Client type : Data Management

Delivery type: Consultative – existing ICT support will make changes
Size of company: 25 employees
Sector: Legal
Threat protection level: Medium

Our client, a legal firm, wanted to improve their Cyber Security Posture through the National Cyber Security Centre’s (NCSC) Cyber Essentials and Cyber Essentials Plus certification path. Whilst not necessarily something the SRA (solicitors regulation authority) required, in their recent risk analysis documents, they mentioned standards such as CE/CEP so our client wanted to ensure that they complied with these and were also able to advise their clients that they were taking data security through cyber protection sensibly by displaying compliance to this UK standard.

The client already had a managed service provider delivering ICT support for them and believed that this provider was covering them to a suitable level for certification – Solsoft were therefore engaged to complete a check, advise on any minor amendments and finally deliver certification.

After completing a gap analysis and vulnerability assessment we highlighted 289 unremediated vulnerabilities with the server alone with 8 immediately exploitable vulnerabilities on their external connection and 3 vulnerabilities with their practice website allowing for a bad actor to compromise their website.

Overall, across the 22 devices and server we found over 500 vulnerabilities which needed immediate remediation, many critical which posed a threat to the safety of their systems, client data and indeed their business.

We delivered a report with all required actions, process and how to documentation to the incumbent ICT provider so they were able to remediate the issues identified – our team then continued to work with the existing provider to ensure that all risks were remediated ready for later certification.

  • Risks mitigated
  • Policies and processes reviewed (advise provided)
  • Cyber Essentials Certification Achieved
  • Cyber Essentials Plus Certification Achieved

Housing case study

Size of company:
25

Sector:
Housing

Threat protection cover:
Cyber Essentials, Cyber Essentials Plus, Ongoing Cyber Support

Overview:

Our client holds lots of confidential data relating to tenants in their properties and financial and medical care plans in relation to the care and support of those tenants in their properties and managed/assisted living spaces.

View full case study >>

Managed Business Services case study

Size of company:
25

Sector:
IT

Threat protection cover:
Cyber Essentials, Cyber Essentials Plus, Ongoing Cyber Support

Overview:

Our client, a smaller company within a larger organisation, providing internal and external ICT support for the wider company and their end clients.

View full case study >>

Data Management case study

Size of company:
50-100

Sector:
Government

Threat protection cover:
Cyber Essentials, Cyber Essentials Plus, Ongoing Cyber Support

Overview:

Our client works with several very well-known UK brands and local / central government departments all of which, through questionnaires and external audits, were asking our client for further information about their security provision as there was a need to ensure that the data being managed by our client was secure.

View full case study >>

Legal case study

Size of company:
25

Sector:
Legal

Threat protection cover:
Cyber Essentials, Cyber Essentials Plus, Ongoing Cyber Support

Overview:

Our client, a legal firm, wanted to improve their Cyber Security Posture through the National Cyber Security Centre’s (NCSC) Cyber Essentials and Cyber Essentials Plus certification path.

View full case study >>

Our Credentials

We are the only Cyber Security Company who can certify your compliance (we are an approved certifying body) and manage your security and risk on an ongoing basis, as well as help you achieve Cyber Essentials, Cyber Essentials Plus and IASME Gold Framework.

Get in touch