Category Archives: Government Information Security

Preparation makes perfect – how to pass Cyber Essentials PLUS first time

How to pass CE+ first time

 

 

 

 

 

 

 

 

As anyone who’s ever run a race will know, it’s all about the preparation. As the saying goes, ‘if you fail to plan – you plan to fail’. The Government’s Cyber Essentials (CE) scheme is no different, especially at the Cyber Essentials PLUS (CE+) level where more work is involved.

Ascentor is an accredited certification body for CE, licensed by the IASME Consortium. In every case where clients have followed our advice at CE+ level, they’ve passed first time. So, we thought we’d share some of our preparation tips and give an insight into our process. Continue reading “Preparation makes perfect – how to pass Cyber Essentials PLUS first time” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The NIS Directive explained – compliance and guidance

NIS Directive explained

 

 

 

 

 

 

 

 

The Chinese have just celebrated the start of The Year of the Dog. But for anyone with responsibility for data security in their organisation, it’s very much ‘The Year of Regulation’. You’ll have heard plenty about the General Data Protection Regulation (GDPR), but what about the European Union’s other piece of security legislation, the Network and Information Security (NIS) Directive?

May is going to be a busy month in cyber security, with the NIS Directive being transposed into national law on 9th May, quickly followed by the GDPR on 25th May – as if you needed reminding. Continue reading “The NIS Directive explained – compliance and guidance” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

A look back at cyber security in 2017

2017 cyber security year in focus

 

 

 

 

 

 

 

 

If ever there was an article that started with a prediction that came true – it was our very first post of 2017, looking at the year ahead.

We quoted John Chambers, CEO of Cisco who had recently said “There are two types of organisation: those that have been hacked and those that don’t know they’ve been hacked.” We predicted it would increasingly be a case of ‘not if but when’. And, as we all know by now, this year it was very much ‘when’.

So, join us for a look back at some of the cyber security issues and incidents we covered in 2017. Continue reading “A look back at cyber security in 2017” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

How to prepare your company for achieving List X

Top secret file

 

 

 

 

 

 

 

 

Here at Ascentor we get many companies asking us how they can become a List X company. The answer is always the same – it is not something that you can just do; you must have a contract, usually with the MOD, that requires you to hold sensitive government assets on your own premises. However, there are a few things you can do to prepare if you think a contract may be forthcoming.

This blog aims to give you a few hints and tips about some pragmatic steps you can take to get you up and running as a List X company much quicker. Continue reading “How to prepare your company for achieving List X” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Ascentor expands capabilities on Digital Outcomes and Specialists 2

Digita

 

 

 

 

 

 

 

 

Public sector organisations, agencies and associated bodies can now buy more Ascentor services through the Digital Outcomes and Specialists (DOS) Framework.

Ascentor’s cyber security and information assurance consultants have a background in government security and extensive experience in a variety of Information Assurance (IA) disciplines. In the second iteration of the DOS framework, Ascentor’s Digital Outcomes capabilities cover a range of security topics – IA certification, policy, threat modelling, risk management, infrastructure reviews and firewall audits. We can also offer project management, and process and system auditing. Continue reading “Ascentor expands capabilities on Digital Outcomes and Specialists 2” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

‘Not if but when’ – 2017 UK cyber security in focus

2017-uk-cyber-security

 

 

 

 

 

 

 

 

2017 is Ascentor’s thirteenth year in information risk management. Over the years we’ve helped public and private sector organisations address the challenging landscape of cyber security and information assurance. Each year brings different threats – those we already recognise evolve, others are completely new. At the same time the legislative horizon changes as new standards and regulations come into force.

We started 2017 by quoting a tweet from John Chambers, CEO of Cisco, that is as good as any in describing the challenges of the year ahead. “There are two types of organisation: those that have been hacked & those that don’t know they’ve been hacked.” So, it’s increasingly a case of ‘not if but when’ – and a lot of household-name organisations know how painful that felt last year. Continue reading “‘Not if but when’ – 2017 UK cyber security in focus” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The UK Cyber Security Strategy 2016-2021 – A New Sheriff in Town?

UK cyber security strategy 2016

 

 

 

 

 

 

 

 

On 1st November 2016, the Chancellor of the Exchequer launched the latest UK Cyber Security Strategy. In a year that has seen rising international tensions around hacking, Philip Hammond commented that hostile “foreign actors” were developing techniques that threaten the country’s electrical grid and airports.

The £1.9bn new strategy will also help enlarge specialist police units that tackle organised online gangs – and contribute towards the education and training of cyber security experts. The programme is funded until the end of 2020. Continue reading “The UK Cyber Security Strategy 2016-2021 – A New Sheriff in Town?” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Cyber security in perspective – a look back at 2016

Year 2016

 

 

 

 

 

 

 

 

As we reflect on 2016, there are two stand out events that dwarf every other piece of news this year – the decision of the UK to leave the EU and the election of one Donald J Trump.  Both put cyber security in the spotlight in 2016 for different reasons – from the confusing to the bizarre.

But it wasn’t just the changing political landscape that caught our eye. Many organisations were affected by ransomware attacks and one high profile business discovered just how costly the on-going fall-out from their data breach would turn out to be.

So, let’s look back at 2016 through the cyber security lens of Ascentor. Continue reading “Cyber security in perspective – a look back at 2016” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The Future of Information Assurance Accreditation

Checkbox on digital screen

 

 

 

 

 

 

 

 

Ascentor’s Paddy Keating attended the SUAC – Accreditors’ Professional Update and Development Event 2016 on 2-3 November 2016. One of the main topics regarded the future of accreditation within government centred on a recent consultation paper entitled Assuring Information Services for Government prepared by the Accreditation Specialism Advisor Group (ASAG).

The paper identified some drivers for change including efficiency, quality and speed but it also identified the underlying problem of accreditation and accreditors themselves having bad press. Here are Paddy’s reflections on the day. Continue reading “The Future of Information Assurance Accreditation” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Supply Chain Cyber Security – defeating the weakest link (Part 1)

Cyber chain 2

 

 

 

 

 

 

 

 

It’s an everyday story but it could happen in your business – right under your nose and far more easily than you could have imagined. Who’d have thought that a contractor would cost millions in lost revenue and nearly bring the business to its knees? But that’s what a weak link in your supply chain cyber security can do.

Picture the scene… Brian parks in the street around the corner from work and walks down the side of his company building. The back door, propped half open by the fire extinguisher, makes entry a breeze. He takes off his balaclava and walks down the corridor to the server room. Brian provides IT support to this and other local companies and, as IT system administrator, he has the keys to the server room door… Continue reading “Supply Chain Cyber Security – defeating the weakest link (Part 1)” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share