SMEs figure strongly in move to emphasise services of companies rather than individuals on new framework for cyber consultany
CESG has added momentum to its Certified Cyber Security Consultancy scheme with the announcement of the first six companies to receive the certification, and the creation of a procurement framework in an initiative with the Crown Commercial Service (CCS).
BNS Cyber, C3IA Solutions, Evolve Secure Solutions, Info-Assure, OCF IT Security Consultancy and Stratia Consulting have all been been given the go ahead to provide consultancy to government and industry under the Security Architecture, Risk Management and Risk Management service. Most of the six are SMEs.
Their services are being made available through a new Cyber Security Services Agreement, which is open to all public sector organisations.
It takes in risk assessment and management, security architecture and support for business critical cloud and digital requirements. CCS said that over the year it plans to add services on audit and review, incident management, information assurance methodoligies, and policy and standards.
CESG, the information security arm of the Government Communications Headquarters (GCHQ), launched the scheme in June of last year, shifting its certification of services from individual advisers to companies. It said this makes it easier for organisations to respond to the growing number of increasingly complex cyber threats, at a time when industry and government are putting more services online.
Ongoing process
Ciaran Martin, GCHQ's director general for cyber security, said; "I’m pleased that we have certified these six companies. This is just the start of an ongoing process to build a wide pool of trusted cyber security advisors for our customers."
Public sector customers can procure cyber security services through the Cyber Security Services agreement, created with Crown Commercial Service.
CESG said it is planning to introduce further service offerings during the year. Earlier this month it made changes in its information assurance consultancy costs for the new financial year, saying it would help provide a better focus on cyber security priorities.
Update: CESG announced on 17 February that Cisco systems is to join the scheme, providing consultancy on sdecurity architecture.
Image: Harland Quarrington/MoD, Open Government Licence v1.0 through Wikimedia.
This story was amended on 15 February following the announcement of the framework.