Consultancy Services

Home / Consultancy Services
Cyber & Information Security Assessments

TCSC provide Cyber & Information security assessments to help organisations identify gaps in their security posture and implement improvement plans to reduce your Cyber risk and improve your cyber resilience. Our Cyber and Information security assessments are tailored to our customers needs. We offer bespoke assessments, or assessments against industry standards such as BSI ISO27001 & ISAME Cyber Essentials. All our assessments include a report with prioritised findings and recommendations to close any identified security control gaps.

Supplier Due Diligence

Supply Chain Risk is often regarded as one of the most prevalent attack vectors. Breaches that have occurred because of a supply chain issue are often reported in the media. Organisations looking to offer new contracts need assurance that your business does not pose a supply chain risk to them. In our experience of working with small to medium organisation there is not always enough resource or expertise to manage supplier management responses. Your business may have the best services and tick all the boxes for your potential customers, but if you can’t respond effectively to supplier management requests and give your customer assurance that you operate securely this can often be a deal breaker. TCSC strives to make businesses successful and with our approach to supplier management we can support your success in winning new business. TCSC offer the following packages.

Supplier Due Diligence packages
Supplier Management As A Service

TCSC will provide a dedicated service and become an extension to your team to support your supplier management process. Developing an end-to-end process for managing supplier management requests Review of Information Security Contractual clauses and provide recommendations. Providing responses to supplier due diligence questionnaires Develop your supplier process to enable you to assess your own suppliers and gain security assurance Provide support on new contracts and ensure suitable Information Security clauses are accounted for.

Supplier Management Retainer Service

TCSC can provide a retainer service to support your supplier management process. Book a block of time with our consultants to use at your discretion. Some of our customers like to use this service when they have supplier due diligence questionnaires that they need to respond to. TCSC will support your business with responses to security questionnaires to ensure they are submitted before your customers deadline. The retainer service provides a great opportunity to learn and understand the questions and responses required for supplier management. The outcome of this engagement is to provide your team with a repeatable model that they can use to respond effectively to supplier management questionnaires.

Security Operations Centre (SOC) Maturity Assessment

Your SOC is the nerve centre to detect and respond to Cyber Attacks. Its important that the SOC is built in alignment with what the business wants to protect. Often a SOC can be overwhelmed with the number of alerts and incidents that are being generated which leads to an ineffective SOC capability. TCSC SOC specialists assess your SOC process and procedures in alignment with industry standards. Our SOC maturity assessment will determine the maturity level of the SOC and provide an improvement plan and roadmap to meet your desired level of maturity. SOC maturity assessment includes: SOC Assessment of all process and procedure against industry standards Maturity score based on Carnegie & Mellon Improvement plan and prioritised deliverables roadmap to meet desired maturity goals. Debrief meeting to review findings and improvement plans

Vulnerability Management

Vulnerability Management is a key area for any business to discover, mitigate and reduce the risk of Cyber criminals exploiting weakness in your IT infrastructure. Vulnerability Management can be challenging if there is not enough resource, or expertise in the business. If your business is facing this challenge, then TCSC can help. Our managed service provides an end-to-end service for internal and external vulnerability scanning and includes:

  • Managed service onboarding and configuration of our cloud-based vulnerability scanner
  • Configuring discovery scans against your IT estate to ensure existing and new assets are discovered and scanned
  • Setting up vulnerability scans to target your internal and external asset inventory
  • Prioritisation and guidance of any remediation generated from the scans
  • Monthly report and debrief meeting.
Cyber & Information Security Project Support

TCSC provide Cyber & Information Security Subject Matter Experts (SME) to support your in-flight projects. Our SME’s will lead the project security deliverables ensuring the correct security controls are implemented in alignment with the risk appetite of the business. Security and Non-security related projects are covered by our SME. Our approach is to work collaboratively with the project team to ensure the correct security requirements are defined for the project, and assurance is provided that all controls have been implemented, tested and satisfactorily delivered by the project. Risk assessments are performed by our SME across the project lifecycle to ensure that any residual risk is within risk appetite before the service go live. To book a consultant for your project please get in touch.