Category Archives: Government Information Security

Ascentor expands capabilities on Digital Outcomes and Specialists 2

Digita

 

 

 

 

 

 

 

 

Public sector organisations, agencies and associated bodies can now buy more Ascentor services through the Digital Outcomes and Specialists (DOS) Framework.

Ascentor’s cyber security and information assurance consultants have a background in government security and extensive experience in a variety of Information Assurance (IA) disciplines. In the second iteration of the DOS framework, Ascentor’s Digital Outcomes capabilities cover a range of security topics – IA certification, policy, threat modelling, risk management, infrastructure reviews and firewall audits. We can also offer project management, and process and system auditing. Continue reading “Ascentor expands capabilities on Digital Outcomes and Specialists 2” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

‘Not if but when’ – 2017 UK cyber security in focus

2017-uk-cyber-security

 

 

 

 

 

 

 

 

2017 is Ascentor’s thirteenth year in information risk management. Over the years we’ve helped public and private sector organisations address the challenging landscape of cyber security and information assurance. Each year brings different threats – those we already recognise evolve, others are completely new. At the same time the legislative horizon changes as new standards and regulations come into force.

We started 2017 by quoting a tweet from John Chambers, CEO of Cisco, that is as good as any in describing the challenges of the year ahead. “There are two types of organisation: those that have been hacked & those that don’t know they’ve been hacked.” So, it’s increasingly a case of ‘not if but when’ – and a lot of household-name organisations know how painful that felt last year. Continue reading “‘Not if but when’ – 2017 UK cyber security in focus” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The UK Cyber Security Strategy 2016-2021 – A New Sheriff in Town?

UK cyber security strategy 2016

 

 

 

 

 

 

 

 

On 1st November 2016, the Chancellor of the Exchequer launched the latest UK Cyber Security Strategy. In a year that has seen rising international tensions around hacking, Philip Hammond commented that hostile “foreign actors” were developing techniques that threaten the country’s electrical grid and airports.

The £1.9bn new strategy will also help enlarge specialist police units that tackle organised online gangs – and contribute towards the education and training of cyber security experts. The programme is funded until the end of 2020. Continue reading “The UK Cyber Security Strategy 2016-2021 – A New Sheriff in Town?” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Cyber security in perspective – a look back at 2016

Year 2016

 

 

 

 

 

 

 

 

As we reflect on 2016, there are two stand out events that dwarf every other piece of news this year – the decision of the UK to leave the EU and the election of one Donald J Trump.  Both put cyber security in the spotlight in 2016 for different reasons – from the confusing to the bizarre.

But it wasn’t just the changing political landscape that caught our eye. Many organisations were affected by ransomware attacks and one high profile business discovered just how costly the on-going fall-out from their data breach would turn out to be.

So, let’s look back at 2016 through the cyber security lens of Ascentor. Continue reading “Cyber security in perspective – a look back at 2016” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The Future of Information Assurance Accreditation

Checkbox on digital screen

 

 

 

 

 

 

 

 

Ascentor’s Paddy Keating attended the SUAC – Accreditors’ Professional Update and Development Event 2016 on 2-3 November 2016. One of the main topics regarded the future of accreditation within government centred on a recent consultation paper entitled Assuring Information Services for Government prepared by the Accreditation Specialism Advisor Group (ASAG).

The paper identified some drivers for change including efficiency, quality and speed but it also identified the underlying problem of accreditation and accreditors themselves having bad press. Here are Paddy’s reflections on the day. Continue reading “The Future of Information Assurance Accreditation” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Supply Chain Cyber Security – defeating the weakest link (Part 1)

Cyber chain 2

 

 

 

 

 

 

 

 

It’s an everyday story but it could happen in your business – right under your nose and far more easily than you could have imagined. Who’d have thought that a contractor would cost millions in lost revenue and nearly bring the business to its knees? But that’s what a weak link in your supply chain cyber security can do.

Picture the scene… Brian parks in the street around the corner from work and walks down the side of his company building. The back door, propped half open by the fire extinguisher, makes entry a breeze. He takes off his balaclava and walks down the corridor to the server room. Brian provides IT support to this and other local companies and, as IT system administrator, he has the keys to the server room door… Continue reading “Supply Chain Cyber Security – defeating the weakest link (Part 1)” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Passwords? It’s enough to give you a headache

Password headache

 

 

 

 

 

 

 

 

 

Life was so much easier when all we had to remember was a 4 figure PIN to get money from the cashpoint machine. Nowadays we need passwords for almost everything we do online and most people have many accounts and registrations that require passwords, which we are meant to remember – it’s enough to give you a headache.

We are told by every budding security geek that our passwords need to be strong or complex, that they should be at least so many characters long, that we shouldn’t re-use them, that we shouldn’t write them down, that we should change them regularly, that we should… STOP – rewind that last bit… We are now being told we don’t have to change passwords regularly – HOORAH! Continue reading “Passwords? It’s enough to give you a headache” »

avatar

Bert Curtin

Senior Information Assurance Consultant at Ascentor

More Posts

Share

Reflections on CyberUK in Practice – CESG’s government security conference

CyberUK

 

 

 

 

 

 

 

Ascentor went to the ‘CyberUK in Practice’ event in Liverpool on the 24th and 25th May, organised by CESG. Bringing government, industry and the wider public sector together, the event addressed how we can collectively make the UK safer online.

Over 900 delegates attended, with 60 speakers from government and industry. There was no shortage of topics covered and new developments shared. Indeed, Alex Dewdney, Director of Cyber Security at GCHQ described the event as a ‘step change in how government does cyber security.’

So, with a little time to reflect on the event, we’ve summarised what we thought were the main cyber security discussion points for government and industry. Continue reading “Reflections on CyberUK in Practice – CESG’s government security conference” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Cutting through the confusion: Government Information Assurance changes explained (part 3 of 3)

Lost and confused signpost

 

 

 

 

 

 

 

Part 3 of 3. This is the third in a series of blog articles where Ascentor discusses some of the recent UK Government Information Assurance changes – and what they mean for you.

Written to be concise, they explain the essential ‘need to know’ facts and implications with links to read further should you wish.

This time our lens has a European focus as we cover two EU regulations that could have a significant impact on the protection of UK data.

In part 3 of the series, we look at:

  • Safe Harbor and Privacy Shield
  • The EU General Data Protection Regulation (GDPR)
  • The Certified Cyber Security Consultancy (CCSC) scheme

Continue reading “Cutting through the confusion: Government Information Assurance changes explained (part 3 of 3)” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

CLAS Consultancy is dead – long live the CCSC scheme?

Certified Cyber Security Consultancy

 

 

 

 

 

 

There is a new name in the information assurance (IA) consultancy world. It’s the Certified Cyber Security Consultancy (CCSC) scheme – launched in June 2015, and sponsored by CESG, with the first cohort of consultancies recently being announced.
Continue reading “CLAS Consultancy is dead – long live the CCSC scheme?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Latest Insights

Recent Comments

    • Barry Harvey: It is perhaps surprising to hear that a generation we think of as being tech savvy is anything but....
    • David Conway: I can imagine that, even at this stage, many businesses will still be blissfully unaware of this...
    • Sonja Jefferson: Are you going to be offering that training for ‘normal, non-techie people that now have...
    • Dave James: @Colin Robbins: Yes, Its really illumintaing isnt’t it. Provides a bit of context to the recent...
    • Colin Robbins: Very interesting report. I find it staggering that 26% of companies had not briefed their boards on...
  •  
    Buy Cialis in UK