Cyber Security Education Training and Services
Award winning, international SME providing holistic Cyber Security consultancy to governments/private sector. Services include Strategy; Board-level engagement; Competency development; GCHQ Certified Training/eLearning for NEDS, Boards, SIROs, CISOs, IAOs, Clinical roles, Cyber Security Awareness, GDPR, NISD; Business/Threat Intelligence; Audits; Incident Response; Red Teaming; Technical and Policy Reviews; Cyber resilience development.
Features
- Interactive and engaging content, including GCHQ certified courses
- Scenario based; ability to customise with own branding, policies, etc
- Speedbriefs and assessment to consolidate and measure learning
- Blended solutions on/offline to support learning with experienced SMEs
- Up to date content developed by experienced Cyber SMEs
- HTML, mobile and tablet friendly, easy navigation and bookmarking
- SCORM 1.2 and 2004 compatible hosted courses (in house optional)
- GCHQ certified training/mentoring for NEDs, Boards, SIROs, CISOs, IAOs
- GCHQ certified elearning including Maritime, Cyber Awareness, GDPR, NISD, IAOs
- Glossary and customisable speedbriefs
Benefits
- Increased knowledge and awareness of cyber security best practices
- Learning experience optimised for immediate application in workplace
- Learning can be tracked and MI produced for audit/compliance
- Learning accessible on demand to accommodate operational needs
- Scalable and cost effective offerings
- Assessment and personalised certification of completion to motivate/recognise employees
- Helps support compliance with industry standards and legislation
- Helps employees understand how to prevent, detect and mitigate risks
Pricing
£750 a person a day
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
8 9 6 6 5 8 7 2 9 9 9 3 9 8 6
Contact
Templar Executives
Anu Khurmi
Telephone: 0203 542 9075
Email: anu@templarexecs.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- This service can be provided as an extension to Learner Management Systems (LMS) for Cyber Security and Information Assurance training and consultancy services.
- Cloud deployment model
- Public cloud
- Service constraints
- N/A
- System requirements
-
- Minimum OS Windows 7
- Internet Explorer 9 and above
- Browsers - Firefox, Safari, Google Chrome
- IOS and Android (mobile and tablet) compatible
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- SLA is agreed upfront with client.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- SLA is agreed upfront with client in accordance with their requirements.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- The service is simple and no additional training is required in order to access training. Should any additional support be required, we would agree with the client and ensure a seamless approach for users.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- We delete any client information (which is kept minimal) and confirm, as per agreement, with the client that this has been actioned. Where the client is hosting, the data is stored on their own system and managed accordingly.
- End-of-contract process
- User data is deleted and confirmed with the client. Typically there are no additional costs when a contract comes to an end.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- There are less cosmetic background images to ensure fast loading speeds, otherwise functionality is the same.
- Service interface
- No
- API
- No
- Customisation available
- Yes
- Description of customisation
- Branding, content and images can be customised; this is scoped in accordance with client requirements and will be developed and provided as an additional service from Templar Executives.
Scaling
- Independence of resources
- Proactively monitoring usage and upgrading capacity as required.
Analytics
- Service usage metrics
- Yes
- Metrics types
- MI reports are generated - user access, number of attempts, assessment score and completion rates.
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
-
Data hosted in the client LMS environment is already accessible in accordance with the client procedures.
Where hosted by Templar Executives, MI is provided in accordance with the agreed client SLA. - Data export formats
- Other
- Other data export formats
-
- MI reporting in PDF provided by Templar Executives when hosting.
- For client hosting, it will depend on the client's LMS.
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- If hosting, Templar Executives upload data via CSV.
- If hosted by client, SCORM 1.2 or 2004 files provided.
Data-in-transit protection
- Data protection between buyer and supplier networks
- Other
- Other protection between networks
- Templar Executives and client will transmit data directly with each other in accordance with the protocols for data protection in place.
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- We agree SLA upfront with client and have not had cause to provide any refunds to date.
- Approach to resilience
- Available on request.
- Outage reporting
- Primarily via email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Username or password
- Other
- Other user authentication
- For client hosted LMS environment, authentication will be done by client.
- Access restrictions in management interfaces and support channels
- Unique user sign on and password allows access to be restricted.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Username or password
- Other
- Description of management access authentication
- N/A
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- Cyber Essentials Plus
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Cyber Essentials Plus
- Information security policies and processes
-
Our Information Security suite of policies is based on best practices and we are diligent and committed across the company in practicing and maintaining a proactive approach with regards to safeguarding all information assets. We are Cyber Essential Plus certified and undergo regular external audits in order to maintain key certifications such as our GCHQ certifications for a wide range of training courses.
We keep our processes updated in line with current threats and apply the same scrutiny to our third party suppliers, ensuring they also have the security controls we require commensurate with the information being handled.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- We apply version control for the content and a QA process to assess impact and quality control before any changes are released, which will include security.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- We continually assess risks and threats to our service and liaise with our suppliers who take a proactive approach in addressing any potential vulnerabilities.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- N/A
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have an incident response policy which describes the process. Any users are able to contact us direct or through their management if there is an issue/concern they wish to report.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £750 a person a day
- Discount for educational organisations
- No
- Free trial available
- No