google-site-verification=f5ZBj2snH1VhGax51H8i9cpPrBtV-kBssCWhlzVKiWY
We've rebranded! Find out more about our rebrand to LRQA Nettitude here

REPORT AN INCIDENT

Select Page

CYBERSECURITY REVIEW

What is a Cybersecurity Review?

To meet the ever-increasing range of cyber threats facing today’s businesses, a robust security infrastructure and forward-looking security processes are essential. In order to help businesses build and test their infrastructure and processes, organisations should conduct a comprehensive Cybersecurity Review performed by independent, expert information security consultants.

LRQA Nettitude’s Cybersecurity Review is based on the National Cyber Security Centre (NCSC) 10 steps framework, a nationally recognised standard for businesses to ensure the security of their infrastructure.

General Enquiry.

Does your organisation need a review?

Not all breaches create a negative impact, with some cases resulting in no material impact – such as no data is lost and no services are impacted. However, government reports show that of all the businesses that identified a data breach, half are impacted. The damages of such breaches include costs ranging from over £3k for a small business, to £22k for a large business.

When businesses who reported that their work was impacted by a breach, many reported that it prevented employees from completing their day-to-day duties. Taking these figures into account, you might assume that businesses are still failing to recognise the need for cybersecurity. To some extent this is true, however three quarters of businesses surveyed say that cybersecurity is a priority for them. Despite this, just over a third have responsibility for cyber security assigned at board level, nearly 20% never update their senior staff on cyber security, and just under 3 in 10 businesses provide their employees with security awareness training.

Whilst many businesses claim to have some of the basic cyber-essential controls in place, the frequency of breaches suggests this figure may not be entirely accurate. This could be because organisations believe their controls are in place, however in reality they are not effective.

Source: Gov.uk Cybersecurity Breaches Survey2019

Benefits of a Review

A cybersecurity review, performed by a LRQA Nettitude Information Security Consultant, can help organisations gain better visibility and greater assurance that the controls and governance they have in place are effective. Some of the main benefits include:

  • Evaluate board-level awareness
  • Assessment against the 10 Steps scheme
  • Recommendations from our in-house certified experts for each step of the process
  • Identify quick win areas
  • Recognise existing good practices

We’re aligned to the National Cyber Security Centre “10 Steps to Cyber Security”, and can also consider ISO27001:2013 if required (our consultants are all ISO27001 Lead Auditor certified).

About the 10 Steps to CyberSecurity Scheme

The Ten Steps scheme was developed by the National Cyber Security Centre (NCSC) and originally published in 2012. Since its release, it has been adopted by the majority of FTSE350 companies, to help them to address common cyber-attacks, with a view to reducing the risk to the enterprise. The NCSC believe that understanding the cyber environment and adopting an approach aligned with the 10 Steps scheme is an effective means to help protect your organisation from attacks.

What will LRQA Nettitude deliver?

LRQA Nettitude will deliver an on-site, or remote, assessment against the NCSC Ten Steps. An Information Security Consultant will review the organisation against each of the ten steps, and produce a report detailing the findings. Recommendations will be provided wherever required.

The following is delivered as part of this service.

  • On-site or remotely-delivered cybersecurity review
  • Led by Information Security Consultant
  • Review organisation against the 10 Step requirements and other applicable areas
  • Report

The 10 Steps/Areas that will be evaluated are:

  • Risk Management Regime
  • Secure configuration
  • Network security
  • Managing user privileges
  • User education and awareness
  • Incident management
  • Malware prevention
  • Monitoring
  • Removable media controls
  • Home and mobile working

In addition to reviewing against the NCSC’s 10 steps, we can also include other applicable areas as needed, including:

  • Secure development practices
  • Physical security
  • Third-party risk
  • Cloud security, including Office 365
  • Alignment to ISO27001 Annex A controls

 

Why LRQA Nettitude?

Our team of consultants are experienced information security professionals who hold a wide array of professional certifications including CISSP, PCI DSS QSA, CISA, CISM, CRISC, ISO27001 Lead Auditor & Implementer, as well as a wide range of technical certifications. Our broad information security and technical backgrounds mean we are able to consult as well as assess and support our clients with tasks as diverse as policy writing, network design, development processes, and server hardening.

To enquire about a LRQA Nettitude Cybersecurity Review, please get in touch with the team.

Get a free quote

body.hs-form label {color: #ffffff;} body.hs-form .hs-form-field > label {color: #ffffff;} .hs-form label {color: #ffffff;} .hs-form .hs-form-field > label {color: #ffffff;} body .hs-button.primary, body input[type="submit"], body input[type="button"] { background-color:#ffffff; border:0px solid #4f758b ; display:inline-block; cursor:pointer; color:#000000 ; font-family:Arial; font-size:21px; font-weight:bold; margin:0; width: 50%; text-decoration:none; padding: 5px 10px; margin-top: 15px; border-radius: 30px; margin-bottom: 10px; margin-left: 110px; } .hs-form label {color: #ffffff;} .hs-form .hs-form-field > label {color: #ffffff;} .hs-form input[type="text"], .hs-form input[type="password"], .hs-form input[type="datetime"], .hs-form input[type="datetime-local"], .hs-form input[type="date"], .hs-form input[type="month"], .hs-form input[type="time"], .hs-form input[type="week"], .hs-form input[type="number"], .hs-form input[type="email"], .hs-form input[type="url"], .hs-form input[type="search"], .hs-form input[type="tel"], .hs-form input[type="color"], .hs-form input[type="file"], .hs-form textarea, .hs-form select { text-align:left; margin:0; width:99%; height:30px; color: #000000; padding: 8px 15px; font-size: 15px; padding: 4px 7px; box-sizing: border-box; background-color:#ffffff; border:0px; margin-bottom:10px; } body textarea { min-height: 100px; } @media only screen and (max-width: 600px) { body .hs-button.primary, body input[type="submit"], body input[type="button"] { background-color:#ffffff; border:0px solid #4f758b ; display:inline-block; cursor:pointer; color:#000000 ; font-family:Arial; font-size:21px; font-weight:bold; margin:0; width: 70%; padding: 10px 20px; text-decoration:none; margin-top: 15px; border-radius: 30px; margin-bottom: 10px; margin-left: 30px; } } @media only screen and (max-width: 600px) { body .hs-button.primary, body input[type="submit"], body input[type="button"] { background-color:#ffffff; border:0px solid #4f758b ; display:inline-block; cursor:pointer; color:#000000 ; font-family:Arial; font-size:21px; font-weight:bold; margin:0; padding: 10px 20px; width: 70%; text-decoration:none; margin-top: 15px; border-radius: 30px; margin-bottom: 10px; margin-left: 30px; } } setTimeout( function(){ document.getElementsByClassName("et_pb_module et_pb_text et_pb_text_4")[0].children[0].children[0].children[0].innerHTML = "Get a free quote"; document.getElementsByClassName("hs-form-booleancheckbox-display")[0].children[1].chil
dren[0].innerHTML = "I agree to receive other communications from www.nettitude.com."; document.getElementsByClassName("hs-button")[0].setAttribute("class", " et_pb_button et_pb_custom_button_icon et_pb_button_2 et_pb_bg_layout_dark contact-button") }, 2000); hbspt.forms.create({ portalId: "3021880", formId: "ddb2f277-8dd0-42e2-802c-27e4aa203613" });

speak to our experts