In today’s rapidly shifting risk landscape, IT security professionals have to do more than just build up a wall of defensive solutions in the hopes that it will be sufficient to ward off a cyber attack.
They also have to face the possibility that a cyber attack might be unavoidable and figure out how to keep that from shutting down their organisation. That’s why an essential part of any cyber security strategy is building cyber resilience.
What is cyber resilience?
Cyber resilience is the ability of organisations to stay agile if they become the victim of a cyber attack. Weaving it into your cyber security strategy gives you an edge when you need to act fast.
By making smart choices when selecting defensive solutions, you don’t just gain protection against cyber attacks – you also gain valuable tools that empower your business to pivot as needed to minimise business disruption in the event of a successful cyber attack.
Why does it matter to my business?
If you think about what might happen to your business during a successful cyber attack scenario:
Would your operations grind to a halt?
How much money would you lose from the resulting downtime?
Today’s cyber attacks are more complex and more dangerous than ever before. Cyber security experts are innovating all the time, but so are the criminals – and they are just as motivated to damage your business as you are to defend it.
By building cyber resilience, organisations can ensure that they are agile and ready to act fast, deploying smart tools that maximise their defensive resources in case of trouble.
How can I boost my company’s cyber resilience?
A cyber resilient organisation has a variety of tools at their fingertips that can minimise business disruption in the event of a cyber attack. Build your cyber resilience by adding solutions with features that enable you to act fast in order to segment, block and stop damage. These solutions would include:
Email Security Gateway
DNS Security
Security Awareness Training
Simulated Phishing
Advanced Endpoint Protection
Mobile Threat Defence
Vulnerability and Patch Management
24/7/365 Device Monitoring
Firewall Management
Technical Reviews
Privileged Access Management
Email Encryption
User Admin Privilege
Cloud Access Security Broker
Data Analysts
Network & Log Security Monitoring
Office365 Monitoring
Back Up and Disaster Recovery
In conclusion
Technical defensive tools alone aren’t enough to protect a business anymore. That’s why embracing cyber resilience is crucial if companies want to truly protect themselves against cyber crime. Cyber resilient organisations combine strong security solutions with active, people-based defences for flexibility of response during a cyber attack.
Need Help?
Save time, money and resource with our cost-effective managed cyber security services designed to keep your users safe, protect your core infrastructure, enhance your security and mitigate risk. By utilising our expertise and experience you’re leveraging an enhanced team who are constantly trained and certified in all specialist areas.
We work alongside industry-leading vendor partners and invest the time and resources, so you don’t have to.
When you are busy running a SME with 101+ things to manage, you could be forgiven for thinking all bases are covered with O365 native security features and an antivirus product.
But with cyber criminals innovating faster than entry-level security features can keep pace with, affordable managed security services protect your core infrastructure without taking up your time or resources to manage them.
Security Posture-as-a-Service Animation
Watch our short animation to see how Security Posture-as-a-Service allows you to enhance your security posture, while being free to run your business.
Need to improve your cyber security posture?
Whether you’re just starting out, or know you need to invest more in technology and resource, our handy calculator, featured on the MyRedFort community, offers a comparison between taking it in-house vs using a managed security service.
Cyber security debt is a result of the perfect storm businesses face as they accelerate towards digital transformation.
Expanding cyber attack surfaces, lack of investment in technology and skills are exposing SMEs to great risk.
A perfect storm
Arguably, businesses have needed to focus on keeping their workforce productive and providing continuity in their performance for their customers. This has led to a large proportion of the workforce working outside the usual place of work, often using their own devices.
As a business leader, it also won’t have escaped your notice the reports across various media of the alarming rise in cyber attacks such as phishing scams and ransomware demands. This isn’t scaremongering, it’s fact. SMEs are now the main target of cyber criminals because they know they’re easier to breach than larger enterprises who have many more safeguards in place.
What is Security Debt?
Security debt is the continuing accumulation of security vulnerabilities in your software that compound to make it harder (read: impossible) to deploy enough remediation to secure your data and people from attacks. Unlike technical debt, which may get in the way of releasing new features for the needs of the business, the growing pile of security vulnerabilities puts your organisation at an increased risk from cyber attacks.
How do I know if I have security debt?
Unless you live and breathe your own technology environment the likelihood is, things are getting missed. Whether you’re aware of it or not, it’s likely you already have some security debt. This is because the threat landscape is continually shifting and the number of technologies available on the market to fix problems are vast. Throwing individual technologies at specific cyber issues isn’t the answer.
For example, many businesses think Microsoft 365 and their Antivirus has their needs covered – this simply isn’t the case. As a business grows it’s exposed to greater and greater risk as security controls don’t keep ahead of the complexities and gaps when a patchwork cyber security strategy is in place. Cyber security debt accumulates as a result of failing to implement the right security controls and cyber security strategy.
I can’t see or feel the debt, why should I care?
The cost of reducing or eliminating security debt is far less than the potential cost of a data breach in terms of incident response, fines, loss of customer and investor trust, and possibly litigation. In many ways, it should be considered an investment – an insurance policy, if you like.
Be smarter, more is not more
No business has unlimited budget or skills within their business to throw at their security posture, nor should it be required. Some businesses buy way too much security software because they think more is more.
The key is understanding what you need to protect and applying the right resource to it.
Start the conversation
Talk to your employees – Tell them how to look after your data and behave online.
Talk to your board – Get them to understand the importance of prioritising cyber security and the implications for business continuity if it’s not .
Talk to us – Even implementing basic security best practices or managing a limited amount of cyber security technology can be a big task without any, or the right, staff. We know our stuff and are happy to take time to understand what your business needs.
Discover a boardroom case for cyber security as a managed service!
NetUtils introduces Mobile Threat Defence as a managed service to protect organisations from mobile attacks.
You may have seen across the media that there has been a massive increase in attacks on mobile devices and applications with vendors like Apple rushing out multiple security updates to protect from zero day and now zero click compromises. We have all been lulled into a false sense of security that mobiles are immune to the sort of issues we have been seeing for years on our traditional endpoints but unfortunately this not the case. As the line between mobile and traditional endpoints continues to blur a security mindset will need to be in place and ready to provide visibility and secure access to our now modern endpoint devices.
“Modern Computing Devices are the biggest threat to data protection with 60% of all corporate data being consumed by mobiles/tablets/Chromebooks!”
2022 Global Mobile Threat Report – zimperium
Most organisations are not monitoring what these devices are doing and how they are being impacted by threats which have been magnified since working from home became the new normal. If your employees are using corporate mobile devices for the workplace, or accessing corporate data from personal devices, then Mobile Threat Defence is a key security solution and compliments your Mobile Device Management (MDM) solutions.
Zimperium’s z9 is the only on-device, machine learning-based security engine that has stopped every known and zero-day threat in the wild without an update / works in airplane mode.
“In 2012, we invented and patented Zimperium z9, the dynamically updatable machine learning framework that transformed Zimperium into the first mobile threat defence (MTD) vendor fully powered by on-device artificial intelligence.”
2022 Global Mobile Threat Report – zimperium
Zimperium’s z9 identifies:
Fake Wi-Fi
Man in the middle attacks
Leaky Apps – iOS and Android
Malware – phishing big problem (and main cause of Ransomware)
We’ve partnered with Zimperium to bring mobile threat defence to our customers
As a key mobile security solution, it has been incorporated into the NetUtils suite of cyber security managed services and incorporates the following key features:
On-device protection against known and unknown device network, phishing, and malicious app attacks
Operates on Android, iOS, and Chromebooks
Can be managed on any cloud or truly on prem
Works with multiple Unified Endpoint Management Solutions in a single tenant
Protects privacy without sending any PII/confidential data off the device
Protects mobile apps from “the development of and then running on mobile endpoints” in the wild
And can protect your device whilst the critical updates are being developed by the OS vendor
Zimperium2022 Global Mobile Threat Report
As the worldwide leader in mobile threat defence (MTD), Zimperium protects millions of mobile devices and apps. As a result, we have unmatched forensic data about mobile device, network, phishing, and app risks and attacks. After analysing the full breadth of our 2021 anonymized data and surveying security executives, we’ve gleaned unique insights on the state of mobile security in this Global Mobile Threat Report.
Cyber attacks on British businesses are becoming more frequent and more sophisticated – that’s a dangerous combination. Although an attack remains statistically unlikely, the chances are increasing almost daily.
Despite these trends, too many firms are still adopting passive, reactive policies, only reacting after an attack has happened. The question to ask yourself and your board of directors is whether you would be happy to leave the contents of your home uninsured, and only react if you had a burglary.
Think of your cyber security strategy as an insurance policy. While the best tools used to be affordable only to large enterprises, they are now much more accessible to SMEs. Given this, the challenge becomes how to bring it onto your management team’s agenda.
IT needs to be an innovator
As a highly digital economy, it is vital to be at the top of your game in the UK market. Whether your customers are B2B or B2C, evolving customer demands, operational efficiency, and the need to differentiate your products or services means IT needs to be at the centre of everything you do.
To do so, the limited IT resources you have cannot be consumed by tactical activities such as cyber security defences. Bailing water out of a leaking boat is a guaranteed way to ensure you never have the time or focus to drive new digital products or experiences for your customers.
By outsourcing “keeping the lights on” IT tasks such as cyber security, internal IT teams can be put to much more strategic use to innovate, create and develop. In the digital age, the reality is that every business initiative is an IT initiative – or at the very least needs involvement from IT.
Communicate the cost of an incident
Although the most common link is with paying a ransom demand, there are many ancillary costs associated to a cyber security incident – so much so that the response to the incident often proves much more expensive than preventing them in the first place.
And that assessment does not factor in the great intangible of reputational damage – the loss of public trust. In short, if your customers lose trust in you, they will leave.
Not only that, but it is estimated that only 35% of SMBs could remain profitable for more than three months without access to vital data.
To compound the issue, there is a recognised cyber security skills shortage in the UK. This makes it difficult to hire in specialist cyber security professionals, and as a result it can mean IT generalists without specific cyber skills trying to plug the gap.
Protecting the core of your business
More than 90% of successful hacks and data breaches start with phishing scams. By focusing on this threat and eliminating it, you can significantly reduce the cyber security risk factor.
By adopting cyber security as a managed service, you can focus on what matters to your without worrying about managing the burden of day-to-day IT infrastructure. With NetUtils managed services, you gain access to their highly trained, certified and experienced technical team who will manage, review and maintain your critical infrastructure so you don’t have to.
Managed cyber security versus in-house
Four ways managed cyber security services trump in-house recruitment:
Remove the pain and cost of recruitment: The cyber security skills shortage in the UK makes it difficult and expensive to recruit in-house
Short term-ism: The average tenure of senior security leaders is less than 3 years
Fills knowledge gaps: Only 6% of companies have a CISO on the board of directors, with the result being a lack of focus on security strategy
Lack of skills: The number of technologies needed in a comprehensive security strategy make it hard to acquire those skills in-house
From tighter regulations for public sector to ransomware and the continued rise of the remote workforce, the senior management team at NetUtils offer their observations on how businesses are adapting to the evolving working landscape.
The ‘great return to the office’ has not materialised as expected by most, with more organisations opting to have more staff working remotely as a permanent option.
David Bundock, Chief Operations Officer, NetUtils
The first of the studies that have looked at issues such as productivity and mental wellbeing are starting to emerge and, in many instances, home working seems to be on parity with office working and, in some cases, proving a benefit. However, organisations are now looking at the often-temporary measures rushed out to support home workers that are now becoming standard.
Where masses of laptops were hurriedly deployed, and cloud based filesharing systems were utilised to help teams collaborate – these devices and platforms need to be audited for security and compliance to standards such as GDPR. This will inevitably trigger more use of cyber security as a service – especially as the current shortage of skilled IT and Infosec staff grows.
Although Ransomware isn’t new, the last year has seen its meteoric rise in the public consciousness and indications show this year is, unfortunately, more of the same.
However, the move by AXA, one of Europe’s largest insurers, to stop offering new insurance policies that cover ransom payments to criminals for French policy holders may be the start of a wider trend across the region during 2022.
The logic is that ransom payments encourage more ransomware attacks and drive up the cost of cyber security insurance policies. Although UK companies can still gain insurance policies that will pay ransoms – assuming you can prove no liability, it’s likely that AXA’s position might spread.
The whole market for insuring against all forms of cyber-attack and outage is an interesting area and I suspect that this will gain a great deal more attention from enterprises.
Tighter regulatory oversight for the public sector.
Ashok Thomas, CEO, NetUtils
The NHS is already going through Data Security Privacy Toolkit (DSPT) processes and several recent tenders for large public sector organisations have made compliance to Cyber Essentials Plus a mandatory requirement for every supplier.
If the NHS is a template, then more public sector organisations will be required to adhere to CE+ within a few years. I’d expect these requirements to spread to anybody that supplies into the public sector.
The framework is not onerous, but it is audited which means that organisations need to do more than just a “check box” exercise so it’s wise to start looking at these optional processes now and before they become mandatory.
These are just some of the issues faced by organisations big and small, public or private sector. SMEs are often particularly vulnerable if they lack the skills and resources to adapt at the pace required.
From tighter regulations for public sector to ransomware and the continued rise of the remote workforce, read all about it from our senior management team as they weigh in on their thoughts for 2022.
Looking at 2022, and it seems clear that there will be tighter regulatory oversight for the public sector.
Steve Nicholls, Commercial Director
The NHS is already going through Data Security Privacy Toolkit (DSPT) processes and several recent tenders for large public sector organisations have made compliance to Cyber Essentials Plus a mandatory requirement for every supplier. If the NHS is a template, then more public sector organisations will be required to adhere to CE+ within a few years. And I would expect these requirements to spread to anybody that supplies into the public sector. The framework is not onerous, but it is audited which means that organisations need to do more than just a “check box” exercise so it’s wise to start looking at these optional processes now and before they become mandatory.
Although Ransomware is certainly not new, the last year has seen its meteoric rise in the public consciousness and the coming year will unfortunately be more of the same.
Malcolm Orekoya, Chief Technology Officer
However, the move by AXA, one of Europe’s largest insurers, to stop offering new insurance policies that cover ransom payments to criminals for French policy holders may be the start of a wider trend across the region during 2022. The logic is that ransom payments encourage more ransomware attacks and drive up the cost of cyber security insurance policies. Although UK companies can still gain insurance policies that will pay ransoms – assuming you can prove no liability, it’s likely that AXA’s position might spread. The whole market for insuring against all forms of cyber-attack and outage is an interesting area and I suspect that 2022 will be a year where its starts to get a lot more attention from enterprises.
The ‘great return to the office’ has not materialised as expected by most, with more organisations opting to have more staff working remotely as a permanent option.
David Bundock, Chief Operations Officer
The first of the studies that have looked at issues such as productivity and mental wellbeing are starting to emerge and, in many instances, home working seems to be on parity with office working and, in some cases, proving a benefit. However, organisations must now look at the often-temporary measures rushed out to support home workers that are now becoming standard. Where masses of laptops were hurriedly deployed, and cloud based filesharing systems were utilised to help teams collaborate – these devices and platforms need to be audited for security and compliance to standards such as GDPR. This will inevitably trigger more use of cyber security as a service – especially as the current shortage of skilled IT and Infosec staff grows.
Knowing where to start with your organisations cyber security can be confusing. Have you considered a dedicated cyber security platform to help reduce the risk of a cyber incident?
A combination of bad employee behaviour and dark web data spells trouble for businesses! From SMBs to giant multinationals, it doesn’t matter how high-flying a company is, unfortunately password problems will still plague them.
The struggle to get users to make good, strong, unique passwords and keep them secret is real for all organisations and IT professionals. It can be hard to demonstrate to users just how dangerous their bad password can be to the entire company, even though an estimated 60% of data breaches involved the improper use of credentials in 2020. There’s no rhyme or reason to why employees create and handle passwords unsafely, no profile that IT teams can quickly look at to determine that someone might be an accidental credential compromise risk. Employees of every stripe are unfortunately drawn to making awful passwords and playing fast and loose with them – and that weakness doesn’t look like it’s going away anytime soon.
Everyone is managing too many passwords
The average adult has an estimated 100 passwords floating around that they’re using. That’s a bewildering tangle of passwords to manage. The global pandemic helped put even more passwords into circulation as people either working from home or on furlough created an abundance of new online accounts. According to the conclusions of a global study conducted by Morning Consult for IBM, people worldwide created an average of 15 new online accounts, per person, during the main thrust of the pandemic.
Many of those logins were compromised from the start thanks to abundant dark web data. An estimated 15 billion unique logins are circulating on the dark web right now. In 2020 alone, security professionals had to contend with a 429% increase in the number of corporate login details with plaintext passwords exposed on the dark web. That dramatic increase in risk per user comes back to haunt businesses. The average organisation is now likely to have about 17 sets of login details available on the dark web for malicious actors to enjoy. That number is only going to continue to grow thanks to events like this year’s giant influx of fresh passwords from the RockYou 2021 leak.
Employees are dedicated to making bad passwords
Research by the UK’s National Cyber Security Centre (NCSC) shows that employees will choose memorability over security when making a password every time. Their analysts found that 15% of people have used their pet’s name as their password at some point, 14% have used the name of a family member,13% have used a significant date, such as a birthday or anniversary and another 6% have used information about their favourite sports team as their password. That makes the criminals jobs easy even if they’re trying to directly crack a single password. After all, those users have probably told them everything that they’d need to know to do the job in their social media profiles.
US companies aren’t any better off. In fact, their bad password problems are just a little bit worse. 59% of Americans use a person’s name or family birthday in their passwords, 33% include a pet’s name and 22% use their own name. We can’t chalk that blizzard of bad passwords up to ignorance of good password habits, because even employees who know better are slacking on password safety. Over 90% of participants in a password habits survey understood the risk of poor password hygiene, but 59% admitted to still engaging in unsafe password behaviours at work anyway.
Password sharing is rampant
Worse yet, employees are also sharing their passwords with other people at an alarming rate, even if the people they’re sharing a password with don’t work at the same company. Over 30% of respondents in a Microsoft study admitted that their organisation had experienced a cyber security incident as a result of compromised user credentials that had been shared with people outside their companies.
43% of survey respondents have shared their password with someone in their home
22% of employees surveyed have shared their email password for a streaming site
17% of employees surveyed have shared their email password for a social media platform
17% of employees surveyed have shared their email password for an online shopping account
Based on analysis of the top 250 passwords found through the application of Dark Web ID’s dark web search function that uncovers exposed credentials, these categories of information were used to generate the weakest passwords in 2020 which were: Names, Sports, Food, Places, Animals and Famous People/Characters.
The most common passwords spotted by Dark Web ID by category
Every organisation in every industry is in password trouble
No industry is immune to the powerful lure of terrible password habits, especially that perpetual favourite password recycling and iteration. In a study of password proclivities, researchers determined that some sectors did have a little more trouble with passwords than others though. The telecommunications sector had the highest average number of leaked employee credentials at 552,601 per company. The media industry had the highest password reuse rates at 85%, followed by household products (82%), hotels, restaurants & leisure (80%), and healthcare (79%).
A trove of exposed data about Fortune 1000 companies on the dark web was uncovered by researchers earlier this year, including passwords for 25.9 million Fortune 1000 corporate user accounts. Digging deeper, they also unearthed an estimated 543 million employee credentials from Fortune 1000 companies circulating on commonly used underground hacking forums, a 29% increase from 2020. Altogether, they were able to determine that 25,927,476 passwords that belong to employees at Fortune 1000 companies are hanging out on the dark web. That’s an estimated 25,927 exposed passwords per Fortune 1000 company, marking a 12% increase in password leaks from 2020.
Busted credentials are plentiful on the dark web
If data is a currency on the dark web, then credentials are solid gold. Credentials were the top type of information stolen in data breaches worldwide in 2020, (personal information took second place just over financial data in third), and bad actors didn’t hesitate to grab batches of credentials from all over the world. Cyber criminals snatched them up in about 60% of North American breaches, 90% of APAC region breaches and 70% of EMEA breaches. Researchers disclosed that the average company experiences 5.3 credential compromises that originate from a common source like phishing every year, a number that should give every IT professional chills.
An abundance of records on the dark web has spawned an abundance of passwords for cyber criminals to harvest, and that’s bad news. Giant password dumps on the dark web like the 100GB text file dubbed RockYou2021 have ratcheted up risk too. That giant dump of data is estimated to contain 8.4 billion passwords. Bad actors make use of that bounty quickly and effectively.
In the aftermath an enormous 2020 hack, ShinyHunters breached the security of ten companies in the Asian region and brought more than 73 million user records to market on the dark web. A group like ShinyHunters will of course try to profit by selling that stolen data at first, but when the data has aged or there are no interested buyers, cyber criminals will just offload it in the vast data dumps of the dark web making it available for anyone to sift through.
Protect your business from password danger quickly & affordably
With our support we can discover if any of your employee’s reused passwords have been exposed on the dark web so that you can change them right away.
What next?
By utilising our certified dark web monitoring tool we’ll perform a non-invasive scan of your company’s domain and produce a pdf report that will highlight any compromised credentials.
Steve Nicholls joins UK’s most qualified cyber security provider to focus on helping public sector organisations strengthen security and gain better value for money.
Kent, United Kingdom – 6th, July 2021, NetUtils, a leading IT specialist has appointed Steve Nicholls as its new Commercial Director– a move that coincides with its acceptance onto the Crown Commercial Services Technology Services 3 framework and major SoC investment to deliver flexible cyber security services to public sector organisations across the UK.
Over the last 28 years, Nicholls has gained a proven track record working in high pressure, high growth environments at leadership positions within SolarWinds and telent including successful, large scale projects with the MOD, London Ambulance Service, Maritime and Coastguard Agency, Network Rail and DEFRA.
Steve Nicholls
“It is clear that the impact of the recent health crisis has led to a significant increase in our national debt and the public sector is likely to face a period of belt tightening in response.” says Nicholls. “Yet, the ongoing digital transformation across national government, local authorities, health and education shows no signs of slowing down. This makes robust and cost-effective IT and cyber security a major requirement and the perfect focus for a highly-regarded specialist such as NetUtils that is well-known for delivering cost effective services.”
NetUtils has also been accepted across multiple lots of the recently published Crown Commercial Services Technology 3 procurement framework. The seven lots span areas including technology strategy and service design, operational services, major services transformation programmes, integration, and management.
The appointment of Nicholls is part of a multi-million-pound investment by NetUtils to recruit additional staff with enhanced training and expanded data centre capacity to deliver an enhanced IT services portfolio. For public sector, this includes a highly integrated managed cyber security service to help organisations strengthen their security posture and meet growing compliance requirements such as the Cyber Essentials Plus framework that becomes mandatory for all NHS Trusts this year.
NetUtils has also created special public sector pricing for its 16 cyber security managed services ranging from Endpoint Protection and Email Security all the way up to fully fledged SOC services. “The public sector has different procurement, operational and contractual requirements than the private sector and our new portfolio reflects these nuances with an offering that is not just technically sound but also commercially compelling,” Nicholls adds.
With a heritage spanning over 27 years, NetUtils is one of the UK’s longest serving specialist integrators of network, security, and data solutions. Today, it serves over 400 public sector, enterprise and service provider clients including many listed within the FTSE 100. NetUtils has built a reputation for technical excellence and is the most certified Juniper Networks partner in Europe and maintains over 420 industry and vendor accreditation within its team including CISSPs and CISMPs, Fortinet’s NS7, and Juniper JNCIPs. NetUtils is one of only a handful of UK suppliers to maintain ISO 9001, ISO 27001 and Cyber Essential certification.
Although a new addition on the Crown Commercial supplier framework, NetUtils has worked with over 200 public sector clients during the last 27 years. These include central government agencies, local, district and county councils, numerous NHS trusts and every ‘blue light’ emergency service.
The extensive list includes the Royal Borough of Kensington & Chelsea, Fife Council, State Hospitals Board for Scotland, London Borough of Hammersmith & Fulham, Police & Crime Commissioner for South Yorkshire and Newcastle Upon Tyne Hospitals NHS Trust.
Ashok Thomas
“Public sector has always been a major area for us and Steve joining the team along with our acceptance within the Crown Commercial Services framework is a new focus that recognises that the public sector needs better value for money from IT – and especially within cyber security,” says Ashok Thomas, CEO for NetUtils. “We are a highly focused and agile supplier that has built our business organically by delivering tangible results for our customers and our ongoing investment will help us to address the needs of a larger public sector client community.”
About NetUtils
NetUtils are a leading UK specialist integrator of network, security and data solutions for enterprise, telco, MSPs and ISPs. With more than 27-years history and over 400 enterprise and service provider clients including household names across finance, education, public sector, manufacturing, and healthcare, NetUtils brings its customers the depth and breadth of people, technologies and services to improve business performance in this ever-changing digital world.
Kent, United Kingdom – June 2021, NetUtils have been named as a supplier on Crown Commercial Service’s (CCS) Technology Services 3 (RM6100).
Crown Commercial Service supports the public sector to achieve maximum commercial value when procuring common goods and services. In 2019/20, CCS helped the public sector to achieve commercial benefits worth over £1bn – supporting world-class public services that offer best value for taxpayers.
NetUtils, a leading cyber security and managed services provider have recently announced they are to feature as a supplier on the Crown Commercial ServicesTechnology Services 3 (RM6100) framework. NetUtils are now able to provide their wide and diverse portfolio of cyber security and networking products and services via the platform.
Technology Services 3 (RM6100) is the next iteration of Technology Services 2 framework, which continues to cover traditional Information and Communication Technology (ICT) services, from strategy through to transition and operational deployment.
The agreement includes new services which have been requested throughout the customer and supplier engagement. This means whether a customer simply needs to buy support for end user devices or a complete long-term transformation of their technology services, Technology Services 3 is the ideal route to market, with services ranging from more ‘off-the-shelf’ services designed to meet a simple set of needs or more bespoke solutions to meet a complex set of customer requirements.
Lot 1 – Technology Strategy & Service Design
What it’s for?
If a customer needs to make a change to their technology estate, but doesn’t know what direction to go in and needs expert help, this is the Lot they’d use
Why would the Customer use it?
When a customer requires market expertise to help set their technology strategy and then create the supporting service design
To create an output that would then provide an implementation roadmap via the other lots within TS3
Lot 3b – Operational Management
What it’s for?
To provide customers with the operational management of the complex technology estate that supports their organisation from infrastructure to security
Why would the Customer use it?
To access the right tools and processes required to manage a complex technology estate effectively
To implement effective and robust cyber security across all their technology from physical devices to networks to access management
Lot 3c – Technical Management
What it’s for?
To provide access to the expert support required for the hardware and software that underpins customers technology estates
Why would the Customer use it?
When they have a complex network supporting wired, wireless, and mobile connectivity that needs ongoing management and support
To ensure they are able to effectively track and maintain all their technology assets from acquisition through to disposal
About NetUtils
NetUtils are a leading UK specialist integrator of network, security and data solutions for enterprise, telco, MSPs and ISPs. With more than 27-years history and over 400 enterprise and service provider clients including household names across finance, education, public sector, manufacturing and healthcare, NetUtils brings its customers the depth and breadth of people, technologies and services to improve business performance in this ever-changing digital world.
NetUtils Blog 