Government Procurement Service
|
|
- Patrick Price
- 8 years ago
- Views:
Transcription
1 Government Procurement Service PwC and the G-Cloud: knowledge, experience, value V1.0 PwC Service Definition 9: G-Cloud Cyber Security Design and Assurance 06 October 2015
2 Table of Contents G-Cloud Procurement Vehicle... 3 Transforming business using the cloud... 3 LOT 4 Specialist Cloud Services... 4 PwC Service Definition 9: Cyber Security Design and Assurance... 6 Our cyber security experience... 9 Why PwC? Our global cloud computing network Our cloud accelerators Our cloud industry participation Our cloud thought leadership... 12
3 G-Cloud Procurement Vehicle Having worked with several central and local government clients supporting the implementation of their cloud objectives, we want to share our expertise and experience with you so that you successfully realise your cloud ambitions. There are some great cloud successes from private sector organisations that we also want to share. Transforming business using the cloud Deciding how to transform business using cloud is one of the most complex decisions enterprises are grappling with. Cloud can provide significant cost reduction, eliminate technology bottlenecks, and facilitate rapid business innovation. Generally we are seeing four primary cloud opportunities for enterprises: Implementing private and hybrid clouds for infrastructure and applications. Smart use of the public cloud for business function optimisation. Using cloud for implementing new business services. Reducing costs by only paying for the IT capacity, and new technologies, that you need and use. However, cloud is disruptive for enterprises and cloud transformation must be properly choreographed for success. We understand the realities and risks that exist, and that they should be carefully considered and understood before moving to the cloud: Availability and reliability of services and the avoidance of operational downtime is a concern that if encountered may result in lost revenue or a blemished reputation. Even large providers have experienced well-publicised service outages which, although typically last less than an hour, can disrupt a business s operations. Decentralised support structures employed by cloud service providers may increase the risk that sensitive information is viewed by unauthorised users or even competitors. This type of incident is rare, but it has been reported on at least two occasions when a large cloud service provider inadvertently shared user documents with others who had not been granted access to them. Given the limited understanding of data flow in a cloud environment, data classification, and data-handling practices employed by companies is also a concern. In several incidents hackers have guessed user passwords to gain access to confidential documents stored in the cloud and then forwarded those documents to online news outlets. In other cases, cloud service providers simply lost customer data. Compliance with data privacy regulatory requirements is a concern as many of today s privacy regulations affect where and how information can be stored or processed. The cloud model enables data to bounce swiftly around the world by using available server capacity in various geographic locations. Businesses now face new regulatory requirements that address where its data is physically stored and how it is accessed. A careful assessment of an organisation s needs and different cloud service provider s controls is required, enabling all concerns to be addressed and the correct path to the cloud is selected.
4 LOT 4 Specialist Cloud Services We are delighted to participate in LOT 4 of the G-Cloud Procurement Vehicle ITT and have responded with sixteen PwC service definitions to address your requirements: 1. Strategy and Planning Services - provides the processes, tools and capability to set the strategic direction for the programme of work and align the technical and business activities with the strategic goals of the change programme. This enables the delivery of a fit for purpose solution that meets the business need. 2. Managing Change Services - provides the processes, tools, people and capability to manage the change programme against the agreed business strategy. This service includes iterative management of the Technical Design through adherence to the Target Architecture and management of the releases through adherence to the Target Operating Model. 3. Delivering Change Services - provides the processes, tools, people and capability to deliver the strategic change programme. This includes development, and management, of roadmaps with clear delivery milestones, business benefits, releases and approval activities that enable the delivery of technology to the business that clearly meets the stated business need. 4. Oracle Business Intelligence Innovative business intelligence solutions across the full range of Oracle BI products - BICS, Cloud Analytics, OBIEE, and OBIA. Using our holistic and agile approach, we provide services for the full implementation lifecycle including BI adoption strategy, capability-building, enterprise BI solution design, implementation, maintenance and rapid deployment of analytics applications. 5. Oracle Enterprise Performance Management Services PwC help organisations make the right decisions to improve business performance though strategy development, planning, budgeting, consolidation and financial reporting using Oracle Hyperion EPM applications. Working across the Oracle EPM suite - we help clients create a blueprint, business case, design and implement the solution and provide application support. 6. Application Management Services - ITIL aligned, and ISO accredited, Application Management Services is manned by UK based dedicated managed services consultants. AMS will maintain, operate and improve your systems across a range of platforms including ERP, Business Intelligence, EPM and Cloud. Services include application maintenance, production support, service management and release and configuration management. 7. ERP Services Related to Oracle - Cloud is the direction of travel in terms of the digital transformation of business applications. PwC provide Oracle Cloud roadmap planning and readiness assessments, implementation and re-implementation consultancy and training. Our primary responsibility is to provide the best independent advice and consultancy to our clients. 8. Custom Application Development - PwC can develop Cloud customisations designed to meet your business needs. We can develop custom applications that work with your existing applications (PaaS), provide integrations to third party systems, develop custom reports and can work with other cloud service providers to construct bespoke cloud solutions (Iaas). 9. Cyber Security Design and Assurance - PwC provides a wide range of services that can help your organisation assess and build cyber security defences, as well as respond to incidents and manage and assure your cyber security capabilities. We view Cyber Security as a whole-organisation challenge and our integrated approach reflects this.
5 10. Penetration Testing and IT Health Check (ITHC) Services A true, reflective threat scenario is the starting point for any testing. This allows us to tailor the testing performed to maximize value for you. All of our testing is bespoke and in response to the real world threat scenarios experienced by our global client base. 11. Identity and Access Management (IDAM) Services - PwC will work with you to manage all enterprise and citizen identities, keep business assets secure and enhance the user experience. We support a range of technology vendors and specialise in the SailPoint and ForgeRock IdAM offerings. 12. Commercial Assurance - Our Commercial Assurance and Contract Management cloud specialists provide market-leading advice on the end-to-end contract lifecycle, identifying critical project delivery risks and providing Assurance over cloud/it projects. We combine IT technical, Data, Commercial and Financial experience to help you navigate through these risks to reach a successful outcome. 13. P3M Program and Project Assurance - Programme and project assurance helps clients realise the value and benefits of their strategic technology investments through effective programme and project management. Our approach helps manage risks by employing an integrated programme assurance risk model that encompasses programme methodology and leadership best practices with focus on technology and business outcomes. 14. engage Implementation Services -PwC s engage Implementation Services provides the processes, tools and capability to deliver digital services across national and local government, using our cloud deployed engage platform. Our approach enables the delivery of a solution that meets your business needs as well as the citizens. 15. ediscovery Cloud Services - Specialist services to implement and use cloud ediscovery systems, such as Nuix and Relativity, which enable clients to identify, collect, preserve, search, analyse and disclose data. Techniques such as forensic capture and imaging, evidence handling, data processing, data visualisation and keyword searching are used to find relevant information quickly. 16. Information Governance Services - enable our clients to identify information of value, classify it and move it to a cloud-based collaboration or enterprise content management (ECM) environment such as SharePoint. Using data profiling we identify key information risks that define record management requirements, retention and disposal policy for more efficient migration. This document provides our response to PwC Service Definition 9: Cyber Security Design and Assurance and includes a selection of our recent success stories. We have also provided some introductory information on our cloud capabilities for your reference. We hope you find the information interesting and welcome the opportunity to discuss your requirements in further detail.
6 PwC Service Definition 9: Cyber Security Design and Assurance This section describes in more detail the service features and benefits included within this service definition document. Cyber Security Design and Assurance Service Description PwC provides a wide range of services that can help your organisation assess and build cyber security defences, as well as respond to incidents and manage and assure your cyber security capabilities. We view Cyber Security as a whole-organisation challenge and our integrated approach reflects this. PwC Service Definition 9: Cyber Security Design and Assurance Service Features Assess: Understanding your capabilities and maturity to prioritise investment Build: Designing and delivering cyber security improvement programmes Respond: Rapid incident containment, investigation and crisis management expertise Manage: Threat assessment, detection and monitoring, tailored to your business Manage: Integrated managed security services Manage: Augmenting, enhancing and developing your own cyber security team Preparing or reviewing your cyber security strategy Specialist cyber/cloud consultancy, advice, risk assessments and RMADS production Cyber security audit and review planning and delivery Cyber security awareness and training. PwC Service Definition 9: Cyber Security Design and Assurance Service Benefits Fully informed investment decision making, tailored to your security priorities Faster, higher quality and lower risk cyber security transformation/delivery Rapid response to incidents, minimising damage, cost and disruption. Clear understanding of who may be targeting you, and why. Efficient and economically attractive security managed service delivery Knowledge transfer leading to a strengthened in-house security capability Independent assurance of your security strategy and implementation Trusted help to achieve secure system delivery and procurement Assurance over the security of your third party suppliers Access to a wide range of experienced cyber security experts
7 Our view on the service features and benefits within this service definition document are presented below. In an interconnected world, organisations are dependent on digital business processes. This amplifies the business and organisational impact of cyber-attacks, affecting intellectual property, financial security, operational stability, regulatory compliance, and reputation. Organisations that seize the digital advantage must be confident that they are able to manage cyber security risk. Those that are able to build trust with their stakeholders (and customers) for their digital strategies will be successful; trust that data and transactions will be safe; that identity and privacy issues have been dealt with and trust that systems and processes will be available when needed. Trust takes a long time to build but can be lost in an instant. PwC provides a range of cyber security assurance and support services that can help your organisation build and improve confidence in your digital future, enabling you to focus your cyber security investment choices and protecting what matters most to your organisation. We can help you: Become more aware of your cyber security risks Assess which threats could affect your business goals Build and adapt your defences to deal with new threats as they arise Help you respond to security incidents quickly to minimise impact and recovery time We can provide you with the full range of cyber security expertise, from business focussed experts who can help you balance the benefits of agile cloud services with cost and security implications, to specific CESG Certified Professionals (CCP). Because cyber security isn t just about technology, our approach covers people, information, systems, processes, culture and physical surroundings. The aim is to create a secure environment where businesses can remain resilient in the event of an attack. Understanding the implications of using cloud services impacts all the aspects above, and many of our clients find our insight into the security of cloud services valuable. 1. Assess PwC can help you with every stage in understanding your cyber security landscape, capabilities and maturity in order to help you decide where, and how much, you should be investing in cyber security. We can conduct an objective assessment of your current capabilities to give you assurance that your defences are both comprehensive, well aligned to your threats and risks, and are actually working properly. We have frameworks that blend the aspects of good cyber security practice and can apply them to your overall organisation in terms that non-technical/cyber people can understand and use effectively, giving you a combination of assurance through compliance to standards blended with the specifics of your own business. Our Assess set of services range from initial threat and risk assessments to a comprehensive set of assurance activities to help enable your defences to tackle the right threats and operate effectively. Our experience covers the very highest level assessments of overall cyber security strategy and how it applies to your organisation through to detailed testing of processes and technology (including penetration tests). We have worked across both leading Private sector organisations and public bodies, and our approach to assuring cyber security is being adopted by large central Government Departments. Our work across a broad range of public and private sector clients helps us to stay absolutely current with the constantly evolving threat environment, and to consider the wider aspects of your cyber security posture.
8 2. Build We can help you through the definition and planning of cyber security improvement programmes, provide objective assessments and options appraisals of market-leading security solutions and support you as you enhance your cyber security posture. We provide consultancy and advice, using experienced cyber security practitioners, including CLAS (and successor) scheme members and can help you with the design and accreditation of secure systems. This helps you build your internal business case for prioritising and investing in your cyber security capabilities, and the confidence that you will get the right solution for you when you go to market for solution elements. Our culture and change experts can help you to embed good security behaviours in your people an ever more important component of your cyber-security defences and we can look at how security can become an inherent part of your operating processes and environment. 3. Respond Most organisations now accept that significant cyber security incidents are inevitable. PwC offers a comprehensive set of incident response services, backed by crisis management expertise. Services are tailored to your specific situation, but typically include: Breach notification; Computer, network and malware forensics; Crisis management; Cyber incident legal advice including privilege; Cyber incident response and forensic investigation; e-discovery and disclosure; Fraud and ecrime data analytics; Human resource advice employee breaches; Network intrusion containment and remediation; Regulatory proceedings; Third party litigation. PwC s services can be quickly mobilised, or even held ready for faster response on a retainer basis. Our global experts can help you formulate and deliver a response to an incident that is based on sound knowledge and experience, thereby minimising the impact to your business, and can help you with the fallout from incidents with sound advice based on experience and practice. 4. Manage Managing your security is not straightforward in the dynamic and fast-moving cyber threat environment. Attackers can be relentless in their attempts to breach your security, and the rewards can be significant. We can help you to manage and maintain control of your business, enabling you to focus on your core priorities. Typical help in this area ranges from advanced threat detection and monitoring and threat intelligence (in order to give advance notice of attacks, and identify when they may be underway but without triggering your defences), through to full integrated managed cyber security services and helping you to improve the capability of your own, in-house, cyber security teams allowing you the freedom and flexibility to choose the model that best aligns with your business strategy.
9 Our cyber security experience PwC has completed many cyber security engagements, covering the full range of cyber security services, both for private sector and Government clients, and bringing insight to both communities. Selected examples are shown below, but if you would like to talk to us about our service offerings, or to find examples that are relevant to your situation, please do get in touch. Large Central Government Department PwC helped a large Government Department develop a strategy and plan for assuring cyber security across their entire estate. The key to designing a successful plan was to use a risk-based approach, underpinned by a thorough understanding of the client s information systems, processes, security functions and organisation, as well as the likely threats they faced. This was then subjected to a wide-ranging set of theoretical attacks to develop a map of the areas of highest risk. By looking at the emerging themes, we were able to propose a set of assurance activities that efficiently addressed the areas of highest risk, and test this against the client s risk appetite. The result was that the client was able to make highly informed decisions about where they should invest in cyber security assurance activities. The approach was supported by the Cabinet Office and is being repeated at several other Central Government Departments, where it has helped senior security stakeholders work together with assurance functions to agree where assurance activities should be prioritised, but without losing sight of areas where remedial work is required to address risks saving everybody time, effort and distraction. Large UK Critical National Infrastructure organisation The customer engaged with us to help re-define the security business case and strategy for their organisation. The existing security activities were observed to be ad-hoc, un-coordinated across the business and mixed in terms of quality. We provided an interim CISO to engage with their board, management and staff to resolve the positioning of the security function within the business. We proposed a programme of work to transform the group level security management function and drive security culture change throughout the business. As a result of this work, the client gained a clear roadmap for transforming its security function and has raised its international profile in global security forums for its market. PwC has been retained for the long term (5yrs) to provide a complete group level security management function whilst also representing the organisation globally at regulatory and industry security working groups.
10 Large Global Telecomms provider The client needed to be aware of threats their organisation was facing and their overall preparedness to respond and manage major crises arising from cyber attacks. The board wanted to understand the overall security posture of their information systems, if they could be compromised and the risks to the services they provide. To provide this information PwC: Conducted a strategic security review assessing the operations, governance, security management, policies and procedures. Conducted invasive penetration testing on both internal and external networks and systems. Produced device configuration reviews Examined the client Crisis management function to assess their ability to respond to a known form of cyber attack. Conducted a simulation exercise replicating a live attack scenario. Provided strategic advice on tackling key issues to the Board
11 Why PwC? Our global cloud computing network PwC is one of the leading firms in business technology advisory services providing services to support cloud engagements. We have completed a variety of cloud engagements with several central and local government clients. We have also been involved in some excellent cloud successes made by organisations in the private sector. We are confident this experience will add value to UK government engagements. We have recently been accepted onto the University College Dublin (UCD) framework agreement for Cloud Computing Advisory & Implementation Services. The insights and lessons learned from this ongoing collaboration will be applied to our future work with UK government clients. Our senior practitioners insights are regularly published in the business press and will bring a cutting edge perspective to UK government engagements. PwC has helped our clients implement private / hybrid / public clouds, transform business on the cloud, and benefit from successful cloud sourcing experiences that will be leveraged to deliver successful services to UK government clients. PwC has substantive and relevant experience in cloud infrastructure, applications, outsourcing, business innovation, change management. We have developed standardised cloud implementation frameworks, tools, processes. Our people and memberships with industry groups means that we can bring extensive industry knowledge and a proven record for delivering business transformation with technology. Our cloud accelerators Our clients tell us that the most critical element of cloud transformations is mobilising quickly, and delivering long-term business impact that is cost-efficient, timely and sustainable. With this in mind, we have developed a set of cloud accelerators allowing us to focus on helping our clients. These accelerators are: PwC Cloud Workshop Tool to identify and/or confirm cloud opportunities consistent with needs and direction of the enterprise. PwC Cloud Transformation Assessment to identify where opportunities exist to adopt cloud and assess the gap between the current state and future state. PwC Evergreen Technology Adoption methodology, enabling the adoption of point technical solutions. PwC Cloud Reference Architecture used to facilitate the incorporation of private, public, and integrated cloud computing concepts into enterprise architecture blueprints. PwC Cloud Adoption Model to identify where a client is relative to the adoption of cloud and provide a path maximising business value while minimising risk. PwC Transform, our global delivery methodology used to manage enterprise transformations.
12 Our cloud industry participation PwC is represented on several standard setting boards and task forces, helping to drive the future standards of reporting and controls related to cloud computing technology. It is this deep technical insight that we will know will add insight and value to UK government engagements. PwC is a member of the American Institute of Certified Public Accountants Task Force that develops guidance for reports on controls related to cloud computing. PwC is a member of the ISACA Cloud Task Force. PwC is a member of the Cloud Security Alliance. PwC is a member of the Information Security Forum. PwC is an Advisory Board Member on the IDC/IDG Cloud Leadership Forum. PwC is an Advisory Board Member of Cloudcor, Inc., the founder of CloudSlam and UP cloud conferences. PwC is a patron of the MIT centre for information systems research. Our cloud thought leadership PwC has established a cloud innovation lab, intending to be at the forefront of new cloud trends, identifying and exploring new business opportunities. PwC continues to publish a series of papers and publications on the cloud, a selection of which are provided below: 1. The View Cloud computing gets strategic PwC leaders discuss the growing momentum and hype around cloud computing and explain why the real story is less about technology and more about business strategy. 2. Making the move to cloud-based ERP: Balancing the risks and rewards This recent publication discusses cloud-based services as a strategy to not only reduce costs but also deliver business value through transformation and that not rushing into adopting cloudbased services is the best approach for this increasingly complex environment. 3. PwC Alumni Paper: Cloud computing: Taking advantage of the silver lining A recent PwC alumni article looks in more detail at the benefits that can be gained from cloud adoption.
13 Confidential. This document is provided for the purposes of your discussions with PricewaterhouseCoopers LLP. This document, and extracts from it and the ideas contained within it, may not be used for any other purpose and may not be disclosed to any third parties. This document does not constitute a contract of engagement with PricewaterhouseCoopers LLP, and is subject to the terms of any subsequent engagement contract that may be entered into between us. If you receive a request under freedom of information legislation to disclose any information we provided to you, you will consult with us promptly before any disclosure PricewaterhouseCoopers LLP. All rights reserved. In this document, "PwC" refers to PricewaterhouseCoopers LLP (a limited liability partnership in the United Kingdom), which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.
www.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationGovernment Procurement Service
www.pwc.co.uk Government Procurement Service PwC and the G Cloud: knowledge, experience, value V1.0 PwC Service Definition 1 G-Cloud Strategy and Planning Services 28 th February 2013 www.pwc.co.uk Table
More informationwww.pwc.nl/cybersecurity Cyber security Building confidence in your digital future
www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence
More informationARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.
ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationThe Cadence Partnership Service Definition
The Cadence Partnership Service Definition About Cadence The Cadence Partnership is an independent management consultancy, specialising in working with a wide range of organisations, solving complex issues
More informationSmart Security. Smart Compliance.
Smart Security. Smart Compliance. SRM are dedicated to helping our clients stay safe in the information environment. With a wide range of knowledge and practical experience, our consultants are ready to
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationISO27032 Guidelines for Cyber Security
ISO27032 Guidelines for Cyber Security Deloitte Point of View on analysing and implementing the guidelines Deloitte LLP Enterprise Risk Services Security & Resilience Contents Foreword 1 Cyber governance
More informationG-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services
G-Cloud Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to support
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationG-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services
G-Cloud 7 Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to
More informationHow to ensure control and security when moving to SaaS/cloud applications
How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk
More informationAssessing the strength of your security operating model
www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part
More informationPwC s Advanced Threat and Vulnerability Management Services
www.pwc.ch PwC s Advanced Threat and Vulnerability Management Services Our comprehensive approach PwC s security assessment services A joint business relationship provides clients with access to High-Tech
More informationUnder control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint
Under control 2015 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fourth annual review of the IT hot topics for IT internal audit in financial
More informationSHAREPOINT SERVICE DEFINITION. G-CLOUD Commercial-in-Confidence. civil.lockheedmartin.co.uk
SHAREPOINT SERVICE DEFINITION G-CLOUD Commercial-in-Confidence civil.lockheedmartin.co.uk SECTION 1 LOCKHEED MARTIN S SHAREPOINT CAPABILITY Lockheed Martin offers a full end to end service, delivering
More informationHYBRID CLOUD SERVICES HYBRID CLOUD
SERVICES SOLUTION SUMMARY SEIZE THE ADVANTAGE From the workplace to the datacenter, the enterprise cloud footprint is growing. It delivers on-demand development resources. It accommodates new digital workloads.
More informationGrowth Through Excellence
Growth Through Excellence Public/Private Cloud Services Service Definition Document G- Cloud 5 REFERENCE NUMBER RM1557v Table of Contents Table of Contents... 3 Executive Summary... 4 About the Company...
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no part of this
More informationDigital Forensics G-Cloud Service Definition
Digital Forensics G-Cloud Service Definition 2013 General Dynamics Information Technology Limited. All rights 1 GDIT Team Clients Metropolitan Police Service The General Dynamics Information Technology
More informationDATA ANALYTICS SERVICES. G-CLOUD SERVICE DEFINITION.
DATA ANALYTICS SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Services Overview...4 2.1 Rapid KPI Reporting Delivery Services...4 2.2 Data Discovery & Exploitation Services...5
More informationInformation governance strategy 2014-16
Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationIT Security Testing Services
Context Information Security T +44 (0)207 537 7515 W www.contextis.com E gcloud@contextis.co.uk IT Security Testing Services Context Information Security Contents 1 Introduction to Context Information
More informationProtecting Malaysia in the Connected world
Protecting Malaysia in the Connected world cyber Security Company of the Year (Cybersecurity Malaysia, 2014) Most innovative information security company in Malaysia (Cybersecurity Malaysia, 2012) BAE
More informationProcuring Penetration Testing Services
Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat
More informationSecurity & Privacy Current cover and Risk Management Services
Security & Privacy Current cover and Risk Management Services Introduction Technological advancement has enabled greater working flexibility and increased methods of communications. However, new technology
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationCyber Governance Health Check Cyber security survey for top segment of Dutch market
www.pwc.nl Cyber Governance Health Check Cyber security survey for top segment of Dutch market PwC The Netherlands May 2014 Contents Introduction Executive Summary Detailed results Part 1: Overview of
More informationSpecialist Cloud Services Lot 4 Cloud EDRM Consultancy Services
Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services Page 1 1 Contents 1 Contents... 2 2 Transcend360 Introduction... 3 3 Service overview... 4 3.1 Service introduction... 4 3.2 Service description...
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationKPMG Advisory. Microsoft Dynamics CRM. Advisory, Design & Delivery Services. A KPMG Service for G-Cloud V. April 2014
KPMG Advisory Microsoft Dynamics CRM Advisory, Design & Delivery Services A KPMG Service for G-Cloud V April 2014 Table of Contents Service Definition Summary (What s the challenge?)... 3 Service Definition
More informationCommittees Date: Subject: Public Report of: For Information Summary
Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security
More informationServices. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure
Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation
More informationA COMPLETE APPROACH TO SECURITY
A COMPLETE APPROACH TO SECURITY HOW TO ACHEIVE AGILE SECURITY OPERATIONS THREAT WATCH Cyber threats cost the UK economy 27 billion a year 200,000 new threats are identified every day 58% of businesses
More informationAssurance in the Cloud: Outsourcing Risk in a Shifting Landscape
by SCC We make IT work Assurance in the Cloud: Outsourcing Risk in a Shifting Landscape 02 CONTENTS You hold sensitive public sector data Sentinel protects it. Sentinel by SCC not only provides faster
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationData Protection Act 1998. Guidance on the use of cloud computing
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
More informationIT risk management discussion 2013 PIAA Leadership Camp May 15, 2013
IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 Debbie Lew Agenda Review what is IT governance Review what is IT risk management A discussion of key IT risks to be aware of Page 2
More informationCustomer Relationship Management Software Package G-Cloud Service Definition
Customer Relationship Management Software Package G-Cloud Service Definition 2014 General Dynamics Information Technology. All rights reserved 1 Delivering consistent multi-channel (telephony, e-mail,
More informationMapping and Geographic Information Systems Professional Services
Mapping and Geographic Information Systems Professional Services G-Cloud Services RM 1557 Service Definition Esri UK GCloud 5 Lot 4 Specialist Services Government Procurement Service Acknowledgement Esri
More informationService Definition Document
Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)
More informationWebsite (Digital) & Mobile Optimisation. 10 April 2014. G-Cloud. service definitions
Website (Digital) & Mobile Optimisation 10 April 2014 G-Cloud service definitions TABLE OF CONTENTS Service Overview... 3 Business Need... 3 Our Approach... 4 Service Management... 5 Pricing... 5 Ordering
More informationEmbrace the G-Cloud. Ultra Secure Colocation Services for the Public Sector. thebunker.net Phone: 01304 814800 Fax: 01304 814899 info@thebunker.
Embrace the G-Cloud Ultra Secure Colocation Services for the Public Sector 1 Phone: 01304 814800 Fax: 01304 814899 info@ Contents Introduction What is G-Cloud? Types of accreditation: Business Impact Levels
More informationData analytics Delivering intelligence in the moment
www.pwc.co.uk Data analytics Delivering intelligence in the moment January 2014 Our point of view Extracting insight from an organisation s data and applying it to business decisions has long been a necessary
More informationCONSULTING IMAGE PLACEHOLDER
CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization
More informationSpecialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services
Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services Page 1 1 Contents 1 Contents... 2 2 Transcend360 Introduction... 3 3 Service overview... 4 3.1 Service introduction... 4
More informationCyber Security: from threat to opportunity
IT ADVISORY Cyber Security: from threat to opportunity www.kpmg.com/nl/cybersecurity From threat to opportunity / Cyber security / 1 FOREWORD OPPORTUNITY-DRIVEN CYBER SECURITY Cyber security (also known
More informationFirewall Administration and Management
Firewall Administration and Management Preventing unauthorised access and costly breaches G-Cloud 5 Service Definition CONTENTS Overview of Service... 2 Protects Systems and data... 2 Optimise firewall
More informationAUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES
AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES Final Report Prepared by Dr Janet Tweedie & Dr Julie West June 2010 Produced for AGIMO by
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationCenturyLink IT Consulting Services. G-Cloud 6 - SCS. REFERENCE NUMBER RM1557vi
CenturyLink IT Consulting Services G-Cloud 6 - SCS REFERENCE NUMBER RM1557vi Overview of the Service (functional and non-functional) IT Consulting Services CenturyLink's Solutions Consulting delivers customised
More informationCYBER SECURITY Audit, Test & Compliance
www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit
More informationEMAIL MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST
EMAIL MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST Enabling user efficiency with a cloud-based email platform With productivity, revenues and reputation at stake, an
More informationG-Cloud Service Definition. Atos SI Oracle CRM and CX Services
G-Cloud Service Definition Atos SI Oracle CRM and CX Services Atos SI Oracle CRM and CX Services SCS Atos provides a range of expert Customer Relationship Management (CRM) and Customer Experience (CX)
More informationCGI Cyber Risk Advisory and Management Services for Insurers
CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their
More informationGPS G-Cloud Lot 4: Oracle Business Intelligence Cloud Consultancy Service Definition
GPS G-Cloud Lot 4: Contents 1 Introduction... 3 2 Service... 4 2.1 Cloud Consultancy Overview... 4 2.2 Information assurance... 5 2.3 Backup/Restore and Disaster Recovery... 6 2.4 On-boarding and Off-boarding...
More informationDo you know your privacy risks? How new technologies, changing business models, and emerging regulations are changing the data-protection landscape
January 2013 Do you know your privacy risks? How new technologies, changing business models, and emerging regulations are changing the data-protection landscape At a glance Threats to data security both
More informationInformation Services Strategy 2011-2013
Information Services Strategy Issue 1 1 Introduction The States of Jersey public sector is facing significant pressure for efficiencies and savings. This has created the context to take a fresh look at
More informationCyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13
Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...
More informationThe IT Strategic Plan
The IT Strategic Plan for the University of Oxford, 2013-2018 REVISED AND REISSUED, OCTOBER 2015 Contents IT Strategic Plan: Vision... 2 The IT Strategic Plan... 2 IT Strategic Plan: Principles and Assumptions...
More informationG-Cloud Service Definition. Atos Business Intelligence Dashboards and Analytics SCS
G-Cloud Service Definition Atos Business Intelligence Dashboards and Analytics SCS Atos Business Intelligence Dashboards and Analytics SCS The Atos approach to Business Intelligence (BI) Dashboards and
More informationFTI Consulting insurance services
INSURANCE SERVICES FTI Consulting insurance services The insurance industry is operating in a complex and dynamic global environment. Low interest rates, the demand on capital and ever-changing regulation
More informationHow To Design A Cloud Based Infrastructure For Spera
SAP Cloud Infrastructure Services Guiding you through your cloud journey Leveraging the cloud for your SAP environment offers an opportunity to fundamentally transform how your organization operates. If
More informationG-Cloud Service Definition. Atos Data Quality Audit SCS
G-Cloud Service Definition Atos Data Quality Audit SCS Atos Data Quality Audit SCS As organisations increasingly utilise a hybrid of Legacy and Cloud based technology platforms, it becomes increasingly
More informationSCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services
SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services Contents 1 Introduction...2 2 IA, CLAS Consulting and CHECK Testing...3 3 Information Assurance...4 4 Accreditation...5
More informationSecurity Consultants / Security Managed Services
Security Consultants / Security Managed Services Service Definition Document for G-Cloudv7 Services October 2015 Table of Contents Service Overview...3 Our Approach... 3 Features... 3 Benefits... 4 ON-BOARDING
More informationThe Scottish Wide Area Network Programme
The Scottish Wide Area Network Release: Issued Version: 1.0 Date: 16/03/2015 Author: Andy Williamson Manager Owner: Anne Moises SRO Client: Board Version: Issued 1.0 Page 1 of 8 16/04/2015 Document Location
More information/ WHITEPAPER / THE BIMODAL IT
/ WHITEPAPER / THE BIMODAL IT By Melbourne IT Enterprise Services IMPLEMENTING THE DYNAMIC COMPONENT FOR A DIGITAL WORLD Among the IT operational models developed over the years, the recent release of
More informationCyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis
Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?
More informationManaging Complex Transformations Achieving excellence
Managing Complex Transformations Achieving excellence A summary of our transformation management and programme leadership capability in the mining industry February 2009 Contents Introduction 1 Our approach
More informationCustomer centric transformation for next generation customer service CUSTOMER CENTRICITY
Social Mobile Data CUSTOMER CENTRICITY Cyber security Cloud Customer centric transformation for next generation customer service Solutions and services for improving customer focus and satisfaction across
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationCommonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation
Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationRecruitment Process Outsourcing Methodology Statement
Recruitment Process Outsourcing Methodology Statement Contents An Overview... 3 Steps To Success The Components of an Outsourced Recruitment Process... 4 Why Use RPO?... 6 Why Consult Group?... 8 About
More informationIT Outsourcing. Third Time Lucky? Winter 2014/15 INSIGHTS
INSIGHTS IT Outsourcing Third Time Lucky? Coeus Consulting looks at whether the emerging third generation sourcing models are the end of the journey or is a fourth generation on the way? Winter 2014/15
More informationCisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.
Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able
More informationProfile. Business solutions with a difference
Profile Business solutions with a difference Overview ITeM Group was founded in 1999 and has a successful history of delivering IT solutions in Australia, New Zealand, Indonesia, China and Canada. We specialise
More informationCPNI VIEWPOINT 01/2010 CLOUD COMPUTING
CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected
More informationdeveloping your potential Cyber Security Training
developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company
More informationIBM QRadar as a Service
Government Efficiency through Innovative Reform IBM QRadar as a Service Service Definition Copyright IBM Corporation 2014 Table of Contents IBM Cloud Overview... 2 IBM/Sentinel PaaS... 2 QRadar... 2 Major
More informationwww.pwc.com/mt Internal Audit Takes On Emerging Technologies
www.pwc.com/mt In Internal Audit Takes On Emerging Technologies Contents Introduction 2 Cloud Computing & Internal Audit 3 Smart Devices/ Technology & Internal Audit 6 Social Media & Internal Audit 8 Cyber
More informationCBEST FAQ February 2015
CBEST Frequently Asked Questions: February 2015 At this time, the UK Financial Authorities have only made CBEST available to firms and FMIs which they consider to be core to the UK financial system. Those
More informationManaging cyber risks with insurance
www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive
More informationThe Changing IT Risk Landscape Understanding and managing existing and emerging risks
The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015
More informationCloud Computing Strategy. an addendum to the. Queensland Government. ICT Strategy 2013 17. Queensland Government
Department of Science, Information Technology, Innovation and the Arts Queensland Government Cloud Computing Strategy an addendum to the Queensland Government ICT Strategy 2013 17 Supporting Queensland
More informationCASSIDIAN CYBERSECURITY
CASSIDIAN CYBERSECURITY ADVANCED PERSISTENT THREAT (APT) SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something no organisation can afford
More informationDigital Forensics Services
Digital Forensics Services A KPMG SERVICE FOR G-CLOUD VII October 2015 kpmg.co.uk Digital Forensics Services KPMG PROVIDES RELIABLE END TO END COMPUTER FORENSIC AND EXPERT WITNESS SERVICES We bring together
More informationSecuring Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement.
Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement June 2011 DISCLAIMER: This document is intended as a general guide only.
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More information