Our services

Cyber advisory and testing servicesMany organisations may be at risk of attack – perhaps unwittingly - because they simply do not know the strength and maturity of their cyber security estate, and have no certain way of ascertaining it.Regular security tests can help reduce such threats from both external hackers and saboteurs within the organisation itself, but they do not supply a full or detailed picture of potential vulnerabilities.Organisations are not able to assess the risk they are currently exposed to, nor even identify the level they consider acceptable to their business.

Capita’s aligned Security Testing and Consultancy practice delivers the total picture of cyber security status that organisations need.

We can design a bespoke approach to identifying security needs that fit your business, budgets and levels of security awareness.

We use advanced scanning techniques that combine process assessment and vulnerability identification to give a complete end-to-end view.

We can alternatively apply these techniques independently for the fastest results.

Our capabilities can be split into three main areas:

Implementation, support and audit using industry best practice standards

Security testing and technical assessment

Threat prevention

Why Capita for security testing?
We support our cyber portfolio with a wide range of in-depth professional services.Our penetration testing, software testing, compliance, governance and threat analysis help you identify and understand the risks to your business, and address them rapidly.We partner with Qualys and other market leading organisations in the cyber security field, enabling us to offer the appropriate technology on an individual basis and embed our solutions in ways that deliver the best results for customers.We offer fast, quality assessment, enabling our customers to rapidly identify risks and therefore remediate faster and more effectively.We provide aligned consultancy and security testing. The broad experience we’ve acquired means our customers benefit from the perspective and context that we bring to their cyber security issues, delivering a higher quality end product. Cyber security servicesThoroughly understanding the maturity of your cyber security is a vital first step in protecting your organisation from threat. The next is to use that insight to strengthen your defences. For businesses today, the perimeter has become blurred. Integration up and down the supply chain has become the norm, whilst increasing use of the cloud means many organisations no longer have any control over their boundary.That’s why a strategy of cyber security must be complemented with cyber resilience. Resilience is about your ability to limit the effects of an attack and continue to deliver the outcomes essential to your business. This means having visibility about what is happening in your network – being able to identify the source and all points of infection quickly and accurately – so that they can be remediated.There are four key aspects:1. BenchmarkingBy knowing what is normal for you, a business can proactively monitor for deviations, be it unusual traffic flows, data hoarding, use of Shadow IT or even simple breach of policy.2. ComplexityThe average enterprise organisation typically has around 70 security vendors within their architecture. They are being compromised by complexity – and a lack of integration that can lead to gaps in protection. Consolidation is essential for being able to identify and respond to threats.3. Global insightHacking is a global issue that demands a united front from all businesses. Whilst security by its very nature inclines businesses to become insular, any strategy that does not take into account threat intelligence about what is happening in the internet at large, fails to learn from the experiences of other organisations.4. The bottom lineIt isn’t unusual for hackers to spend months inside a company, siphoning off information before using that property to attack its supply chain. It is therefore not only the cost of the lost data and associated fines, but the loss of customer trust and business. It is a cost few organisations can afford.Why Capita for Cyber Security and resiliency

We are accredited by the leading security vendors, including Cisco and Palo Alto

We are trusted to protect critical organisations across the UK, including the NHS Digital network

We prevent over 1 million spam emails per month from entering school systems

We run our own Security Operations Centres (SOCs), which are purpose-built, highly secure and use the most experienced cyber-security talent.

Security incident and event monitoringTo defend against increasingly sophisticated cyber-attacks, organisations need to constantly monitor vast amounts of data – siloed logs, alerts, threat feeds, network flows, user activity and more.For many, the burden of tracking all this information can be too much to manage, or too expensive to justify. It is an enormous task that grows more complex every day and requires the latest technology and the highest level of expertise to do well.Capita’s security incident and event monitoring service addresses that need. It provides real-time monitoring and analysis of security alerts from within an organisation’s network, from one of our three Security Operations Centres.These purpose-built facilities are based in Great Britain, Northern Ireland and India, and are staffed with certified cyber security professionals employing a variety of market-leading solutions. They are dedicated to finding the cyber ‘needle in a haystack’ that presages the early stage of a cyber-attack.Capita’s Belfast SOC is the most recent state-of-the art addition, and the only one of its kind in Northern Ireland. Together with GB and India, this multi-location approach provides a degree of service resilience beyond most organisations’ reach, and offers our customers the ability to be monitored 24/7/365.Each SOC is tapped into pre-public threat intelligence from the National Cyber Security Centre (NCSC) – a degree of foresight otherwise unattainable for most of our clients.

How does it work?

Our SOC’s flagship offering is IBM’s QRadar (Gartner and Forrester’s leading SIEM solution). It gathers security intelligence from throughout a client’s estate, and currently supports more than 500 product integrations.Each SOC has the flexibility to install and manage a range of QRadar deployment options, which can be hosted in Capita data centres or client premises.This comprehensive, end-to-end platform generates a real-time view of vulnerability across a client’s entire estate, supporting it with a global network and advanced AI and behaviour analytics.Why Capita for SIEM?

Our SOCs are purpose-built, highly secure and operated by the most experienced cyber-security talent.

They are full spectrum Managed Service Providers, and don’t rely on other MSPs to respond to incidents.

Our network of three SOCs and geographically distributed analyst teams enable 24/7/365 monitoring and an exceptional degree of resilience.

We bring our clients the skills and capabilities of highly experienced cyber security professionals that are otherwise hard to find, expensive to employ, and difficult to retain.

You’ll have real-time identification of security incidents and prioritisation of those with the biggest business impact.