Bridewell accredited by NCSC for CHECK penetration testing

CHECK-authorised penetration tests on CNI systems and networks are conducted by verified companies using NCSC recognised methods and by staff who hold NCSC-approved qualifications.

The current NCSC advice is for all Government organisations to use CHECK-approved penetration testing services.

With the hangover from the cyber attack on The Electoral Commission still fresh in the mind, assessing the security of sensitive Government, public sector and CNI systems through rigorous and regular penetration testing becomes crucial for reassuring the general public and keeping sensitive data safe from malicious hackers.

“We deemed it essential that we become a CHECK provider to ensure that our existing and new Government customers receive a high-quality, industry-backed penetration service to identify any weaknesses in their systems,” observed James Smith, head of offensive security at Bridewell. “We’re pleased to have achieved this alongside our existing NCSC assurances for Cyber Security Consultancy and Cyber Incident Response.”

The company’s ongoing alignment with NCSC accreditations, which also include NCSC Assured Cyber Security Consultancy services in Audit and Review and Risk Management, and its holistic cyber security approach are helping to protect the globe’s most highly regulated critical infrastructure organisations. Examples include Gwent Police, the Manchester Airports Group and the UK Census 2021.

Organisations across critical infrastructure can therefore rely on assured companies like Bridewell to conduct CHECK penetration tests and deliver reports and recommendations to the highest industry standard.

Managed detection and response

Bridewell is a cyber security services company providing global, 24/7 managed detection and response services and cyber security consultancy.

With extensive experience in delivering large-scale transformational projects in highly regulated environments, Bridewell enables organisations to drive strategic change securely, providing a full breadth of end-to-end cyber security services. The team comprises a diverse range of highly skilled consultants, supported by industry leading technology, deep technical expertise, accredited methodologies and a client-centric approach.

Bridewell delivers a number of services across the CNI, aviation, financial services, Government and oil and gas sectors. The company holds a number of industry accreditations including NCSC, CREST, CHECK, ASSURE, IASME Consortium, SOC2, Cyber Essentials Plus, ISO 27001 and ISO 9001 and is a PCI DSS QSA company.

Launched in October 2016, the NCSC is headquartered in London and brings together expertise from CESG (the information assurance arm of GCHQ), the Centre for Cyber Assessment, CERT-UK and the Centre for the Protection of National Infrastructure (which became the National Protective Security Authority in March this year).

The NCSC provides a single point of contact for SMEs, larger organisations, Government agencies, the general public and departments. The organisation also works collaboratively with other law enforcement and defence bodies, the UK’s intelligence and security agencies and several international partners.