CYBER SECURITY AND COMPLIANCE EXPERTS

About Arculus

We enable our customers to securely realise the benefits of digital transformation through pragmatic solutions, guidance and services We are committed to delivery for our customers with a proven track record for successful security outcomes in complex and challenging government and enterprise organisations

Security Consultancy

At Arculus, our extensive experience tells us that a clear understanding of risk is critical to the best security solutions. Too much security is as damaging as too little, so solutions and controls must be proportionate as well as effective. Our consultants have worked with customers in the public and private sectors to provide robust solution designs in compliance with applicable security standards whilst delivering the business functionality required.
We will work with you to achieve the security and assurance outcomes required to enable the success of your project programme or organisation.

Penetration Testing

Penetration testing enables you to identify and close vulnerabilities in your organisation's information systems before they are exploited and result in a breach. Arculus have some of the best testers in the business, who regularly identify vulnerabilities in client systems and advise on how to fix these to avoid full compromise of IT systems and web applications.

Compliance & Certification

Compliance with applicable legal and regulatory requirements is critical to any organization. Whether legal obligations for handling of personal information such as GDPR or HMG Minimum Cyber Security Standard, Arculus consultants are experienced in supporting our clients in achieving compliance and demonstrating that compliance to stakeholders inside and outside of the organization.

Security Architecture

Security architecture is the design of information systems that have suitable security controls in place to mitigate a given level of risk while supporting business functionality and objectives. Arculus consultants are experienced in the use of security architecture approaches including SABSA and TOGAF.

Our architects are qualified to provide expert guidance under the NCSC Certified Professional Scheme.

PENETRATION TESTING

Penetration Testing enables organisations to identify and address vulnerabilities in their information systems before they are exploited and result in a breach.

Arculus is a specialist, independent provider of penetration testing services. We are a member of key security assurance schemes including CREST Security Penetration Testing, and are a Cyber Essentials Plus certifying organisation. Services include:

• Web application testing (OWASP)
• Network and infrastructure testing
• Cloud-based testing, including AWS and Azure
• Compliance testing, including for PSN and PCI DSS
• Vulnerability scanning and monitoring
• Code review
• Social engineering and Red Teaming

Compliance and Certification

Compliance frameworks and standards are useful tools for achieving and maintaining a level of security management. Crucially, a recognised certification enables the holder to demonstrate this level to all stakeholders. Arculus are experts at supporting organisations in achieving compliance and certification against key standards including ISO/IEC27001, NIST, SOC2 and the Payment Card Industry Data Security Standard (PCI DSS).

We use principles-based guidance such as the NCSC Cloud Security Principles to assess systems and services and provide reports which can be used to demonstrate how the organisation meets those principles in their own context.

We engage with business and technical stakeholders at all levels to evaluate the governance processes, technical, physical and personnel level security controls. We provide pragmatic support and guidance to build information security management systems that are compliant with ISO/IEC 27001 and can be certified by the chosen certification body. We have a successful track record of achieving certification for clients from small to medium enterprises right through to large corporates operating on many sites with thousands of users.

Information Risk Management

Effective information risk management is fundamental to successful information security. At Arculus we have in depth experience of using widely recognised information risk management methodologies and processes including ISO/IEC27005. IRAMM, IS1&2. We have designed and implemented custom risk management processes to meet the needs of our customers and have been used in successful ISO/IEC 27001 certification.

Our consultants are qualified to provide information risk management advice under the NCSC Certified Professional Scheme.

Cyber Essentials and Cyber Essentials Plus

Many cyber security incidents can be prevented and mitigated against using good practice and basic security controls and techniques.

Cyber Essentials is a government-backed, industry supported scheme which provides guidance to help all sizes of organisations measure their defences against common forms of cyber-attacks.

The systems that fall under the scope of the Cyber Essentials scheme include internet connected end-user devices (desktop PCs, laptops, tablets and smartphones) and Internet connected systems (e.g. email, web and application servers).

Arculus can provide you with expert consultancy to help you achieve Cyber Essentials and Cyber Essentials Plus certification.

Contact Us

Our Team

Arculus consultants are qualified to the highest level under the NCSC Certified Cyber Professional Scheme to provide security advice and guidance as well as accreditation services. Our people have worked with customers in the public and private sectors to provide assurance that systems, processes and controls comply with required security policies and standards whilst enabling the business functionality and priorities required.

HMG Information Assurance Services

Arculus consultants are qualified to the highest level under the NCSC Certified Cyber Professional Scheme to provide security advice and guidance as well as accreditation services.

Contact Us

Please submit your enquiry below or contact us at info@arculus-cybersecurity.co.uk