Cyber Services Catalogue...2017/09/01 · CCS2000 Ltd, 6 Brewery Close, Barker Business Park,...

CCS2000 Ltd, 6 Brewery Close,Barker Business Park, Melmerby,Ripon, HG4 5NL 01765 606700

CyberServices Catalogue

“Providing advice, guidance and managed cyberservices to the SME marketplace”

ABOUT US

www.ccs2000.co.uk +44 (0)1765 606700CCS2000 Ltd, 6 Brewery Close,Barker Business Park, Melmerby,Ripon, HG4 5NL 01765 606700

CCS 2000 LimitedCCS 2000 is an IT Support provider that has been successfully providing IT support services across the UKfor over 25 years. In recent years, heightened concerns over data privacy, security and hacking has brought the requirement for Cyber Security Services to the fore. CCS 2000 has developed and evolved our IT supportservices to include a full cyber security suite.

Our cyber security services have been specifically tailored for the SME market, bringing together a number of scalable and affordable cyber capabilities that can complement an organisation’s existing IT infrastructure or services. We strive to help maintain the availability of your information while we assist in keeping its integrity and confidentiality secure.

Our cyber consultancy services and assessments have been designed to provide an organisation with the recommendations and cyber programme needed to keep information safe and secure. Our cyber managed services provide real-time monitoring and assessment of an organisation’s cyber security.

Contact CCS 2000 today and we’ll be pleased to assist your business in becoming cyber secure.

Complete Cyber Security from CCS 2000.

OUR SERVICES

www.csa.limited +44 (0)1452 886982Cyber Security Associates LtdUnit 11, Wheatstone Court, Waterwells Business Park,Gloucester. GL2 2AQ

BORDERPOINT

Continuous ProtectiveMonitoring

Prices starting from £12per device per month

FORESIGHT

Threat Intelligence &Assessment Service

Prices starting from £75per assessment

DECOY

Email Phishing Campaigns

Prices starting from £395per campaign

USER AWARENESS

Instructor Based CyberUser Awareness Training

Prices starting from £145per delegate

CYBERASSESSMENTS

Full Cyber Security Review & Technical Assessments

Prices starting from £1,495

CYBER CERTIFICATIONS

Cyber Essentials,Cyber Essentials Plus &

ISO 27000

Prices starting from £395

GDPR SERVICES

GDPR Gap Analysis &Data Inventory

Prices starting from £995

VIRTUAL CYBEREXECUTIVES

CISO, CTO, DPO

£950 per day

BORDERPOINT


Continuous ProtectiveMonitoring

Continuous Protective Monitoring (CPM) combines industry leading intrusion detection with an advanced Security Information and Event Monitoring (SIEM) system tailored to meet the security needs of the SME market. Our CPM capability delivers a holistic security service solution, normally expected for only the largest of organisations, delivered at our UK based Security Intelligence and Operations Centre (SIOC).

EASY & FAST TO DEPLOYFast, lightweight agent with a one-click install. Automatic configuration based upon your device.

ALERTINGAutomated alerts dispatched by email or text message. Our alerts are tailored to include potential business impact.

SCALABLEDesigned to be able to scale withan organisation. Supporting 1 - 150devices.

REPORTINGMonthly executive reports summarising all the events and incidents discovered within the monitored environment.

Prices start from £12 per device per month

BorderPoint Lite

Borderpoint Light - Agent based real-time monitoring of host activity. The Borderpoint agent collects events from individual hosts and forwards them to our SIOC where events are correlated and analysed for anomalous activity. By harnessing both threat intelligence and human analysis, Borderpoint Light is able to detect and alert to malicious activity in near real-time and provide automated monthly reporting, making it ideally suited for a micro business.

FORESIGHT

Threat Intelligence & Assessment ServiceOur cyber intelligence assessments use our unique combination of open and closed source intelligence feeds designed to detect threats outside of your normal working environment. These feeds provide a comprehensive analysis of the potential source of an attack, the likely methods and techniques that can be used by an attacker, and the potential impact on a business.

All of our cyber threat intelligence & assessment services are conducted on site, in our SIOC, by our experienced and trained intelligence analysts. Our intelligence monitoring and reporting service will follow our tiered pricing service approach, with our other bespoke offerings provided as one-off packages.

The SIOC will provide an automated monitoring capability on a 24 hour basis, with our cyber analysts operating during normal UK business hours (0830 – 1700hrs).

Prices start from £75 per check and from £995 for 50 monitored assets

Compliance ChecksOur intelligence assessment service extends into tailored compliance and due diligence checking. This service utilises the capabilities of our Threat Intelligence Platform and the skills of our analysts, to provide a range and depth of unique checks for our clients.

Monitoring & AlertingOur intelligence monitoring service will be basedon an agreed pre-defined client ‘asset list’customised to meet the needs of the organisation.A monthly report will be produced within 5 workingdays after the monitoring period. The report willfocus on the client’s risk areas, plus a broadanalysis of the global client sector, identifyingcommon threats and known techniques, tacticsand procedures, used by potential attackers.

It is appreciated that any potential indicator ofcompromise or threat to an organisation mayneed to be alerted to the client as quickly aspossible. Our Intelligence Alerts, categorisedas HIGH impact by our analysts and the client,will be notified within 4 hours of discovery(within SIOC operating hours).

Intelligence InvestigationsOur intelligence investigations package is anoptional capability that provides detailed technicalanalysis of any of the monthly customer findingsand/or alerts. These deep-dives provide thetechnical findings, discovered digital footprintsand proposed remediation actions contained intoa stand-alone report.


DECOY

Email Phishing Campaigns

Prices start from £395 per campaign

Standard CampaignOur standard phishing campaign is designed with an objective of gaining an employee’s trust and interaction with a non-business related email. Each client will have the ability to choose the most suitable framework and content for the email to make it appear as genuine and plausible as possible. Our real-time reporting framework will provide a comprehensive view of the results obtained from the campaign, to detail both areas of strength and those needing improvement.

Our email phishing campaigns have been designed to test and understand the overall “cyber hygiene” of an organisation’s workforce. Our interactive and non-invasive approach provides any organisation with accurate metrics and follow-on remediations.

Advanced CampaignOur advanced spear phishing campaign is designed to be targeted against specific teams or individuals within each client. We will work directly with the client in producing targeted email campaigns, designed to encourage more specific user interaction. Each scenario will be directly related to the work environment of the client to provide realism and plausibility and will be constructed on-site with the client directly. This type of campaign will always be conducted in a controlled environment under the supervision of a nominated client point of contact. Normal business operations will not be impacted by the campaign.

Campaign ReportingOur reporting template is designed to provide visual and usable metrics. This will enable each organisation to understand how the campaign developed over time, delivering accurate results that can then be used to promote or consolidate better user awareness in the workplace.


USER AWARENESSTRAINING

The ‘cyber hygiene’ of all individuals is important in the battle against the ever-increasing cyber threat. The cyber attacker will always look to exploit an ‘opportunity’ to deliver their attack and one of the most basic methods of establishing this opportunity is through an email connection. Our user awareness training is designed to provide all employees, from board level downwards, with an ongoing appreciation and education of information security threats, attack methods, tips and techniques on keeping information safe.

Prices start from £145 per delegate and ExecutiveLevel Briefing for £995

Instructor Based TrainingOur instructor based training is designed to provide more depth and detail than standard e-learning packages. Our team of cyber specialists share real life experiences and examples of the latest cyber attacks and threats, techniques used and how to stay cyber safe within the workplace and at home. We offer both entry level and follow-on training packages, both designed to be interactive, with demonstrations and group exercises.

Executive Level BriefingsOur team of cyber specialists can provide executive level briefings, designed to be delivered at board level to cover topics specifically applicable to each client. Topics will include cyber threats, organisational countermeasures, cyber certifications and information security compliance.


E-LEARNING


CYBER ASSESSMENTS

It is important for an organisation to understand its own cyber security maturity and the direction it needs to follow to maintain or improve this capability. Our cyber assessments are not only designed to provide an organisation with an insight into their cyber security posture, but are designed to test and assess current security technical controls. Our Cyber Assessors use the latest commercial tool-sets, as well as in-house developed frameworks and techniques, to undertake the assessments to provide detailed results and recommendations.

Prices start from £1,495

Cyber Security ReviewOur questionnaire and interview based cyber security review is designed to provide a high-level assessment of a client’s information security capabilities. The assessment covers business operations and technical requirements associated with information security, specifically covering cyber controls and objectives for people, process and technology. The review will deliver a detailed report, with an overall maturity assessment and proposed recommendations, to improve the cyber security within the organisation.

Red Team ExerciseA red team exercise is one of the best ways for an organisation to test their actual cyber defences. Our cyber team will play the role of a ‘determined’ attacker, using all means available to them, to try to infiltrate the organisation both physically and digitally. It is intended that only a few members of the organisation are made aware of the exercise to provide maximum coverage and reality. Our red team exercise is flexible enough to cover multiple sites over multiple locations.

Our vulnerability assessment will start from the outside of an organisation’s website and network boundary, then work inwards towards the internal network. Using state-of-the art open source and commercial tools, mixed with the skills and knowledge of our assessors, we will conduct an electronic technical scan and assessment of an organisation’s IT infrastructure to identify and report any potential vulnerabilities that may exist.

Vulnerability Assessment

Penetration TestingOur penetration test will use specialist tools and capabilities to act and behave as an aggressive and disruptive force to assess an organisation’s systems and vulnerabilities. This highly technical assessment phase will be undertaken by our skilled and certified Cyber Technical Consultants and managed both safely and securely to ensure the availability, confidentiality and integrity of all client information assets.



Cyber Essentials & Cyber Essentials PlusThe Cyber Essentials Scheme covers the basics of cyber security for an organisation’s enterprise or corporate IT systems. Implementation of these controls can significantly reduce the risk of prevalent but unskilled cyberattacks. For many organisations, especially those with significant information assets or who are exposed to a wider range of threats, Cyber Essentials is now a practical component of a wider ranging cyber security posture whichbusinesses need to adopt.

Prices start from £395

Our service is designed to take you through the journey of achieving Cyber Essentials and/or Cyber Essentials Plus using our certified Cyber Essentials Assessors, through to the submission of your paperwork to our partnered Certified body – Authentic Associates Ltd.

Cyber EssentialsWe will explain how the submission needs to be completed and will ensure you have sufficient controls in place to meet this certification. Once ready, our team will complete the mandatory questionnaire and submit on your behalf. Our price will include the certification costs.

Cyber Essentials PlusThis more detailed assessment will require our team to review and assess your technical controls to achieve this enhanced certification. Once ready, our team will provide the assessor and submit all the documentation required on your behalf. Our price will include the certification costs.



ISO 27001ISO 27001 is the international standard that specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) for any organisation. The standard specifies implementation and management guidelines to help keep your digital and paper information safe.

ISO certification cannot be achieved overnight and is aligned to the requirements and scope of the organisation. Our team of trained and experienced ISO 27001 Auditors will lead you through the process towards certification. Our engagement normally starts with a gap analysis, then followed by helping you to implement your ISMS, thenfully supporting your team when the Certification Audit takes place.

Gap Analysis from £1,995 and Supportfrom £950 per day

Gap AnalysisThe first part of your ISO 27001 journey is the gap analysis. This is where your current policy, procedures and processes will be reviewed and a certification timeline will be created, reviewed and agreed. This 1-2 day engagement will review each area needed for ISO certification.

ISMS Management & Evidence CollectionDuring this phase our team will conduct an informal review of your ISMS. This review will include actions such as checking for the existence of key ISMS documents and reviewing the overall ISMS. In addition, we will work with you to ensure you have sufficient documented evidence to demonstrate compliance against the ISO controls and objectives.

Certification SupportOnce you are ready to be certified, our team will be on hand to work with the Auditor to make sure the certification audit runs as effectively as possible.


GDPR SERVICES

The General Data Protection Regulation (GDPR) heralds the biggest shake up to Europe’s privacy laws for 20 years when it becomes enforceable on the 25th May 2018. Breached organisations can expect fines of up to 4% of annual turnover (NB turnover NOT profit). In addition, data subjects will have more rights on how their information is controlled and processed.

Our team of certified GDPR Practitioners will provide guidance on the areas that need to be addressed to meet the requirements of the new regulation. Our range of services will not only help you plan for the implementation of GDPR, but can advise on which of our managed services can provide the enduring support to protect your personal data.

Prices start from £995

GDPR Gap AnalysisOur gap analysis will undertake a high level assessment of the processes, technological controls and governance of personal data, controlled or processed, by each organisation. A clear and concise number of recommendations against the applicable regulation articles will form the basis of any GDPR implementation plan.

GDPR Data InventoryAs a stand-alone deliverable from the gap analysis, our data flow inventory will map out the different types of personal data, controlled or processed, by each client and will map the data flows to produce a better understanding on how personal data should be stored, controlled and destroyed.

BORDERPOINTGDPR mandates that appropriate organisational and technical controls should be in place to protect personal data. BORDERPOINT continuous protective monitoring provides you with the assurance that your personal data is protected from the cyber threat.


VIRTUAL CYBEREXECUTIVES

Designed to provide support and guidance at affordable prices on all topics of information security, our Virtual Cyber Executives are available to help an organisation when needed. This could be to facilitate the implementation of a cyber road-map, manage an information security incident, advise on the latest cyber compliance regulations or assist in the deployment of new security architecture.

Prices start from £950per day

Virtual Chief Information Security Officer - vCISO

Our ‘go to’ service, offering specialist advice on how to manage your information security requirements and programmes. Designed to work at board level, our vCISO can provide the specialist support to link your people, process and technology cyber initiatives.

Virtual Chief Technology Officer - vCTO

Linking your IT programme with your information security requirements may require a specialist security architect to ensure a joint and coherent programme. Our vCTO will bring the expertise required to make sure your technology suits your business needs.

Virtual Data Protection Officer - vDPO

As the deadline for GDPR approaches, the importance of having an established DPO in place to lead the implementation needed to meet the new regulation increases. Our vDPO service will guide you through the implementation programme required, while keeping you updated on the latest developments.


PRICING SUMMARY

Services Pricing Summary 2017

Continuous Protective Monitoring 1 - 50 51 - 150 BorderPoint Lite £12 £10

BORDERPOINT PRICE PER DEVICE PER MONTH

DECOY PRICE PER CAMPAIGN

1 - 50 51 - 100 101+Standard Phishing Campaign Users Users UsersOne-Off Phishing Campaign £395 £595 POAAdvanced Phishing CampaignOne-Off Advanced Phishing Campaign £750 £1,250 POA

FORESIGHT PRICE PER MONTH

Threat Intelligence - No. of Assets 1 - 50 51 - 100 101+Monitoring & Alerting £995 £1,495 POA

Intelligence Investigation Per Investigation Per Hour Investigation Time £75Compliance Checks Per Check Basic Check £75Enhanced Check £149Advanced Check £595

VIRTUAL SECURITY EXECUTIVES PRICE PER DAY

Virtual Chief Information Security Officer (vCISO) £950Virtual Chief Technology Officer (vCTO) £950Virtual Data Protection Officer (vDPO) £950


PRICING SUMMARY

Services Pricing Summary 2017

Instructor Based Training 1 - 30 30+Level 1 Training - 2 Hours £145 POALevel 2 Training - 2 Hours £145 POA

USER AWARENESS TRAINING PRICE PER DELEGATE

CYBER ASSESSMENT PRICE

Cyber Security Review £2,995Vulnerability Assessment £1,495Penetration Testing £4,995Red Team Exercise POA

CYBER CERTIFICATIONS PRICE

Cyber Essentials Certification £395Cyber Essentials Gap Analysis & Certification £995Cyber Essentials Plus Certification £1,995ISO 27001 Gap Analysis £1,995ISMS Management & Evidence Collection £950 per dayISO 27001 Certification Support £950 per day

GENERAL DATA PROTECTION REGULATION - GDPR PRICE

GDPR Gap Analysis £2,995GDPR Data Inventory £995

Executive Level Briefing PRICE

Executive Board Briefing - 1 Hour £995


Cyber Services Catalogue...2017/09/01 · CCS2000 Ltd, 6 Brewery Close, Barker Business Park,...

Documents

Transcript of Cyber Services Catalogue...2017/09/01 · CCS2000 Ltd, 6 Brewery Close, Barker Business Park,...