You want to comply with basic cyber security best practice to protect your business. You need to demonstrate compliance with standards or legislation to transact with your customers.
You need to handle sensitive or classified information to conduct your business. You want to optimise your business potential by demonstrating cyber security excellence.
You may be involved in national security, CNI or public safety – and be highly attractive to serious threat actors. You may need to protect valuable intellectual property.
The Houses of Parliament engaged Ascentor to provide experienced guidance to implement a cloud information assurance process from scratch.
We quickly introduced a risk appetite statement for both Houses that reflected the concerns of the two SIROs and laid the groundwork for how information risks were to be treated.
The assurance process is now well-established. Risks are regularly reappraised and managed to ensure they stay consistent with the risk appetite statement and continually improve.
SeeByte UK engaged Ascentor to provide independent guidance to form a centralised approach to security that satisfied customer expectations in meeting multiple standards.
SeeByte UK and Ascentor worked together to develop a strategy to simplify and demonstrate its existing alignment with complex and varied cyber security and information assurance requirements.
Based on Ascentor’s advice and guidance, SeeByte UK was able to make informed decisions about the most pragmatic approach to take.
The Office for Nuclear Regulation (ONR) engaged Ascentor to help develop a risk-based assessment methodology for CS&IA inspections of List N facilities.
The findings of our inspections built a risk-informed picture of the maturity of CS&IA arrangements across 26 List N facilities.
The client commented on Ascentor’s “proportionate, pragmatic and flexible approach” which has significantly accelerated ONR’s ability to improve CS&IA-focused regulatory oversight across List N facilities.
This nuclear energy company engaged Ascentor as an independent Design Authority to strengthen cyber security assurance on design projects.
We engaged with a wide group within the business and conducted a cyber security assessment with improvement recommendations in just 20 days.
The client was impressed with our in-depth knowledge of the challenges of delivering cyber security into complex environments and the clarity of our delivery.
This major MOD programme involved development of a complex bespoke system for use in a high threat environment.
Ascentor helped the prime contractor deliver a fully compliant system in accordance with the MOD policy and requirements in just under four months.
The system subsequently achieved full accreditation and Ascentor was asked to support the prime contractor on another project.
This MOD delivery team needed security advice and guidance on an operationally important project demanding highly specialised capability.
Ascentor’s advice and guidance were commended by the accreditor and information asset owner (IAO).
The accreditor commented that the Security Assurance Coordinator (SAC) consultant from Ascentor was: “One of the best SACs I have worked with.”
The MOD needed security advice and guidance for this UOR to core project – used to procure equipment to support military needs in an emergency.
Ascentor assigned one of its qualified CESG Certified Professional Security and Information Risk Advisor consultants to support the project, achieving a successful transition in three months.
The accreditor endorsed the deliverables as well as Ascentor’s pragmatic and cost-effective approach.
Resilient, a pioneering provider of smart voice services, engaged Ascentor to help guide their security improvement and certification journey.
They needed to reduce risk and also wanted customers to have confidence and trust in Resilient as a safe and secure service provider.
Ascentor’s support steered Resilient down a smooth certification path towards a strong security culture – while avoiding the common pitfalls that can waste time, effort and money.
Public sector organisations and departments hold high value and sensitive information assets. We have a background in government security and specialise in the provision of bespoke public sector advice.
Holding government information brings complex security challenges. Our experience with government supplier companies helps protect all types of information and sustains businesses for the future.
Protecting information from risk is a growing priority for any business. We help identify and reduce business information risk, put controls in place and achieve the relevant standards.
Building business resilience – through Information Security, Business Continuity and Disaster Recovery
How strong is your business resilience to threats to IT, information and physical security? And how can security standards like ISO 27001 and ISO 22301 help?