Conceived by CESG, the Information Assurance arm of GCHQ, CTAS is designed to provide assurance for a wide range of Government, MOD, Critical National Infrastructure (CNI) and public sector organisations engaged in the procurement of IT systems, products and services. This could range from software, web applications and internal networks to mobile devices, cloud services and wireless systems.
As only the third company to gain CTAS accreditation, Context will work alongside CESG and CTAS Accreditors to address specific information security issues and concerns, typically at pre-deployment stage. Context will also ensure that the assessment complies with all relevant CESG and Government regulations, through tailored evaluation processes conducted in its CESG-approved test laboratory that also has full ISO/IEC 17025 accreditation. Evaluation activities can include detailed reviews of security architecture, design and procedures as well as site audits, vulnerability analysis and penetration testing. At the end of the evaluation, a CTAS Assessment Statement will provide a full review of the issues discovered and make recommendations.
Context ’s CTAS status follows its recent certification as one of only four companies approved as part of the new Cyber Incident Response scheme launched by CESG and the Centre for the Protection of National Infrastructure (CPNI). As an established independent information security consultancy, Context has been providing technical assurance, targeted attack detection, response, investigation and mitigation services since 2007.
“This is another major Government accreditation for Context and is further endorsement of both our expertise and the quality of our testing services, which help protect mission-critical applications and architectures, ” said Alex Church, CTO at Context Information Security. “It also reflects CESG ’s commitment to harness the skills and knowledge of companies such as Context to help in the fight against the growing number of targeted attacks aimed at Government, CNI, and private sector organisations. ”