Cyber Security

Give Your Business The Resilience It Needs To Succeed We don’t believe in marking our own homework and so we have invested in a market-leading cyber security company. Our dedicated Cyber Security sister company, Cyber Security Associates (CSA), is led by the best cyber specialists in the market. This separation, with its own leadership, allows CSA to be arm’s length from our IT managed services and ensures an independent review of anything we provide.
image-blobs_men-in-server-room

Get in Touch!   

What we offer

Cyber Assessments

The Partner You Need To Uncover And Address Hidden Gaps In Your Security

To successfully protect your business, whether large or small, against cyber threats, it’s essential that you begin by identifying where your security weaknesses lie. At CSA we believe undertaking a full cyber risk assessment is an essential part of any organisation’s management strategy which is why we make it a priority for our clients. From there we will work with you to build a robust and personalised plan of action with effective mitigation and protection that is suited to your needs.

Consulting

The need for enlightened governance

Navigating the cyber security landscape can be daunting without the right expertise. Consulting services from CSA can help you navigate this evolving landscape and avoid the pitfalls that many businesses fall into.

From bespoke policy development and incident response, all the way to the creation and implementation of a tailored cyber security management framework, CSA is here to keep you, your business and your data secure.

Cyber Executives

A Service From Your Trusted Security Partners At CSA

The team at CSA includes certified Information Security and Data Security professionals who can offer organisations advice and guidance when it is unaffordable or simply unnecessary to employ an individual full-time.

CSA can provide cyber executives both remotely and on-site in the following core roles.

Security Operations Centre

Keep Your Organisation Secure With A Trusted, Managed SOC

Providing Real-Time Context, Visibility and Control

Advanced 24/7 cyber protection from CSA’s SOC as a Service, proactively protects your business against cyber threats to maximise business protection and minimise business risk. Utilising industry leading technology, expert insights and remediation excellence, we can monitor existing security infrastructure and devices alerting you to ALL confirmed incidents to keep your business and data secure.

Monitoring & Detection

A Proactive Approach To The Evolving Cyber Threat

You can’t defend what you can’t detect, we provide an extensive solution that encompasses external threat intelligence monitoring and incident detection to provide real-time alerts across your technology stack.

Protection

Keeping Your Private Data Private

Primary Managed Services Security Provider (MSSP) of AppGuard in the UK, providing real-time protection against all endpoint and server ransomware and malware with a patented solution.

Response

Expert and friendly training to develop a cyber-secure culture within your organisation

CSA’s team has the ability and knowledge to deal with any cyber attack from advanced targeted attacks to less sophisticated attacks that bypass your existing security infrastructure. In the unfortunate event of a cyber attack, it is essential to get the right support quickly to get a clear understanding of the situation and control the breach in order to put in place an effective incident response plan.

Training

Fast, Effective Response When You Need It

The best way to avoid a cyber attack is to equip yourself and your company’s workforce with the necessary knowledge and skills to improve overall cyber security awareness and hygiene. CSA training helps you add to your toolbox so you can rest safe in the knowledge that your business is armed against cyber attack.

Get in Touch!   

Cyber Assessments

The Partner You Need To Uncover And Address Hidden Gaps In Your Security

To successfully protect your business, whether large or small, against cyber threats, it’s essential that you begin by identifying where your security weaknesses lie. At CSA we believe undertaking a full cyber risk assessment is an essential part of any organisation’s management strategy which is why we make it a priority for our clients. From there we will work with you to build a robust and personalised plan of action with effective mitigation and protection that is suited to your needs.

About Our Assessment Process

 Cyber security assessments are an important tool to identify vulnerabilities in any organisation’s defences, validate the effectiveness of security controls and processes, and provide the support and advice required to address security risks.

Preventing breaches in cyber security in the first instance is our main priority at CSA, as early detection provides the opportunity to address security flaws before they can be exploited by cybercriminals.

Investing in secure networks does cost, but the price is incomparable to the cost of addressing a successful attack and undoing the damage left behind by a hacker. This includes the physical costs and potential GDPR fines (up to 4% of turnover) as well as the cost of commercial and reputational damage. It is a simple case of prevention being less costly than the cure.

At CSA, we offer different areas of cyber security assessments carried out by a team of experienced and certified cyber professionals. A number of CSA’s advisors are former UK Government cyber operations specialists who bring extensive Governmental and Industry cyber experience and expertise. At least one member of the assigned testing team will hold the Certified Information Systems Security Professional (CISSP) certification, in addition to bespoke cyber technical certifications and qualifications such as OSCP (Offensive Security Certified Professional).

A key solution for any organisation wanting to implement the best security practices whilst using M365

Although there are hundreds of configuration settings in each M365 tenancy, Microsoft does not automatically apply all the security settings and, as a result, can leave the tenancy and user accounts vulnerable and open to compromise. Keeping businesses secure and their data protected means using the intelligent built-in Microsoft security features that are often not implemented or used to their full potential. CSA’s Microsoft 365 Security Assessment is a key service for any organisation wanting to ensure they have implemented the best security practices whilst using M365 and maintain good cyber hygiene in their M365 tenancy. 

CSA can conduct a full assessment of your company’s M365 instance to ensure you have all the necessary security controls correctly configured. Following the assessment, you will receive a report on our findings, as well as a technical assessment on the specific controls that need to be changed (each control to be changed will be based on the criticality of exposure). We can also assist in implementing and amending the required controls on your M365 tenancy for added peace of mind.

A questionnaire and interview-based assessment designed to identify key gaps and areas of focus

A maturity and gap analysis assessment identifies the differences between the current, ideal and comparity state of data security within your company. It is a thorough assessment with various stages to gauge the level of cyber security maturity and understand control gaps where it would be best to focus your attention and budget. Following the assessment our expert CSA team will be able to define a quick win mitigation plan and help your company exercise reasonable governance over your cyber security, as well as devise an efficient next steps plan.

Assessment of cyber risk and controls against recognised frameworks: NIST, ISO 27001 and NCSC CAF (Cyber Assessment Framework)

The next step after deciding to complete an assessment is to determine the scope and scale. Understanding the goals of your cyber security assessment will help determine the type of framework that will work best for you. At CSA we offer two of the two of the most recognised: NIST and ISO 27001 to identify Improve upon and help provide comprehensive cyber security guidance. Our expert team also offers NCSC CAF (Cyber Assessment Framework) to provide guidance for organisations responsible for vitally important services and activities.

Expert-led vulnerability scan of IT infrastructure to identify potential risks and key gaps

Scanning for technical vulnerability can identify and address any security exposures before attackers can exploit them. CSA collects data and evidence through a number of available sources and uses scanning tools to scan all IP addresses on the network and to identify vulnerabilities such as out of date software and patches.

The assessment report will show a detailed network map of all endpoints which can be referenced against the companies IT asset register. Any devices that have been unofficially added to the network are identified - rogue devices are seldom hardened or secured and therefore introduce unwanted risk to the network.

This assessment is also used as a pre- Cyber Essentials Plus assessment,the Cyber Essentials Plus requires that networks covered by the certification are scanned for vulnerabilities every six months,  this is good practice whether you are certified or not.

Identifying security holes in a network or application that a potential attacker could breach

At CSA, we use a methodical approach to penetration testing to uncover any weak spots. Once found, they are remedied to close any vulnerabilities before they can be exploited by a cybercriminal. We use the latest toolsets and hacking methodologies to test the defences of specific applications, servers, routers, networks and other devices, within scope systems, looking for a potential foothold. The foothold is then exploited to see how far the network can be penetrated. Every vulnerability found is documented with recommendations on how to address the issues to mitigate any future risk. 

Policies and processes specifically designed to reflect an organisations current situation and to cover essential areas of operation aligned to either US NIST, ISO 27001 or framework of choice

CSA’s high level cyber audit produces a report which includes a maturity level rating with recommendations on how the organisation can improve in each area following policies and processes that are designed for you. We also offer our expert consultancy services following completion of the assessment to help implement some, or all, of the recommended actions aligned with controls against recognised frameworks.

CSA partners with a Certification Partner and Certified Provider to provide the formal assessment

Cyber Essentials is a certification designed to provide a statement of the basic controls your organisation should have in place to mitigate the risk from common cyber threats. Backed by the UK Government, the certification is developed by NCSC and ensures a safer internet space for organisations of all sizes and across all sectors. CSA provides the certification in partnership with a Certification Partner and Certified Provider as the best first step towards a more secure network to protect your business from cyber security breaches.

The certification defines a focused set of controls which provide clear guidance on basic cyber security for your business and offers a sound foundation of cyber security measures that all types of businesses can implement at a low cost. CSA helps businesses gain this certification and enables them to show their commitment to cyber security adding to their credentials as a trustworthy and secure company!

A simulated ransomware attack that identifies vulnerabilities in IT systems and infrastructures

The deployment speed, level of destruction, lasting reputational damage and extortionate costs it takes to recover, together render ransomware one of the most immediate dangers faced by the UK.

The best way for an organisation to prove their defences can protect them if ransomware was deployed onto their IT systems and infrastructure is to put it to the test. At CSA, we designed our Ransomware Attack Simulation Service to do just that.

Undertaken by our team of expert cyber professionals, the service tests your IT defences and incident response capabilities by issuing a real-time ‘benign’ ransomware attack. Deployed safely and under the visibility of your own team, our simulated ransomware software will mimic an attack on your IT services and demonstrate what would happen to your IT systems if a real-life incident took place.

Following the ‘benign’ attack, we will be able to assess where any vulnerabilities lie, should there be any, and make recommendations on corrective actions and solutions to help strengthen your IT defences for the future.

Get in Touch!   

Consultancy

The need for enlightened governance

Navigating the cyber security landscape can be daunting without the right expertise. Consulting services from CSA can help you navigate this evolving landscape and avoid the pitfalls that many businesses fall into.

From bespoke policy development and incident response, all the way to the creation and implementation of a tailored cyber security management framework, CSA is here to keep you, your business and your data secure.

Our Consultancy Service

Designed to provide support and guidance at affordable prices on all topics of information security

Since the company first started, CSA has been providing a wide range of cyber consultancy services to clients in various industries. Our cyber consultancy services are delivered through specialist research and development or via Virtual Information Security Officers for both remote and on-site consultancy roles. With our services, we can help to facilitate the implementation of a cyber road-map, manage an information security incident, advise on the latest cyber compliance regulations or assist in the deployment of a new security architecture.

CSA recognises that a range and depth of consultants will be required, at different rates according to the requirement, and therefore have 4 levels of consultants to deliver what is required across a wide range of topics.

CSA has years of experience in implementing cyber projects in several areas and market sectors

Our team will be able to assist in ISO 27001, PCI and GDPR implementation projects, alongside other specialist cyber areas. Each of our Cyber Project Managers can work both within a team or as an individual, providing the highest level of service required to implement a cyber project to time, cost and performance.

The CSA Security and Operations Centre (SOC) consists of several cyber professionals responsible for the day-to-day detection and analysis of cyber events and incidents. This same team is available to conduct detailed incident response investigations, provide specialist technical and support and complete bespoke projects. In addition, each of the SOC team has experience in face-to-face coaching and mentoring of practical cyber topics which include using a cyber range and building cyber projects based on the Raspberry Pi computer.

A resilient cyber security strategy is essential for any organisation that wants to run smoothly whilst protecting and defending against evolving cyber security threats.

At CSA we understand that companies are forever faced with resource constraints, escalating threats, and complex IT environments that make it hard for them to strategically protect data to align with business and cyber security goals. This is where developing a robust security road-map is useful as it allows businesses to align security processes with business goals optimising overall cyber security posture.

A solid road-map is a powerful way for organisations to stay on track with where they are and where they need to go to be more effective, with all the tools in place on how to get there. Businesses can remain in line with IT initiatives and secure against cyber threats without compromising on business goals.

Designing, creating and maintaining security systems that provide sturdy infrastructure to protect your business from hostile cyber attacks.

Our expert team of security architects are the key for building and maintaining your organisation's IT network, including computer systems and data. Combining security software and appliance solutions, we protect businesses from cyber attacks thanks to an agile approach that adapts to the ever-evolving cyber threat landscape.

We understand that businesses are consistently engaging in digital transformation initiatives as they expand, grow and develop their IT services. Our teams are on hand to help defend and protect against cyber threats with a flexible architecture that is based on a Zero Trust framework.

Consultancy Process
The three phases of our consultancy process

Strategy

Defining of your information security strategy and your corresponding program

Implementation

Supporting the roll-out of your cyber programme and projects

Support

Helping you find the solutions to keep your business running as safely as possible

Get in Touch!   

Cyber Executives

The team at CSA includes certified Information Security and Data Security professionals who can offer organisations advice and guidance when it is unaffordable or simply unnecessary to employ an individual full-time. CSA can provide cyber executives both remotely and on-site in the following core roles.

Virtual Chief Information Security Officer – vCISO

Providing specialist advice on how to manage information security requirements, risks and programmes. Designed to work at Board level, our vCISO can provide the specialist support to manage your long-term strategy, connecting your people, processes and technology cyber initiatives.

Virtual Chief Technology Officer – vCTO

Linking your IT programme with your information security requirements requires a specialist security architect to ensure a joint and coherent programme. Our vCTO will bring the expertise required to make sure your technology suits your business needs and has the space to evolve as your business needs evolve.

Virtual Data Protection Officer – vDPO 

With GDPR and the updated Data Protection Act now established within the UK, it is important to understand what is required to meet the high standards of data security. Our vDPO service will ensure your data security risk is as low as possible and that you have implemented everything needed to meet the standard, while keeping you updated on the latest developments.

Get in Touch!   

Security Operations Centre

 Advanced 24/7 cyber protection from CSA’s SOC as a Service, proactively protects your business against cyber threats to maximise business protection and minimise business risk. Utilising industry leading technology, expert insights and remediation excellence, we can monitor existing security infrastructure and devices alerting you to ALL confirmed incidents to keep your business and data secure.

Why Choose A CSA Managed SOC?

CSA provides a full suite of flexible Managed and Virtual Security Operations Centre (SOC) services which are ideal for organisations that prefer to outsource their SOC to an expert team. Our UK based SOC is operated by a team of experienced cyber security analysts overseen by CSA founders James Griffiths and David Woodfine; both of whom have extensive experience in setting up and operating SOCs for large corporate organisations including the Ministry of Defence and the Bank of England.

SOC as a Service is a viable and cost effective alternative to the expensive set up of an in-house SOC. Many organisations that have attempted to take on the challenge, have been stung by the cost of operating an SOC 24/7 and faced the difficulty in recruiting and retaining security analysts. Save yourself the hassle and let CSA provide a high-quality service that you know you can rely on.

 

We provide the Security Information and Event Management (SIEM) platform as part of the CSA fully managed service or we can provide virtual SOC services for organisations that prefer, or have already committed to a particular SIEM platform. We are here to work to find the best solutions for you and your business.

There is no quick fix when it comes to cyber security, but your ability to proactively identify, defend against and mitigate cyber threats can be the difference between swift remediation and potentially devastating financial repercussions, damage to your reputation or loss of commercially sensitive data.

CSA's expert team are all government security cleared so you know you are in safe hands.

  • Proactive Security Operations
  • Best of Breed Security Technology
  • Continuous Security Improvements
  • Hassle Free
  • Cost Effective
  • Born In Cyber

Get in Touch!   

Monitoring And Detection

A Proactive Approach To The Evolving Cyber Threat

You can’t defend what you can’t detect, we provide an extensive solution that encompasses external threat intelligence monitoring and incident detection to provide real-time alerts across your technology stack.

CSA provides services to over 35,000 devices across the globe with a market-leading product offering extended detection and response. Without expert knowledge, many organisations waste time by investigating unreliable alerts, meanwhile genuine threats can go undetected for an average of 146 days. That is plenty of time for a cyber criminal to gain access to sensitive and private data! 

Part of an effective cyber security defence is having robust monitoring and detection services in place so you can be on the constant lookout for security threats lurking in any network traffic. Monitoring and detection is a proactive and advanced approach to cyber security that not only detects suspicious activity, but actively hunts down threats, monitors cyber security 24/7, assists in rapid breach incident analysis and responds to eliminate threats from the system before they become an issue.

BorderPoint

A state-of-the-art security incident detection service providing real-time subscription-based monitoring service.

Delivered by our experienced cyber analysts, BorderPoint is a continuous protective threat monitoring and detection capability designed and implemented by CSA to identify and detect cyber threats in real time so that customers can be notified of new potential vulnerabilities and attacks and advised on appropriate remedies.

ForeSight

Gaining intelligence of external threats through rigorous monitoring before they threaten your business.

CSA’s cyber intelligence assessments use our unique combination of open and closed source intelligence feeds designed to detect threats outside of an organisation's normal working environment across websites, Dark Web, social media and more. With these feeds we can draw up a comprehensive analysis of the potential source of an attack, the likely methods and techniques that can be used by an attacker and the potential impact on a business. 

Get in Touch!   

Protection

Keeping Your Private Data Private

Primary Managed Services Security Provider (MSSP) of AppGuard in the UK, providing real-time protection against all endpoint and server ransomware and malware with a patented solution.

Prevent cyber threats becoming a cyber attack with effective protection from CSA. We are the primary MSSP of AppGuard in the UK, a patented solution that has never been breached, and offer on-going support to keep you and your business protected.

AppGuard is different from traditional cyber security solutions since it is not an anti-virus and does not operate through a detect and response system. Instead, AppGuard gets in there first by simply preventing all attacks at the kernel level in real-time against everything: zero day, memory scraping, code injection, weaponised documents, and more.

Protecting your business from cyber attacks in the first place is the most secure and cost-effective method of cyber security. CSA’s AppGuard Solo, AppGuard Enterprise and AppGuard Server products offer robust effective protection to companies of all sizes and industries.

World-class protection delivered in real-time against all endpoint and server ransomware and malware.

 

CSA is both a distributor and the Managed Services Security Provider for AppGuard which is a low profile technology that works on IT and OT whether connected to the internet or not.

AppGuard Solo is a user self-managed endpoint protection system for laptops and desktops that is ideal for home or remote working devices. Using patented ‘Isolation’ or ‘Blocking’ technology, AppGuard Solo completely and easily protects applications that are vulnerable or are likely targets of attack. Already used throughout the US for 20 years, the AppGuard technology has never been breached.

AppGuard Enterprise is a centrally managed host-based endpoint protection solution that prevents malware and all advanced attacks from harming the system. Its capability is built around the AppGuard isolation technology to ensure that business end points are always protected. Unlike Anti-Virus, it doesn’t require regular updates regardless of changes to your IT. Fast and simple to deploy, AppGuard Enterprise provides the ideal protection suite for your business that allows your operations to continue while blocking suspicious operations designed to stop your business.

AppGuard Server is a zero trust host-based endpoint protection agent for Windows and Linux servers, centrally managed from the same system as agents for laptops and desktops. Unlike alternatives that must quarantine and restore a server at any indication of possible malice, AppGuard Server allows mission critical Apps to run safely until a scheduled maintenance window, even if suspicious processes have elevated privileges. AppGuard footprint is 10 to 200 times lighter than alternatives in terms of CPU, memory, install size, and network bandwidth.

Advanced cloud-delivered mobile security to protect any device that goes everywhere you do

The move to remote working has seen more and more organisations rely on mobiles and tablets to routinely access corporate data. However, a big problem amongst corporate businesses is that mobile security is often overlooked, which can create a gap in security architecture.

While the cyber threats on mobile devices are similar to desktops, securing them requires a completely different approach. Since the use of mobile devices goes hand in hand with the Cloud, an endpoint-to-cloud security solution makes the most sense to add to your architecture. Lookout Mobile Endpoint Security is an endpoint-to-cloud solution designed to address the ever-evolving mobile security requirements.

Delivered via the cloud, Lookout protects iOS, Android, and Chrome OS with endpoint detection and response built by expert threat researchers. Being cloud-based, it removes friction, increases usability and convenience, enables user freedom and reduces operational costs when compared to a collection of standalone solutions.


Powered by the Lookout Security Graph, it scales to hundreds of thousands of endpoints, uses an optimised lightweight app for processor performance and battery life, and cloud modules enable you to customise the solution to meet your needs.

Get in Touch!   

Response

Fast, Effective Response When You Need It

CSA’s team has the ability and knowledge to deal with any cyber attack from advanced targeted attacks to less sophisticated attacks that bypass your existing security infrastructure. Whilst we focus on ensuring robust strategies for our clients, we are also on hand to support when the worst happens, we can take control and eliminate the threat, quickly and efficiently. In the unfortunate event of a cyber attack, it is essential to get the right support quickly to get a clear understanding of the situation and control the breach in order to put in place an effective incident response plan.

Crisis Response Process

CSA’s Incident Response Process

Crisis Response Process

CSA provides 24/7 on-call initial response support to cyber incidents via a phone-call or video conference, typically involving email investigations.

We utilise our full suite of tools to correlate and analyse your data to determine the scope of the incident and identify ‘systems of interest’ to ensure that the investigation is focused on the relevant systems first.

Deployed Response

CSA will advise on the providers that can deploy to your location to assist in any containment and response activities.

Isolate and Protect

Systems of interest are tested using a range of tools to identify anomalies and focus the investigation on specific ‘hosts of interest’.

After thorough investigation, CSA will deliver a full report detailing: Summary of findings, Incident timeline, Recommendations to contain or remediate for the short and long term.

CSA will deploy AppGuard onto an infected IT infrastructure to isolate and stop a malware infection from spreading further.

Get in Touch!   

Training

Expert and friendly training for all abilities to develop a cyber-secure culture within your organisation

The best way to avoid a cyber attack is to equip yourself and your company’s workforce with the necessary knowledge and skills to improve overall cyber security awareness and hygiene. CSA training helps you add to your toolbox so you can rest safe in the knowledge that your business is armed against cyber attack.

Discover our training courses

Our interactive e-Learning courses are ideal for large companies that do not have the time to conduct face-to-face cyber security training sessions. The courses allow your team to deepen their understanding at a time and pace that suits them. For smaller companies CSA recommends our webinar training sessions that are designed for immersive and personal training.

CSA also offers insightful simulation exercises designed to test your company’s response against real cyber attack scenarios. The security breach scenarios are a beneficial way to identify where additional training may be required. Gaps can also be identified with CSA’s bespoke phishing campaigns that are designed to test incident response and validate training. CSA also designed the Cyberdea™ Zone to provide a safe and friendly training environment to encourage cyber security education through collaboration and teamwork.

Find out more about each of these training services below

CSA’s individual e-Learning courses are delivered through an interactive web-based portal to deliver courses covering a wide range of cyber security issues, attacks as well as other organisational issues including GDPR. The portal can be configured to deliver training on almost any subject with course lengths ranging from 30-45 mins or as little as 5-10 mins for a shortened version.

CSA’s cyber security webinar training is the perfect solution for remote learning when face-to-face sessions are not possible. Ideal for teams of 20-30, the webinar sessions are designed around specific subject matters delivered by our industry experts. These sessions are available as 1 or 2 hour sessions and are interactive with discussions and questions.

CSA’s expert-led desktop simulation exercises are realistic tests against an organisation’s cyber security, designed to test emergency or specific cyber incident responses across multiple teams. Each bespoke exercise will deal with a specific subject matter and lasts for 1-2 days with the potential to involve multiple participants.

Available to be scheduled as required, our one off or programmed bespoke phishing campaigns are designed to test incident response, validate training or identify training gaps. These services do not require specialist infrastructure or technology and can be scheduled as part of an ongoing programme.

The CSA CyberDea™ zone offers an immersive and practical experience using our Cyber Range and library of hands-on Cyber Pi projects. Training sessions can be conducted off-site and in the future we hope to extend this training to virtual environments.

Why choose our training?

With CSA you can guarantee you and your business are in safe hands. Our team of experts have years of experience working both in public and private sectors for organisations such as the Ministry of Defence, so we know a thing or two about cyber security! During our training we impart our wealth of knowledge in a way that is informative, effective and digestible.

Following one of our training or e-Learning sessions, your company and workforce will be better equipped to efficiently and rapidly combat security breaches with confidence. It is good practice to make sure that a high-level of staff awareness exists to reduce a costly mistake or missed threats.

At CSA, we believe that every business deserves a robust knowledge of cyber security, which is why we offer a wide variety of training for you to choose from. You are sure to find the right session to fit with your specific needs, budget and time allowance.

Some of our Clients

czech
dentsu
msung
norfolk
onemain
hewlett
jtb
ana
bnymellon
aol
pentel
grant

Get in Touch