Tony is the founder and Managing Director of Indelible Data Limited, a Certification Body that has assessed more than 300 businesses under the Cyber Essentials Scheme.
He also delivers Accredited Cyber Essentials (ACE) Practitioner training at both foundation and advanced level on behalf of the Accreditation Body, QG Management Standards.
He is a Member of the Institute of Information Security Professionals, a Senior CESG Certified Professional, Certified Ethical Hacker and Certified Information Systems Security Professional.
Anna Wilson is the Financial and Operations Director. She is an Accredited Cyber Essentials Practitioner and is certified under the Open University’s Online Learning Scheme for Cyber Security.
While this experience is crucial, her extensive communications background on radio and in newspapers, helps give Indelible Data the edge in its efforts to get the Cyber Security message out to SMEs and multi-nationals alike.
|Cutting through the fog surrounding information security has helped companies select a cost effective service that is right for them, while assuring peace of mind and protection from the growing cyber threat.|
Neil Kendall is our experienced Technical Consultant and is a former lecturer of IT Security, a Microsoft Certified IT Professional and Certified Ethical Hacker.
He has a strong IT support background delivering services to a wide range of industries.
Neil is heavily involved in devising and delivering our Advanced Practitioner courses and Cyber Essentials Plus on-site assessments.
We have access to over 100 independent Cyber Essentials Practitioners throughout the UK whom we have trained and who have been accredited by QG Management Standards to help implement the requirements of the Scheme.
This means that, though we as a Certification Body cannot directly help companies install technical controls for the companies that we assess (this would be seen as "marking our own homework"), we can put you in touch with a suitable practitioner.
For more informtion on using (or becoming) an Accredited Cyber Essentials (ACE) Practitioner please visit the QG Management Standrards website
Indelible Data Limited also train practitioners to assess to Cyber Essentials Plus standard - more information about this can be found on our Certified Training page
A Cyber Essentials Certification Body that is authorised to assess to both Basic and Plus levels of the Scheme.
We are an established information security and technology consultancy: enterprise security architecture, lead security project management, training and auditing with extensive experience of commissioning projects containing sensitive data where information confidentiality, integrity and availability of service are of major importance.
Since its launch in 2009, the company has built up a strong reputation for reliability and client satisfaction when helping them become secure and comply with contractual obligations.
• Certified CESG Professional (Senior Level)
• Certified Information Systems Security Professional. (CISSP)
• Certified Ethical Hacking
• Certified ISMS Lead Auditor (ISO 27001)
• Microsoft Certified IT Professional
• Cyber Essentials Assessment (Basic and Plus)
• Cyber Security Training
• ISO 27001 Audit and ISMS Implementation requirements
• Risk Assessment and Triage
• Vulnerability Analysis / Management
• Business Continuity and Disaster Recovery Planning / Implementation
• Telecommunications and Network Security
• Legal and Regulatory Compliance
• Cyber Essentials Assessments.
We have assessed over 300 companies to the Cyber Essentials Scheme - we believe that, to date, this puts us ahead of any other Certification Body since the scheme began.
Our clients range from small businesses through to major International Banks, Global Technology Corporations.
Subject Matter Expertise analysing and assessing network and application vulnerabilities in order to maintain best practice procedures for patching the required systems in the correct order and in a timely manner (triage).
This was a huge project that involved taking data from several thousand servers internationally (using McAfee Vulnerability Manager), liaising with all the different platform and remediation teams, setting targets, baselines and compiling reports for Senior Management.
The office automation processes we developed to help the teams assemble data became vital to the success of the project - vastly improving the ability monitor and report vulnerabilities and action the required remedial work. This contract required Scotland Disclosure clearance and strict adherence to PCI, Sarbanes Oxley and ITIL
• Nuclear Supply Chain.
In line with ISO 27001, we have conducted a complete risk analysis programme and formulated policies and procedures to demonstrate that Information Security is of paramount importance when handling and sanitising commercial hardware that has originated from companies holding Sensitive Nuclear Information.
All business processes, software applications and telecommunications were audited and recommendations / implementation plans drawn up to commission a secure disaster recovery site to maintain availability of data processing functions.
• Software Houses.
These have clients who are large multinationals. We have been asked to oversee the implementation of ISO 27001 to allow them demonstrate their commitment to information security to help win and maintain contracts.
• Market Research Companies.
Developing strategies and solutions to secure the sensitive commercial information of high profile clients and personal details of participants. This involves developing training plans, writing policies and procedures, assessing Data Leakage, Firewall, malware and infrastructure solutions and making recommendations.
• Publishing Houses.
We have coordinated the PCI (Payment Card Industry) compliance programme to ensure sensitive data is handled and transmitted appropriately at the Head Office and remote sites. Conducting full gap analysis, risk assessment of business processes and forming implementation plans to instil a culture of security in the company and identify requirements to aid the selection of new software applications, physical access controls and network hardware.
• Online and mail order companies
Both local and national, have benefited from our ability to devise solutions to pressing IT security problems - many requiring a complete redesign of workflow and some benefiting from targeted adjustments to existing systems in order to meet PCI requirements.