Certification and Accreditation
Existing client’s have selected Bridewell services to help them to achieve their certification and accreditation requirements. This includes producing risk assessments, policy documents and implementing security standards.
The services are also used to support clients who have specific Government or Defence Accreditation requirements to achieve. Bridewell consultants hold CCP certifications, security clearances and are experienced in a variety of risk assessment methodologies (e.g., IS1/2, IRAMv2), producing RMADS and are knowledgeable on a number of common security standards and frameworks (NIST, ISO, OWASP).
Fulfill Your Resourcing Requirement
Recruitment and retention of cyber security resources is a common business challenge. Internal resources may not have the experience or capacity to fulfil a strategic or priority business need.
Bridewell services provide access to certified and experienced consultants who can hit the ground running, have strong communication and problem solving skills. Often drawing on past experiences from similar engagements, Bridewell consultants can advise on solutions and approaches to meet individual client situations and business needs.
Effective Cyber Security Risk Assessment and Management
Our cyber security risk assessment and management services enable clients to make informed decisions and to effectively understand the risks they face.
This ensures that any investments made in cyber security are risk-informed and provide appropriate mitigation.
Key Challenges Addressed
For organisations in government, the wider public sector and critical national infrastructure, it is challenging to find suitably accredited and experienced consultants that can deliver cyber security projects at scale. This can be problematic given that these organisations may lack the technical expertise and resources necessary to ensure security is embedded throughout their operations.
Even with existing certified individuals, it is often challenging to find individuals and companies with vast expertise across the technical or unique environments such as multiple private clouds, hybrid cloud, DevOps environments and operational technology. This is where Bridewell’s expertise is applied to enable clients to achieve effective and successful outcomes.
Without access to the appropriate skills and capabilities, businesses often have an incomplete understanding of their cyber security posture, risk mitigation, and the potential impact a security incident could have on their operations. This makes it difficult to maximise the value of their cyber security investment, conduct risk assessments, and ensure they achieve compliance with relevant regulatory frameworks. Utilising skilled and experienced consultants enables a business to achieve it’s goals effectively and on the first attempt, often in support of achieving strategic business objectives or to fulfil compliance requirements.
How it Works
Bridewell’s NCSC Services are tailored due to each organisation’s specific requirements and required business outcomes. Bridewell place a large emphasis on fully understanding our client’s requirements, as this is crucial to ensuring the technical and overall business outcomes are achieved and where possible exceeded in our engagement.
Many organisations choose to work with Bridewell, as the NCSC endorsement is a sign of quality and assurance. Organisations actual requirements have ranged from establishing an enterprise risk management framework, through to application of deep cloud security expertise.
Bridewell is certified by the NCSC to offer the following services:
Bridewell methodologies have been utilised across some of the largest global brands and critical infrastructure organisations, certified by the NCSC. Many of our consulting team members help design and drive innovative approaches to industry challenges, in addition to helping shape industry guidance across areas such as cyber risk, assurance, and architecture.
Consultancy firms can become certified by the National Cyber Security Centre (NCSC). Becoming a recognised, certified cyber security consultancy firm allows companies to give their clients and customers independent, expert cyber security advice from a pool of certified professional NCSC Assured Service Providers.
This accreditation is aimed at providing government departments, the wider public sector and Critical National Infrastructure (CNI) with regular support on a wide and complex range of cyber security issues. Consultancies who become NCSC-certified have proof that the services they deliver meet NCSC’s standard for high-quality, thorough, recognised, bespoke cyber security advice.
The services are tailored to meet individual client needs.
Projects are scoped in a collaborative manner, with agreed timescales and deliverables.
Clients can raise feedback or complaints.
NCSC endorsed Head Consultant’s for each service review project progress, deliverables and quality standards.
Common NCSC CCSC deliverables include risk assessments, gap analysis, workshops, reports and remediation plans. Bridewell can present findings and recommendations to client’s, answering any questions or concerns that client’s may have.
Bridewell has consultancy and managed service experience across a range of sectors, including:
Critical National Infrastructure (CNI);
Oil & Gas;
Commercial and Retail.
Bridewell will discuss with each client the sensitivity of data and the controls and assurances required.
Ways of working with be agreed with each client to clarify which systems and technologies are to be used.
Only authorised staff members, with appropriate security clearances will have access to project information.
Bridewell maintains a range of certifications, including ISO 27001 and Cyber Essentials Plus to assure our own systems.
Use of threat intelligence and protective monitoring services from the Bridewell CREST Certified SOC.
Labelled, Classified, Handled, Stored and Disposed of in compliance with Customer requirements and Bridewell policy.
Implementation and continuous improvement of a Bridewell Management System, with supporting policy, process and procedures.
Implementation of industry best practice for network security controls.
The Bridewell CCSC services have access to consultants across the various Bridewell teams, including
Governance, Risk and Compliance
Certifications include ISO 27001 Lead Implementers/Lead Auditors, CISSP, CCSP and CISM
ISO, NIST, PCI-DSS knowledge and experience
Including AWS, Azure and GCP certifications and experience
IAPP professionals and fellows
CREST certified CSIR
Security Operations Centre
Microsoft Azure experience
CREST certified SOC
Consultant CV’s can be shared with clients upon request. Security vetting requirements can also be discussed.
Cyber Security Insights
We’re here to help, so to speak with our team and learn more about how Bridewell can benefit your organisation, just complete the below form and one of our experts will be in touch.
Related Cyber Security Services
ISO 27701 Consultancy
Design, implement and review the foundation of your organisation’s cyber security program in consultation with a leading cyber security services provider.