Accreditations and affiliations
Our focus is security services. Specifically, our experts provide clients in both the commercial and government sectors with rigorous security testing to ensure the integrity of their network at all times and to ensure that they always remain compliant with all the relevant standards, regulations and guidelines.
We believe certifications are important, and by having these certifications, we are demonstrating our commitment to handling information for our clients securely.This means that any client who uses our services, can be rest assured that their information is handled with the highest integrity.
Portcullis Computer Security Ltd is certified by BSI as an ISO 27001 compliant company. ISO27001:2005 is a standard that provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS). It covers a wide range of security considerations which covers both electronic and paper based information.
With UK and global acceptance in over 150 countries, the ISO standard is designed to ensure high security standards to protect information assets and meet regulatory requirements. The accreditation reflects the company’s commitment to keeping data and confidential information secure.
Portcullis Computer Security Ltd has been selected as a supplier under the G-Cloud framework. We are authorised to provide Information Assurance and Cyber Security Services under Lot 4 of the programme which covers Specialist Cloud Services.
Cloud computing has brought about a step change in the economics and sustainability of Information and Communication Technology (ICT). Government is committed to the adoption of cloud computing and delivering computing resources. The G-Cloud is an iterative programme of work to achieve this which will deliver fundamental changes in the way the public sector procures and operates ICT.
Portcullis is proud to have been the instigators and also one of the founders of the Council of Registered Ethical Security Testers. CREST was created in response to the need for regulated and professional security testers to serve the global information security marketplace. CREST is a standards based organisation for penetration test suppliers incorporating a best practice technical certification programme for individual consultants.
Additionally CREST provides its members with a framework of guidance including standards, methodologies and recommendations aimed at ensuring the very highest standards of leading-edge security testing. Portcullis’ persistence in lobbying our competitors has resulted in a commercially run, industry recognised and valued accreditation for all individuals and companies conducting or providing Security Testing Services.
As a company Portcullis has been a member of the CESG IT Health Check Service as a CHECK Service Provider, since its inception in 1999 and continues to be a very active and supportive member. CHECK is a UK government run accreditation and, as a CHECK Service Provider, Portcullis is measured against the high standards developed and set by CESG. Therefore, UK government and CNI clients can be assured that they will receive a high quality service carried out under the Terms & Conditions of CHECK.
Within the realms of the private sector, Portcullis is an Authorised Scanning Vendor (ASV) for PCI, with whom retailers must now be compliant for credit/debit card payments, which enables us to help clients comply with the penetration testing requirements of PCI Data Security Standard.
ENISA the European Network and Information Security Agency, working for the EU Institutions and Member States. It is the EU’s response to these cyber security issues of the European Union. As such, it is the ‘pace-setter’ for Information Security in Europe, and a centre of expertise.
The Corporate Executive Programme (CEP) operates under the auspices of the Forum of Incident Response and Security Teams (FIRST), a world-wide organisation that promotes collaboration and shared knowledge against security threats and risk. Formed in June 2005 in Singapore, the CEP unites senior decision-makers from the world’s leading enterprises and public sector organisations.
The leading UK based business security and resilience membership network. Bringing together public and private sector leaders, as a not-for-profit enterprise, CSARN is an award winning business security and staff safety advisory service.
IAAC’s activities all involve bringing together public, private, academic and other sectors together to discuss and research strategic level information assurance issues.
IAAC is constantly exploring opportunities to engage with other organisations, commercial, public, academic and third sector which have a shared interest in achieving a robust and resilient UK information.
Portcullis is a member of FIRST, a premier organisation and recognised global leader in incident response. Membership of FIRST enables incident response teams to more effectively respond to security incidents reactive as well as proactive. FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organisations.
FIRST aims to foster co-operation and co-ordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large.
The centre for the Protection of National Infrastructure (CPNI) protects national security by providing protective security advice to businesses and organisations across the national infrastructure.
Their advice aims to reduce the vulnerability of the national infrastructureto terrorism and other threats, keeping the UK’s essential services (delivered by the communications, emergency services, energy, finance, food, government, health, transports and water sectors) safer.
International Information Systems Security Certification Consortium, Inc., (ISC), is the global, not-for-profit leader in educating and certifying information security professionals throughout their careers. ISC provides vendor-neutral education products, career services, and Gold Standard credentials to professionals in more than 135 countries. It is an elite network of nearly 90,000 certified industry professionals worldwide.
As an organisation, Portcullis actively supports both local and national organisations in a number of ways. As part of our commitment to the local community, Portcullis is engaged in a project to provide the educational version of Raspberry Pi to local schools that are centres of excellence for Technology. This initiative also includes the involvement of security practitioners employed by Portcullis to present and engage with the students in the classroom to foster an enthusiasm for understanding how computers actually work and not just how to use them. This ambition is consistent with the new ICT curriculum that will be coming on stream in 2014.
Portcullis is involved in the UK Information Security industry’s own charity White Hats, through a number of events which are organised in order to raise funds for charities working with vulnerable children.
With the continuing technology advances and improved communications, the internet and mobile phones have presented new channels for abuse. Children and teenagers are increasingly victims of grooming and bullying.
By raising funds for carefully chosen charities, White Hats can help to stop child cruelty, by supporting ChildLine (an NSPCC charity) Avenues and Barnardo’s in their work with vulnerable children.