Portcullis has announced its acceptance into the CREST Cyber Security Incident Response (CSIR) Scheme.
Established by CREST in collaboration with CESG, the information security division of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI), the scheme creates a set of standards for incident response when dealing with attacks for both the private and public sector.
According to the company, Portcullis achieved CSIR certification based on its Cyber Threat Analysis and Detection Service (CTADS), an incident response solution designed to identify, control, understand and clean-up attacks.
The CSIR accreditation provides a benchmark that enables organisations to evaluate incident response solutions, and gives added assurances that security companies have both the skills and expertise to deliver the services required. In the same vein, for suppliers such as Portcullis that belong to the scheme, there is added incentive to deliver the best, most appropriate service.
Tim Anderson, commercial director of Portcullis Computer Security, told IT Security Guru that the endorsement was very broad and this was the result of a number of years work and underpins its more structured approach.
“In our approach we balance our technical capabilities with delivering exactly what the client needs, based on working with them to gain a complete understanding of their requirements and internal abilities,” he said. “We focus on developing the best ways in which to deliver these skills so that the best, most effective solution is implemented.”
“Throughout the application process it became clear that CREST placed great emphasis on these values, just as we do. The focus of the scheme is therefore on a high level of control and clear communication with the client, but allowing for significant freedom in the underlying engagement.”
Ian Glover, president of CREST, said: “The CSIR scheme brings an added level of integrity and assurance to organisations looking for a security solution, in effect guaranteeing the expertise and competence of CSIR accredited vendors. As such, the accreditation process features stringent standards and is an involved and comprehensive process – not merely box ticking – to ensure that cyber security events are properly handled.”
