Safeguarding your information and reputation against cyber threats

Information assurance and secure ICT networks are fundamental to effective operations

Cyber Security

Cyber Essentials Plus IASME Consortium Self-Certified Company
Cyber Essentials
There can be no doubt that cyber threats are real. Cyber Essentials is a Government-backed and industry supported scheme that guides businesses on how to protect against cyber threats. The Cyber Essentials scheme provides a secure foundation for your IT system. Implementation of these controls can significantly reduce your risk of

In addition to Cyber Essentials, the MOD, working jointly with Industry and other Government departments, has created the Defence Cyber Protection Partnership (DCPP) to ensure that it and its supply chain are appropriately protected from cyber threats.

Read more about Cyber Essentials
Our services are designed with the customers holistic information security needs in mind and structured around four capabilities:

Read more about information assurance
Audit and Review Security Architecture Risk Management Risk Assessments
Cyber Training
MASS' training provides:

  • your people with the latest knowledge and skills in cyber security, helping them develop a deeper understanding of security threats and appropriate mitigations.
  • your organisation with the advice, guidance and support to establish or improve its policies and procedures, leading to a well-developed and robust security posture supported by an aware and mindful workforce;
As an industry leader, we offer a comprehensive range of courses, from foundation awareness to advanced courses, all to the highest and most up to date standards delivered by either e-learning or as live-classes.

Find out more about our cyber training and see a complete courses list

Cyber Essentials

MASS specialises in providing IT reliant businesses with guidance and support, helping them to achieve Cyber Essentials certification which provides:

  • Reassurance to customers, suppliers and stakeholders that cyber security is taken seriously and methods are in place to reduce the threat from cyber-attacks;
  • The ability to be considered for government contracts by having the appropriate certification;
  • The potential for cyber-insurance premiums to be reduced.

Download the Cyber Essentials and IASME Self-Assessment Preparation Booklets and complete the Cyber Essentials self-assessment questionnaire online, quickly and securely, through our portal.

Once you have achieved Cyber Essentials certification, you may require an upgrade to Cyber Essentials Plus.

Completing the Cyber Essentials certification through MASS offers eligibility for free automatic cyber liability Insurance for up to £25,000.

Defence cyber protection partnership (DCPP)

The MOD introduced Cyber Protection requirements for all new procurements from 1 January 2016. All suppliers in MOD supply chains must hold a Cyber Essential Certificate prior to contract or subcontract award.

The DCPP Cyber Security Model will require some suppliers to ensure additional cyber security controls, over and above Cyber Essentials, are in place ahead of contract award depending on the level of risk identified.

MASS can help you implement Cyber Essentials for both your organisation and your supply chain.

To find out more, please contact us.

Cyber Essentials Customer Helpline

We are delighted to announce the MASS Cyber Essentials helpline, which is available free of charge. To qualify you need to be a MASS customer. The helpline provides access to expert technical IT security, risk and compliance advice in line with the Government Cyber Essentials Scheme. Benefits of using the helpline include:

  • Improving your current IT system;
  • Advice on compliance requirements to progress to CE Plus certification; or
  • Assistance due to an IT related issue

You can contact us for assistance on 01480 223838 * or at

* We will respond between normal working hours of 9.00am – 5.00pm, Monday to Friday

Download our Cyber Essentials and DCPP brochures
Request pricing and enquiries

Information Assurance

MASS offers its clients audit and review services that encompass both technical and procedural audits against recognised standards. Our blend of audit approaches ensures we will deliver insightful and pragmatic recommendations.

MASS Security Architects hold industry qualifications and are experienced in the design of highly secure architectures that meet the rigours of UK Government and Defence assurance requirements.

MASS Risk consultants carry out risk assessments based on qualitative or quantitative methods, which can help organisations to understand the threats they face, and provide the necessary justification for cost effective investment in information security.

MASS Risk consultants work with your existing teams to develop risk tolerance criteria and define risk management strategies, that are designed to establish the framework to mitigate the likelihood of loss and impact to organisations.

To find out more information, email

Security Architecture

Value to you

Engaging the services of a security architect across the project lifecycle delivers a variety of benefits to organisations that provide a platform for business growth, you will:

  • Understand interdependencies across your estate
  • Improve interoperability across your estate through the adoption of standardised approaches
  • Gain the understanding of emerging technologies and how they can effectively integrate with your existing estate and
  • Understand the risks you are exposed to, best practice approaches to mitigating them and the financial, legal and regulatory impacts to your organisation

What we do:
  • Independently review and validate proposed security architectures
  • Employ standard architectural methodologies such as SABSA and TOGAF
  • Design and implement secure solutions, including: Identity and Access Management solutions, SOC and SIEM, Gateway and boundaries and Cryptographic solutions
  • Design, implement or review Network and Infrastructure designs
  • Provide Project Management support to transitional or systems integration programmes, using traditional or agile approaches
  • Chair or participate in an organisation Technical Design Authority (TDA)

Risk Assessments

Value to you

Business relationships are continually evolving, these include greater reliance on third parties and an expansion of typical technology and security boundaries. Engaging the services of a MASS risk consultant delivers a variety of benefits to organisations, that provide the basis for competitive advantage. You will:

  • Enhance your enterprise awareness of risks
  • Sharpen the focus of executive management
  • Enhance your ability to formulate risk management plans, respond to incidents or demonstrate compliance
  • Engender trust in your organisation
  • Be better placed to accept new business opportunities and improve your competitive advantage

What we do:
  • Carry out risk assessments in the context of your risk management criteria such as; Business Impact, Risk tolerance or appetites, likelihood and threats vulnerabilities
  • Carry out Privacy Impact assessments
  • Cyber Security or Technical Risk Assessments
  • Physical Security Environment Assessments
  • Risk assessments utilising a variety of approaches, including UK HMG methods or industry standards
  • Assessments of connection conformity, to Codes of Connection

Risk Management

Value to you

The increase in external relationships, emergence of advanced and persistent threats and evolving legislative and regulatory environment, means that risk management must be an enterprise-wide integrated business function. Risk management consultancy support:

  • The application of cost effective risks mitigation strategies
  • Support seamless adoption of new regulations and legislation
  • Enhance resilience to the consequences of evolving threat and risk landscapes
  • Demonstrate risk competence to your business stakeholders and customers
  • Be better placed to accept new business opportunities and improve your competitive advantage

What we do:
  • Support existing risk management programmes through the creation of bespoke policies
  • Work with stakeholders to define risk management criteria
  • Develop or advise on the creation of business continuity plans
  • Interpret threat intelligence and risk assessments in the context of your business
  • Provide security, risk and threat education, awareness and training
  • Develop supply chain risk management and assurance procedures
  • Provide pragmatic and proportionate risk management advice

Audit and Review

Value to you

Routinely auditing your information security management systems is crucial to risk appreciation and management. MASS audit and review services:

  • Support monitoring that controls are effective
  • Identify areas of risk and support third party risk awareness
  • Provide evidence to maintain compliance against required certifications
  • Demonstrate maturity in your information security programmes to your business stakeholders and customers
  • Provide the evidence to demonstrate progress in projects and tangible returns on investment

What we do:
  • Compliance Assessments or gap analyses against a variety of standards, such as:
    • NIST
    • ISO27001/2
    • HMG Security Principles
    • UK Data Protection Act
    • General Data Protection Regulation (GDPR)
    • DCPP
  • Cyber Essentials Certification
  • IT Health Checks
  • Physical Environment Security Audits
  • Product standards review
  • Reviews against your own policies
  • Internal audits to support certification maintenance

Cyber training

The UK Government has categorised cyber attacks as a Tier One threat to national security, alongside international terrorism. The cost of a single cyber security incident can easily reach six-figure sums and any damage to a company's reputation could lead to dramatic loss of profits or future business.

To help mitigate such risks, your staff need to have the latest knowledge in cyber security. MASS can help your people develop a deep understanding of potential security threats, and the countermeasures you can develop or adopt. Cyber Security training helps to protect corporate assets, and having appropriately trained staff will immediately be apparent to the bottom line.

Working in partnership, MASS is offering, in the UK for the first time, an e-learning library with courses designed to teach all members of an application development team, from quality assurance professionals to software developers, about the importance of secure practices in the application development process.

Training materials, dedicated facilities, specialist trainers, courseware development, and our deep cyber security domain experience ensures that your staff receive the critical knowledge required to maintain appropriate security standards.

Our training facilities are equipped with state-of-the-art resources, or alternatively we can deliver training at your preferred location in the UK or abroad.

View Cyber Training Courses list

View Secure Software Training Courses list

For further information, please contact