- Visit website
Actica’s consultants bring expertise across the fullest range of Information and Cyber Security challenges, from policy and strategy development, through designing Security Architectures, to securing compliance with key standards.
We are trusted to deliver by clients for whom security is core business. This includes in the Central Government, Critical National Infrastructure (CNI), Defence, Law Enforcement and Criminal Justice sectors.
Addressing the problem
Actica is able to address all aspects of information and cyber security, business continuity and risk management at both technical and management levels. Our approach is characterised by pragmatism – we review the effectiveness of existing security measures before making evidenced recommendations for change on the basis of cost / opportunity / benefit. We approach assignments either by developing a security strategy to complement an organisation’s overall business goals, or through more targeted engagements to address specific, identified areas of concern.
Actica brings the technical competence needed to keep your organisation or business secure and retain the trust of your partners or customers. We combine this with years of practical experience in supporting both public and private sector companies, ranging from sensitive areas of Government, to innovative tech start-ups. Our technical expertise and deep experience is complemented by our keen awareness of current standards and approaches, many of which we have helped to refine.
Actica’s consultants are experienced in the application of standards and methodologies including:
ISO/ IEC 27000 series, ISO 28000, BS ISO 31000, ISO 22301
Risk assessment standards, including ISO27005, OCTAVE and IRAM
NIST, OWASP, and ISF Standards
Government Security Classification Scheme
Security Policy Framework
Current NCSC Guidance
The Defence Cyber Vulnerability Investigations (CVI) Methodology
HMG Infosec Standards, Memoranda and Manuals
Secure architectures and infrastructures including the Public Services Network (PSN), Restricted LAN Interconnect (RLI), Criminal Justice Entranet (CJX) and more sensitive capabilities.
Our specific information and cyber security services include:
Security Architecture design, review and assurance
Security reviews and risk assessments
Preparation of formal security documentation, such as Security Assurance Documents, Information Risk Assessment Reports, Risk Management and Accreditation Document Sets or CVI Reports
Technical implementation of security measures within systems and platforms, including agile development security and vulnerability management
Security Governance, Risk , Assurance and Compliance development and implementation
Security strategy, policy, process and standards development and implementation
Security certification, Cyber Essentials and ISO27001 development and implementation
Holistic (socio-technical) cyber threat and risk analysis
Security testing including penetration testing and ITHCs
Data Protection security development and implementation