Our services are designed with the customers holistic information security needs in mind and structured around four capabilities:
Routinely auditing your information security management systems is crucial to risk appreciation and management.
We offer audit and review services that encompass both technical and procedural audits against recognised standards. Our blend of audit approaches ensures we deliver insightful and pragmatic recommendations.
We offer the below services:
We assess against a variety of standards, such as: ISO27001/2, DCPP, GDPR and NIST.
Our Security Architects hold industry qualifications and are experienced in the design of highly secure architectures that meet the rigours of UK Government and Defence assurance requirements.
Engaging the services of a Security Architect across the project's lifecycle delivers a variety of benefits to organisations that provide a platform for business growth. You will:
What we do:
We independently review and validate proposed security architectures, and employ standard architectural methodologies such as SABSA and TOGAF.
In addition, we design, implement or review network and infrastructure designs, as well as providing project management support to transitional or systems integration programmes using traditional or agile approachs.
Furthermore, we chair or participate in organisations such as the Technical Design Authority (TDA).
We also design and implement secure solutions, including:
Our risk consultants carry out risk assessments based on qualitative or quantitative methods, which help organisations to understand the threats they face. It also provides the necessary justification for cost-effective investment in information security.
Business relationships are continually evolving include greater reliance on third parties, and an expansion of typical technology and security boundaries.
Engaging the services of a MASS risk consultant delivers a variety of benefits to organisations that provide the basis for competitive advantage. You will:
What we do:
Risk assessments utilise a variety of approaches, including UK HMG methods or industry standards.
The assessments are provided in the context of your risk management criteria such as business impact, risk tolerance or appetites, likelihood, and threat vulnerabilities.
Our specialists provide assessments for Privacy Impact, Cyber Security or Technical Risk, Physical Security Environment.
We also assess connection conformity to Codes of Connection.
Our risk consultants work with your existing teams to develop risk tolerance criteria and define risk management strategies that are designed to establish the framework to mitigate the likelihood of loss and impact to organisations.
The increase in external relationships, the emergence of advanced and persistent threats and evolving legislative and regulatory environment, means that risk management must be an enterprise-wide integrated business function.
What we do:
Our risk advice is pragmatic and proportionate
We support existing risk management programmes by creating bespoke policies, working with stakeholders to define risk management criteria, and developing or advising on business continuity plans.
Additionally, we interpret threat intelligence and risk assessments in the context of your business, while providing security risk and threat education, awareness and information assurance training.
We also develop procedures for supply chain risk management and assurance.
Talk to one of our Cyber Security business advisors on +44 (0)1480 222600 between 0800-1800 UTC