CYBERSYCURE LTD

Supplier Security Assurance service

Assess and ensure the security posture of third-party suppliers/vendors who provide services or products to government agencies.

Features

• Robust assessment methodologies covering technical, operational, and compliance aspects.
• Detailed risk analysis and mitigation recommendations for each supplier.
• Regular monitoring and re-assessment to ensure ongoing compliance.
• Aligned to various standards and frameworks (NCSC, CAF, NIST, ISO).

Benefits

• Ensure solutions are architected and aligned to industry best practice
• Reduce business risk and costs
• Tailored cybersecurity approach enhances resilience against evolving threats.
• Mitigate supply chain risks, ensuring the security of government services.
• Identifies and addresses vulnerabilities before they impact government operations.
• Continuous monitoring provides assurance of sustained supplier security over time.
• UK Cleared Staff (SC).

£650.00 to £1,700.00 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tahir@cybersycure.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

920779295191811

Contact

Tahir Hussain
07958122224
tahir@cybersycure.co.uk

Planning

• Planning service: Yes
• How the planning service works: Supplier Assessment Planning: We collaborate with your procurement and security teams to identify critical suppliers and establish assessment criteria.; Risk Analysis: We conduct risk assessments of selected suppliers, evaluating factors such as data security practices, compliance with standards, and incident response capabilities.; Assessment Strategy: Based on the risk analysis, we develop a tailored assessment strategy, which may include on-site audits, questionnaire evaluations, and vulnerability scans.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Supplier Engagement: We assist in communicating assessment requirements to suppliers and facilitate the exchange of necessary information and documentation.; Assessment Execution: Our team conducts supplier assessments according to the agreed-upon strategy, documenting findings and identifying areas for improvement.; Remediation Support: We work with suppliers to address identified vulnerabilities and implement necessary security enhancements, ensuring compliance with your security standards.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security risk management
  • Security audit services

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Depends on service and would be willing to discuss with the client to identify and formulate SLAs that align to their expectations.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Depends on service and would be willing to discuss with the client to identify and formulate SLAs that align to their expectations.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • CISSP
  • CISM
  • TOGAF
  • OSCP
  • ISO27001 Lead Auditor
  • CISA
  • GDPR Practitioner

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  We are committed to ensuring that everyone has an equal opportunity to succeed, irrespective of factors such as race, gender, age, or socioeconomic status. Through fair and inclusive hiring practices, mentorship programs, and career development initiatives, we strive to create a level playing field where talent and merit are the only criteria for advancement.

  Wellbeing

  We prioritise the holistic wellbeing of our employees, recognising that true success stems from a balance of physical, mental, and emotional health. Through initiatives such as flexible work arrangements and access to mental health resources, we support our team members in achieving optimal wellbeing and work-life harmony.

Pricing

• Price: £650.00 to £1,700.00 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tahir@cybersycure.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.