CESG launches Certified Cyber Security Consultancy Scheme targeting Government and industry

The home of GCHQ and CESG in Cheltenham, Gloucestershire

The home of GCHQ and CESG in Cheltenham, Gloucestershire

CESG, the ‘information security arm’ of GCHQ, has announced the launch of a new scheme which will provide Government and industry customers with expert advice configured to meet their cyber security needs.

The Certified Cyber Security Consultancy Scheme is a new approach designed to help Government, the wider public sector and industry obtain the right cyber security consultancy services and, by doing so, help them to protect their information and conduct business online in a safe and secure manner.

This new scheme will provide a wide range of consultancy services delivered by commercial companies and assessed by CESG to meet the demand for high quality, tailored, expert advice in the field of cyber security.

Against a backdrop of increasingly complex and sophisticated cyber threats, and the Government’s need for secure IT solutions as it puts more and more services online, demand for trusted cyber security advice is set to grow. The new approach will help to meet that demand by fostering partnerships with commercial companies of all sizes, offering Government and industry access to a wide choice of trusted suppliers.

Using its deep technical expertise as the National Technical Authority for Information Assurance, CESG has set the standard for cyber security consultancy against which industry suppliers of cyber security advice will be evaluated.

Ciaran Martin, GCHQ’s director general for cyber security, commented: “The launch of this scheme is a big step forward for cyber security in the UK. There’s only so much an organisation like GCHQ can and should do directly. This new scheme will significantly enhance the pool of trusted cyber security advice available from private providers.”

To achieve certification, companies must demonstrate a proven track record of working with customers and show that they maintain an awareness of the cyber threat environment, giving Government and other customer’s confidence in the advice they receive.

Customers will be able to select the most suitable cyber security consultancy from a list on the CESG web site.

Certified Cyber Security Consultancy Scheme: the fine detail

Companies are assessed and certified by CESG and must meet CESG’s standards in order to achieve certification. The assessment tests that the company is of good standing, has practical experience and knowledge of the customer set and understands and maintains awareness of the cyber threat environment.

Prospective customers for Certified Cyber Security Consultancy will need to consider which services they need. Cyber security is a broad and complex discipline so customers may also wish to seek the advice of an independent advisor to act as a ‘client friend’ in order to help them define the services they need.

The services and advice customers can expect from a Certified Cyber Security Consultancy include:

*Governance
*Policy and Standards
*Information Security Strategy
*Legal and Regulatory Environment
*Risk Assessment
*Risk Management
*Security Architecture
*Information Assurance Methodologies
*Incident Management
*Audit and Review

Crown Commercial Services will provide a framework contract through which customers can procure the services of certified companies, making procurement both quicker and easier. CESG expects that customers of the new service should not see an increase in the cost of their consultancy under this initiative.

CESG encourages customers to provide feedback on their experiences of Certified Cyber Security Consultancy and the service they have received through this initiative at any time or during the regular reviews of company performance CESG intends to introduce.

CESG is the UK Government’s National Technical Authority for Information Assurance and protects the vital interests of the UK by providing policy and assistance on the security of communications and electronic data, working in partnership with industry and academia.

*Further information can be found online at: http://www.cesg.gov.uk/Pages/homepage.aspx

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts