Specific resources (named individuals and detailed equipment) will be ring-fenced for the duration of the service including the report writing and close-out meetings.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Splunk, Crowdstrike, Mimecast and Corelight

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: N/A
• Approach to resilience: N/A
• Outage reporting: N/A

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: All remote verification is done using 2FA
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through: Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS
• ISO/IEC 27001 accreditation date: 31/10/2025
• What the ISO/IEC 27001 doesn’t cover: The whole business is covered by the certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our security policies and processes are developed in-house. The reporting structure leads to the CTO/CISO.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Service components and approach are continually tracked by the service lead and overseen by the CTO.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We use Qualys tool for vulnerability scanning and our extensive open source intelligence knowledge to continuously assess and prepare for threats to the organisation and the cyber security industry at large.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We continually monitor our systems for signs of compromise and respond immediately to any concerns.
• Incident management type: Supplier-defined controls
• Incident management approach: We are a small enterprise. All events are evaluated and shared with all employees and systems updates accordingly. The process is managed by the CTO/CISO.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  CYSIAM is a proud member of the SME Climate Hub, a global initiative that empowers small to medium sized companies to take climate action and build more resilient businesses. Through the SME Climate Hub, we commit to lowering our impact on the environment through authentic action, halving our emissions by 2030. In making the commitment, we have joined the United Nations Race to Zero campaign. ; ; The initiative is supported at board level in the company and having calculated our baseline emissions, we report progress against our action plan on an annual basis. ; ; We run several initiatives throughout the year to support our climate commitment and try to involve our staff as much as possible.

Pricing

• Price: £800 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rupert.ryan@cysiam.com. Tell them what format you need. It will help if you say what assistive technology you use.