Website
Visit website

Actica Consulting

Actica’s consultants bring expertise across the fullest range of Information and Cyber Security challenges, from policy and strategy development, through designing Security Architectures, to securing compliance with key standards.

We are trusted to deliver by clients for whom security is core business. This includes in the Central Government, Critical National Infrastructure (CNI), Defence, Law Enforcement and Criminal Justice sectors.

Addressing the problem

Actica is able to address all aspects of information and cyber security, business continuity and risk management at both technical and management levels. Our approach is characterised by pragmatism – we review the effectiveness of existing security measures before making evidenced recommendations for change on the basis of cost / opportunity / benefit. We approach assignments either by developing a security strategy to complement an organisation’s overall business goals, or through more targeted engagements to address specific, identified areas of concern.

Technical Expertise
Actica brings the technical competence needed to keep your organisation or business secure and retain the trust of your partners or customers. We combine this with years of practical experience in supporting both public and private sector companies, ranging from sensitive areas of Government, to innovative tech start-ups. Our technical expertise and deep experience is complemented by our keen awareness of current standards and approaches, many of which we have helped to refine.

Actica’s consultants are experienced in the application of standards and methodologies including:

ISO/ IEC 27000 series, ISO 28000, BS ISO 31000, ISO 22301

 Risk assessment standards, including ISO27005, OCTAVE and IRAM

 NIST, OWASP, and ISF Standards

 Government Security Classification Scheme

 Cyber Essentials

 Security Policy Framework

 Current NCSC Guidance

 The Defence Cyber Vulnerability Investigations (CVI) Methodology

 HMG Infosec Standards, Memoranda and Manuals

 Secure architectures and infrastructures including the Public Services Network (PSN), Restricted LAN Interconnect (RLI), Criminal Justice Entranet (CJX) and more sensitive capabilities.

Services
Our specific information and cyber security services include:

 Security Architecture design, review and assurance

 Security reviews and risk assessments

 Preparation of formal security documentation, such as Security Assurance Documents, Information Risk Assessment Reports, Risk Management and Accreditation Document Sets or CVI Reports

 Technical implementation of security measures within systems and platforms, including agile development security and vulnerability management

 Security Governance, Risk , Assurance and Compliance development and implementation

 Security strategy, policy, process and standards development and implementation

 Security certification, Cyber Essentials and ISO27001 development and implementation

 Holistic (socio-technical) cyber threat and risk analysis

 Security testing including penetration testing and ITHCs

 Data Protection security development and implementation

Email me courses from this provider