Solutions

Create, Improve, Maintain your Security IT Shield

2015 stats on organisation security breaches. SME 74% up from 60%. Large organisations 90% up from 81%
Cyber crime is an increasing concern for all organisations, regardless of size. "SMEs have not historically been the target of cyber crime, but in 2015 something drastically changed.” Toni Allen, UK Head of Client Propositions at the British Standards Institute, tells the Guardian newspaper. With a reported 60% of SME who suffer a significant cyber breach going out of business within 6 months of the breach business need to protect themselves online.

Whitgift Security offers high quality IT security services targeted to SME’s who want to protect their business and enhance the overall security of their information systems. Services are delivered by industry-certified professionals, providing practical effective advice and solutions focusing on meaningful results. Small or large, your request will be met with expert advice, individual attention and practical solutions
  Services Include:

Outsource Risk Management

Diagram impact vs possibility

Outsource management of your security risk to a qualified professional. A Whitgift Security consultant can serve as your Information Security Officer (ISO) to advise on best practise, create policies, organise accreditations, plan for attack, update devices etc. An affordable service tailored to your company, fulfilling your security needs.
More Information

Cyber Security Accreditation

Accreditation symbols for Cyber essentials and cyber essentials plus and IASME consortium self assessment and certificed

Demonstrate to your customers you care about protecting their data through accreditation.

Whitgift Security is a certifying body providing independent assessment and certification for the UK Government Cyber Essentials scheme and IASME certifications. These standards, allow SMEs to demonstrate their level of cyber security.

Whitgift Security can help you reach the required standards, apply and get these certifications in the most cost-effective way possible.
More Information

Deep Dive
Workshops

Graphic of workshop - presentor point to blackboard with two attendees

Workshops designed to provide advice and solutions
• Protecting Business Online. A series of workshops addressing different aspect of cyber security from governance to protecting devices, accounts to tactical planning for an attack.
• Preparing your organisation for General Data Protection Regulations (GDPR) which come into force 25th May 2018
More Information

  Customising Your Digital Shield

Globe at centre with computers as spokes outwards. Whitgift shield covering part of the globe
Work with Whitgift Security to create a digital security shield to protect your business online, or review your current set up and resolve any security weaknesses. Services are customised to individual requirements ensuring its size and placement fit your requirements and your budget.
More Information

Outsource Security Risk Management

Diagram impact vs possibility
New and up-coming IT security regulations and the ever-increasing chances of cyber attack mean that every SME needs proper IT Security Management.

An Information Security Officer (ISO)'s role is to be visibly accountable for security, outlining for business management the information-related risks that may impact the organisation, and proposing mitigation plans. Small Businesses generally do not have an ISO as they don't have the budget and don't need someone full-time. Often a business will assign someone with the accountabilities even though the individual may not understand the risks or how they can be mitigated.

Using Whitgift Security ISO Services your business can now afford your own personalised professional ISO services to manage your security, scaled up or down to meet your needs.

Levels of Service

  Basic

Whitgift Security ISO working with your organisation on average 1-2 days a month. Typical activities include:
  • Ensuring you have the best security you can afford
  • Developing security improvement plan
  • Reviewing implementation quarterly
  • Completing bi-annual review of security risks
  • Managing annual Cyber Essentials self assessment certification
  • Managing externally provided vulnerability testing of website and onsite computers

Standard

A Whitgift Security ISO working with your organisation on average 2-3 days a month. Typicalactivities as Basic with
  • Reviews conducted more frequently.




Additional activities include:
  • Delivering standard Security Awareness Training
  • Reviewing security policy and Continuity planning

 VIP

A Whitgift Security ISO working with your organisation on average 2-3 days a month. Typicalactivities as Standard with
  • Reviews conducted more frequently.
  • Delivering more frequent and customised  Security Awareness Training
Additional activities include:
  • Facilitating Continuity Plan exercises
  • Managing IASME audited certification of one site.
  • Developing security policies
  • Managing security incidents
If you are interested in discussing how a Virtual Information Security Officer could help your business, please email me or use the Contact form to arrange a no-commitment discussion
.
More Whitgift Security Services :

Security Accreditation

Organisations can use accreditation to reassure customers that they are following a defined level of cyber security protects their data. It can also be a way of benchmarking the security controls that are in place and help prioritise improvement plans.

Whitgift Security can help you prepare for Cyber Essentials and IASME accreditations providing a customised improvement plan to enable you to pass the certifications. Like an MOT these certifications need to be updated annually to ensure that the changing infrastructure is maintained in a secure manner.

Whitgift Security is a certification body for Cyber Essentials, IASME and IASME Audited accreditations.
Badges for Cyber Essentials and Cyber Essentials plus. Dark Blue quear box with pale blue/green tick with words Cyber Essentials superimposed. For Cyber Essentials Plus also contains the words PLUS

Cyber Essentials

Cyber Essentials is the UK Government backed and industry-supported scheme for a basic level of protection against cyber attack. To see recommended controls click here


Having passedCyber Essentials organisation can opt for Cyber Essentials Plus providing more assurance that you are complying with the Cyber Essentials Scheme than the basic self-assessment level. To gain this certification there is testing of both internal and external networks and computers.

For more information on Cyber Essentials Click here
IASME Consortium badges for self certified and Audited. Yellow circle containing white tick with tect IASME Consortium. Self-Certified badge has text Self-Certified company below circle. IASME Audied has the words GOLD certified compant below the circle

IASME

The IASME Standard is a great stepping stone between Cyber Essentials and the Security Gold Standard of ISO27001. Building on the technical controls of Cyber Essentials IASME requires that a basic information security management system is in place with optional assessment against the GDPR requirements. The standard has been tailored specifically for small companies so is a realistic and affordable way for SMEs to demonstrate that they are following best practice.

Having passed the IASME Certification organisations can opt to have their responses verified by an independent auditor, proving they following best practice.

For more information about the IASME standard click here
To gain either the Cyber Essentials Certification or IASME certification organisations self-assess that they have implemented the controls with responses reviewed by an independent qualified assessor. Organisations who pass the certification
  • can use the Cyber Essentials and/or IASME Certification badge on publicity material including websites
  • can opt to have £25K cyber insurance (conditions apply)

  Support achieving your chosen Accreditation

  Basic Self-Assessment

Organisation completes online self-assessment questionnaire. Assessor reviews your responses and where appropriate comments on how to improve security to become compliant.
For organisations who pass, certificate is issued and cyber insurance arranged whereappropriate

  Costs

Cyber Essentials From £300
IASME From £400

  Checking Service

Are you are worried that you might not pass your chosen certification? Or you want to benchmark your security controls without taking the accreditation yet?
Have your self-assessment answersreviewed by a certified Whitgift Security security professional before submission. We will provide you with recommendations what needs to be rectified, and how it could be rectified, to pass self-assessment certification.

Fee does not include accreditation.

  Costs

Cyber Essentials From £120
IASME From £240

  VIP Service

Have a certified Whitgift Security security professional work with you to gain your chosen accreditation. We will
  • Facilitate completion of self-assessment questionnaire including working directly with your IT suppliers to gather required information
  • Provide recommendations about what needs to be rectified and how it could be rectified to pass certification,
  • Work with your team(s) to improve your security to enable the business to pass.
Costs include accreditation.

  Costs

Cyber Essentials From £1200
IASME From £2400

CE Plus & IASME Audited

Having passed your self-assessment certification Whitgift Security can facilitate your organisation gaining either Cyber Essentials Plus or IASME Audited.

  Costs

The cost will depend on the size and complexity of your organisation and network
  For answers to some of the common questions about Accreditations click here

Ready to start with your chosen accreditation?

To get started with accreditation please email me with your contact details and the accreditation service you want take up. I will send you a preparation workbook and payment details.


If you are interested in further information about the various accreditations, or would like a copy of the questions please please email me or use the Contact form to arrange a no-commitment discussion.

More Whitgift Security Services :

Deep Dive Workshops

Graphic of workshop - presentor point to blackboard with two attendees

  Protecting Business Online

Small businesses have the same IT needs, if not greater, than larger ones; they just don’t have the same budget. While it is true that being cyber secure costs money, effective cyber security is a lot more affordable than you might think.

Sir Iain Lobban, ex-GCHQ Director, estimates 80% of attacks could be thwarted by basic security measures such as updating software. This series of workshops provides practical advice on the basic controls everyone should have in place and explores how they could be implemented.

Do you need practical advice to
  • understand what needs protecting and why?
  • understand what you should be doing
  • explore how additional measures  could be implemented
Help is at hand with our Protecting Business Online Workshop Series

  Protecting Business Online

The clock is ticking - the General Data Protection Regulations (GDPR) come into force 25th May 2018, representing a significant change to data privacy regulations.
Do you need to …
  • Understand key points of new legislation
  • Identify current risks and exposure
  • Produce your compliance action plan
Help is at hand with our GDPR Workshop
Click here for more information
Whitgift Security runs open workshops on a regular basis in London, or can come to your company and provide specially-tailored events.

If you would like to discuss any of the workshops email me for a no-commitment discussion.

  Introduction to Protecting Business Online

Do you lie there wondering if your website’s safe? Have your customer records gone for a walk without you? Who’s your data hanging out with? What really happens online when you’re not looking? Many business owners think making their computers or their websites secure is going to be complicated and expensive. So they just put off tackling it. Sometimes forever.

The truth is, though, that protecting your business online does not have to cost the earth or mean you need a PhD in computer science. There’s a lot you can do simply, easily, even for free. This practical workshop provides insights into
  • Cyber crime – what is it and how are you targeted
  • Understanding and implementing the cyber basics
  • Demonstrating you take security seriously
Email me for dates & booking this FREE workshop

 Workshops are managed through Eventbrite. For full details, to discover dates and book yourself on a workshop click the workshop names to be taken to the relevant page on Eventbrite.
When you book the workshops as a series you get a discount - click Series button to get the discount.
Cyber Security Governance & Policies
Security leadership starts from the top. This workshop explores frameworks suitable for SMEs to put in place, identifying the best way to manage security for the organisation including ensuring security risks have been considered and policies defining necessary security measures are in place.

Know your Organisation
With limited resources you can’t do everything. This workshops provides a framework to identify the data, people, technology and processes that are important for your organisation. It explores the key legislation to protect sensitive data and the associated organisational policies required. With this clear focus you can then identify how to best use limited resources to protect your clients, your data and your organisation.
Incidents happen, are you ready to Respond?
33% of small organisations reported a security breach in 2015. With the new EU Data Protection Legislation organisations will need to be ready to able to report breaches to the Information Commissioner's Office within 72 hours. This workshop explores how to prepare for an incident to enable your organisation to respond quickly and efficiently in case of attack, or if something

Protect Your Accounts
Most of us want to “be connected” all of the time, be it for work or fun. This workshop explores how the adversary uses our online presence to trick us and exploit our assets to make them money. We all need to “think before we click” on a link, or to connect to a network, or give or publish information with practical advice on protecting accounts for online services.

    Protect Your Network
    You depend on your IT network for important organisation operations, probably including communication and sales. This workshop explores the framework of security measures for protecting your organisations network and the data it holds. With many organisations extending their networks into the cloud, security considerations when selecting cloud providers and basic measures for protecting your organisations website are also explored.

    Protect Your Devices
    Isaac Asimov’s sentiment “I do not fear computers. I fear the lack of them.” is even more relevant today with our increasing dependence on our devices - PC’s, laptops, tablets and smartphones. This workshop explores simple effective protection to safeguard the devices individuals use to access data. Keeping them in a healthy state keeps your data secure and the devices running efficiently.

      Are you ready for GDPR?

    The clock is ticking - the General Data Protection Regulations (GDPR) come into force 25th May 2018, representing a significant change to data privacy regulations.
    Some of the key changes include:
    • If you process data about EU citizens, you must comply
    • The definition of personal data is broader
    • The rules for obtaining valid consent have been changed
    • Some organisations will need a data protection officer (DPO)
    • Data processors and controllers share responsibility
    • Data subjects have a number of new and improved rights
    • New restrictions on international data transfers
    • Breaches to be notified to ICO within 72 hours of discovery
    • Higher penalties - higher of 4% global revenue or €500,000
    It is essential that businesses understand their upcoming obligations, the impact on their systems/processes and what actions are needed to ensure compliance. Topics include
    • Key requirements
    • Management of data protection in your organisation
    • Likely impact on current systems and processes
    • Impact on Direct Marketing
    • New Obligations including data access requests, breach notification and sharing data with third parties
    • How implementing a cyber security policy assists in GDPR
    • Privacy by design including impact and risk Assessments
    • Developing a Compliance Action Plan
    The workshop includes templates for Data Registers and Impact Assessments and will help you understand what you need to do to prepare, where the responsibilities lie within your organisation and the resources you’ll need going forward.
    Email me for dates & booking this workshop

    If you are interested in further information about the various workshops, please email me or use the Contact form to arrange a no-commitment discussion.

    More Whitgift Security Services :

    Creating your Digital Shield

    Whitgift Security offers high quality security services delivered by industry-certified professionals which are practical, effective and focused on meaningful results. Contact me and discover all that can be offered.

    Services include

    Right size and placement - Security Management

    Globe at centre with computers as spokes outwards. Whitgift shield covering part of the globe

    Core to having the right shield in the right place for your business is the right balance of compliance, process, standards and metrics.

    Services include
    • Virtual ISO
    • Risk management
    • Compliance
    More Information

    Understanding the holes - Security Assessment

    Diagram impact vs possibility

    In a constantly changing environment you need to regularly check what holes there are in your shield, and its strength. Assessments provide you with the actionable data you need to make informed, practical decisions about protecting your business.

    Services include
    • Information Security Healthcheck
    • Benchmarking against recognised accreditations
    • Security Education
    More Information

    Creating the strength - Security Tools

    Accreditation symbols for Cyber essentials and cyber essentials plus and IASME consortium self assessment and certificed

    Security tools are a building block of your protective shield , finding the right way to protect your business and resolve any security weaknesses.

    Services include:
    • Security Awareness Training
    • Policy Development
    • Continuity Planning andIncident Response
    • Implementing solutions to protect, networks, applications, e-mail, web.
    More Information

    Getting the right size and placement of your shield - Security Management Services

    Virtual ISO (Information Security Officer)

    Outsource management of your security risk to a qualified professional. A Whitgift Security consultant can serve as your Information Security Officer (ISO) to advise on best practise, create policies, organise accreditations, plan for attack, update devices etc. An affordable service tailored to your company, fulfilling your security needs.

    Outsource

    Risk management

    Risk Management is a simple process where your risks - the things that are most likely to become security issues - are identified and addressed.

    We can work together to create an effective Risk Management program helping ensure that security investment decisions are based on security and the impact on your business

    More Information

    Compliance

    Compliance with statutory and commercial regulations can be confusing, frustrating and time-consuming if your efforts aren't aligned with your information security objectives. can tailor the necessary compliance activities into a unified, practical plan that also considers available budget and resources.

    More Information

    Security Assessment Services - Understanding the holes in your shield

    Security Education

    Many business owners are worried about the impact of cyber crime on their businesses, but don’t understand what the issues are or how to start protecting themselves. Whitgift Security has devised a series of practical workshop providing insights into cyber crime and how are you targeted and advice on how to protect your business.

    Workshops

    Information Security Healthcheck

    The Security Healthcheck helps you understand if you are compliant with privacy laws and other regulations, if are you effectively managing your IT services, and if the data supporting your most critical business processes is secure. Assessments provide you with the actionable data you need to make informed, practical decisions about protecting your business
    More Information

    Benchmarking against recognised Accreditations

    Organisations can use accreditation to reassure customers that they are following a defined level of cyber security protects their data. It can also be a way of benchmarking the security controls that are in place and help prioritise improvement plans.

    Accreditations

    Creating the strength of your shield - Security Tools

    Policy Development


    Security policies fulfil many purposes for example they define your businesses stance on security, setting the rules for expected behaviour to protect people and data; define monitoring practices and consequences of violation. Through effective policies the cyber risk is minimised and it’s easier to track compliance with regulations and legislation. Together we can develop effective policies which match your business needs.

    More Information

    Continuity Planning
    and
    Incident Response

    The Business Continuity Plan (BCP) is an essential tool setting out how you will operate following an incident and how you expect to return to ‘business as usual’ in the quickest possible time afterwards. Do you need help in developing an effective BCP which matches your business requirements?

    Incident response ensures your business is prepared to respond to a security breach. A structured, deliberate response to an incident can significantly reduce the resulting from a breach. Do you need help in creating your incident response plan? Or want comfort in knowing that you don’t have to deal with an incident alone
    More Information

    Security Awareness 
    Training

    Security Awareness Training is about changing people's behaviours’. With the right trainers, content, tools and attitudes, you can be compliant with regulations and make your people secure. Whitgift Security has standard workshops to reduce the risk of organisations becoming a victim of cyber crime. Customised training programs specifically designed for your needs can also be developed.

    Workshops

    Implementing solutions to protect, networks, applications, e-mail, web.

    Having established the deficiencies in the IT that supports your business, solutions need to be designed and implemented. find solutions that match your security stance and budgets
    More Information

    Find out if you need to change your shield to protect your business

    Would a conversation help you understand what might be needed to protect your business online? Please email me or use the Contact form to arrange a no-commitment discussion.

    Share by: