CHECK was developed for government departments, public sector bodies, and the organisations forming the UK’s critical national infrastructure (CNI) to gain external, independent assurance; however, many private sectors within these supply chains elect to perform CHECK testing to demonstrate adherence to good practices and meet contractual obligations.
A CHECK ITHC should ensure that your organisation’s scoped assessment has a realistic threat scenario and should not just be considered a box-ticking exercise. Adding this threat modelling helps you design testing with outcomes that will help prove whether your scoped element is vulnerable to the threats you identified. A good example is on air-gapped networks; many organisations request a simple penetration test, whereas scoping the ITHC as a malicious insider or rogue administrator scenario can prove far more helpful in identifying risks and attack vectors that may be unknown.
Penetration tests will be conducted using NCSC-recognised methods. The subsequent report and its recommendations are meticulously crafted to a recognised standard. They are reviewed by the NCSC, ensuring the highest level of quality.
What do I get from an ITHC provider?
Whatever you're protecting, we apply defence grade cyber security skills whilst taking into consideration the realities of day-to-day business operations. We help our customers to address their known - and their unknown - cyber risks.
At our core, we believe in the power of personalised guidance. Whether you have questions or feedback, we're here to listen and support you every step of the way. Reach out via the form and we will be in touch as soon as possible.