Precursor Security - Cyber Security Experts

Established back in early 2018, Precursor have grown rapidly to become a leading Cyber Security provider. Headquartered in the UK, we provide a wide range of Cyber security services including
Penetration Testing
Cloud Security assessments, 
Continuous Security Testing, 
Cyber Essentials, 
End Point Detection and Response,
Backup & Restore solutions and much more.

****** “Excellent service, easy to work with and really know what they’re doing, their technical experience is second to none.”

Precursor Security are a member of the Council for Registered Ethical Security Testers (CREST), the not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognised accreditation for organisations and individuals providing penetration testing, cyber incident response and threat intelligence services.

In addition to technical capabilities Precursor are acutely aware of the need for exceptional customer care. Throughout each engagement, access to CREST qualified technical resource is provided from initial contact, through to test exit and aftercare. As a result, Precursor’s client base has grown significantly across virtually every business sector.

Precursor are named as a supplier on Crown Commercial Service’s G-Cloud 12 framework. Crown Commercial Service supports the public sector to achieve maximum commercial value when procuring common goods and services. 

Precursor are a Trusted Partner of the North East Business Resilience Centre (NEBRC). The NEBRC exists to support and help protect businesses from cyber-crime and funded by the Police, Private and Public Partners across the UK.

Precursor are also a certification body for Cyber Essentials, and have designed a simple online Quiz, to help an organisation understand where they are in their Cyber Essentials journey, and what they can do to improve, ahead of actually going for the accreditation

DSP toolkit

Cyber Security is of course a major consideration for the NHS in 2022. The NHS needs supply chains, which are as secure as possible. To this end the NHS DSP toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

DSP toolkit is an abbreviation for the ‘NHS Data Security and Protection Toolkit. 

The 10 standards are:

Standard 1 - Personal Confidential Data

Standard 2 - Staff Responsibilities

Standard 3 – Training

Standard 4 - Managing Data Access

Standard 5 - Process Reviews

Standard 6 - Responding to Incidents

Standard 7 - Continuity Planning

Standard 8 - Unsupported Systems

Standard 9 - IT Protection

Standard 10 - Accountable Suppliers

Looking a bit more in detail at one of the standards, specifically Standard 9, IT Protections.

The Independent Assessment Framework, for the standard states:

“A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.”

Within this standard are assertions. These are:

Assertion 1 - All networking components have had their default passwords changed.

Assertion 2 - A penetration test has been scoped and undertaken.

Assertion 3 - Systems which handle sensitive information or key operational services shall be protected from exploitation of known vulnerabilities.

Assertion 4 - You have demonstrable confidence in the effectiveness of the security of your technology, people, and processes relevant to essential services.

Assertion 5 - You have a data security improvement plan with agreed implementation dates.

Assertion 6 - You securely configure the network and information systems that support the delivery of essential services.

“Do your organisation’s IT system suppliers have cyber security certification?” 

The detail supporting the question lets us know that the following are ways IT suppliers can demonstrate this:

  • Having a Cyber Essentials certificate
  • Have an ISO27001 certificate
     

A Cyber Essentials certificate comes at 2 levels - Cyber Essentials and Cyber Essentials Plus.

There have been several changes to the Cyber Essentials standard in 2022. To help with the changes there is a webinar available on the Precursor website covering everything you need to know. 

Precursor Security are happy to have a no obligation conversation, whatever your Cyber Security need might be, and can assist with aspects of the toolkit, such as proof of penetration testing and vulnerability scanning.
Contact us to Enhance Your Cyber Security (precursorsecurity.com)

Supplier Profiles

Head Medical

Head Medical are an established specialist medical recruitment company based in Edinburgh since 2

Portakabin Ltd

Portakabin is the pioneer of modular construction in Europe, delivering interim and permanent bes