Crown Commercial Services partners with CyberCX
CyberCX has been named as a supplier on Crown Commercial Service (CCS) Cyber Security Services 3. Crown Commercial Service (CCS) is an Executive Agency of the UK Cabinet Office, supporting the public sector to achieve maximum commercial value when procuring common goods and services.
Developed in partnership with the National Cyber Security Centre (NCSC), CCS Cyber Security Services 3 is the only compliant way to access NCSC-assured service providers for the public sector. This means that the supplier has met the NCSC’s standards and has a clear understanding of current and potential cyber threats and techniques, as well as potential effective mitigations.
CyberCX is a global cyber security company with offices in the UK, US, Australia, and New Zealand. With a workforce of over 1,200 professionals working with private and public sector organisations, helping their customers confidently manage cyber risk, respond to incidents, and build resilience in an
increasingly complex and challenging threat environment.
Crown Commercial Services has set up a flexible commercial agreement that offers an extensive range of cyber security services to help improve organisational cyber resilience and security posture. This dynamic purchasing system (DPS) is available to all UK central government departments, wider public sector organisations and charities. The services available fall under the following categories: NCSC assured services, cybersecurity consultancy and advice, penetration testing, incident responses and managed security services.
Charlie O'Connell, CEO (UK), CyberCX says: “I am delighted that CyberCX has been named as a supplier on Crown Commercial Service’s (CCS) Cyber Security Services 3. Our inclusion on Cyber Security Services 3 reflects the high standards we have set as a company, which we will continue to deliver via the new framework for our public service clients."
What's on offer through the Cyber Security Services 3 scheme?
Cyber consultancy and advice
Services include: strategy, transformation partners, risk assessment, risk management, security architecture, audit and review, training, policy development, security specialists, security supply chain analysis, and assessing compliance with regulatory and industry standards. Risk assessment and training should be carried out regularly to ensure your cyber security approach is up to date.
Penetration testing
Conduct an authorised test of either your computer networks or systems, to highlight any security weaknesses.
Authorised testing partners will use the same tools and techniques a potential attacker would use. They will report on any vulnerabilities and make recommendations for remediation. CHECK is the scheme under which NCSC-approved companies can conduct authorised penetration tests of public sector systems and networks. Companies on the CHECK scheme are available through the DPS. These companies’ use approved testing methodology, and their experienced testers hold NCSC approved qualifications, and security clearances.
Managed security services
Remote monitoring or management of IT security functions. Services include: identity and access management, managed detection and response, security device management, co-managed services, managed endpoint security and security command centres.
Incident management
Help and expertise in planning for, and responding to, a significant cyber attack. It is advised to have this service in place as part of your business continuity and disaster recovery plan, as it is too late once a cyber attack has occurred. Suppliers on NCSC’s Cyber Incident Response scheme which certifies companies that specifically deal with sophisticated, targeted attacks against networks of national significance are available through the DPS.
Data destruction and IT sanitation services
Secure erasure of sensitive data and disposal of IT media and assets using audited destruction procedures.
