Falanx Cyber

CybSafe - Cyber Security Awareness Training, Phishing Simulation and Risk Reduction Platform

CybSafe - A truly intelligent cyber security awareness, behaviour and culture solution - designed and developed by former UK Government cyber security specialists, psychologists and a team of dedicated professionals who are passionate about making the world a better place by helping people to be safe online

Features

  • GCHQ accredited training material developed by former UK Government specialists
  • Content and platform features grounded in psychology and behavioural science
  • Machine learning customises content for users, putting security into context
  • Advanced proprietary analytics measure user awareness, behaviour and culture
  • All content is continually updated and improved throughout license period
  • Ongoing and adaptive user testing ensures retention of learned knowledge
  • Sharing and communication features encourage user interaction and reporting
  • Supply chain assurance tool allows oversight of supply chain human-risk
  • Fully customisable content to reflect organisational policy and procedure
  • Integrated simulated attack tools include phishing, smishing and USB drops

Benefits

  • Human-centric design empowers users to contribute and engage with security
  • Demonstrably reduces human-cyber risk including phishing click rates
  • Demonstrably increases user engagement, communication and attitude
  • Plug-and-play design requires no input from admins after initial setup
  • Allows complete oversight of organisational cyber awareness, behaviour and culture
  • Administrator dashboard allows comprehensive reporting for easy demonstration of compliance
  • See genuine change in organisational security culture
  • Learning content accessible remotely, at any time, reducing user downtime
  • Completion will comprehensively support compliance with GDPR and NIS Directive

Pricing

£0.57 to £1.72 per user per month

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

5 1 8 2 9 5 5 0 1 6 5 8 2 4 4

Contact

Falanx Cyber

Tom Evans

0207 856 9450

info@falanx.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints CybSafe routinely release updates during business hours operating a zero downtime deployment policy. Any significant maintenance requiring outage will take place outside of business hours after reasonable notice has been provided.
System requirements Browser and internet access

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our Customer Success team are available during UK business hours (excluding UK Public Holidays)
User can manage status and priority of support tickets No
Phone support No
Web chat support No
Onsite support No
Support levels CybSafe Managed Service is designed to provide the vital support needed to enable organisations to make tangible and demonstrable improvements to their cyber security resilience and data protection as far as Awareness, Behaviour and Culture is concerned.

It is aimed at organisations for whom a one-size-fits-all solution may not be effective, and so want assistance tailoring a programme to meet organisational or strategic needs.

Support can include:
Strategy Development & Objective Setting
Collaborative Planning
Regular Interaction
Constant Measurement & Reporting
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Please see service definition document.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Please see service definition document.
End-of-contract process Please see service definition document.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The service is designed to be user friendly on Mobile as well as desktop
Service interface No
API No
Customisation available Yes
Description of customisation Customise the CybSafe platform to suit the specific needs of your organisation.
From dual-branding, to customised phishing emails and custom module learning content - simply contact us to discuss what you need

Scaling

Scaling
Independence of resources Please see service definition document.

Analytics

Analytics
Service usage metrics Yes
Metrics types Please see service definition document.
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Reseller (no extras)
Organisation whose services are being resold Cybsafe

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Other
Other data at rest protection approach All data hosted on infrastructure from Amazon Web Services (AWS) – the data centres are ISO 27001, ISO 27017 and ISO 27018 certified, PCI-compliant.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Please see service definition document.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks Please see service definition document or contact us for information.
Data protection within supplier network Other
Other protection within supplier network Please see service definition document or contact us for information.

Availability and resilience

Availability and resilience
Guaranteed availability Cybsafe shall use commercially reasonable endeavours to make the Services available 97% of the time during Core Hours
Approach to resilience Available on request
Outage reporting Available on request

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Whitelisted IP and dedicated EUD.
Access restriction testing frequency At least once a year
Management access authentication Dedicated link (for example VPN)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • GCHQ Certified Training (GCT)
  • IISP Accredited Learning Content
  • Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We operate an Integrated Management System covering all certifications.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Available on request
Vulnerability management type Undisclosed
Vulnerability management approach Available on request
Protective monitoring type Undisclosed
Protective monitoring approach Available on request
Incident management type Undisclosed
Incident management approach Available on request

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £0.57 to £1.72 per user per month
Discount for educational organisations Yes
Free trial available No

Service documents

Return to top ↑