Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  4. Cyber GSeC

Author: Government Security Centre for Cyber (Cyber GSeC)

Cyber GSeC

Providing consultancy and advice services to improve cyber security across the UK government.

Who we are

We are hosted by HMRC and provide consultancy and advice services to improve cyber security across the UK government. We work directly in support of the Government Cyber Security Strategy.

We are funded through the National Cyber Security Programme and the services we offer are free for departments.

Our services

Cyber Security Gap Analysis (CSGA)

CSGAs are one of the cornerstones of our capabilities. By using our unique ability within government we work with departments to help them understand their cyber security posture and make recommendations on areas for improvement.

GovAssure Support

We are supporting departments with the following 2 stages of the 5-stage GovAssure process.

Stage 3 – Self-Assessment

We will support departments to understand their cyber risk posture and assist with completing their self-assessment return for each system identified in scope.

Stage 5 – Final Assessment and ‘Get Well Plan’

We will provide bespoke consultancy to support departments with the necessary remediation activity required to reduce their cyber risk posture, in response to recommendations from their GovAssure ‘Get Well Plan’.

Cyber GSEC GovAssure Brochure

Purple Teaming

Purple Teaming combines the traditional Red Team (offensive) and Blue Team (defensive) exercises to help organisations to fully understand how prepared they are to respond to various attack scenarios. This is coordinated through a central function within the organisation and conducted blind to the majority of those involved. This enables us to test real world scenarios in a safe and secure way.

Supply Chain Security Consultancy (SCSC)

We have developed the SCSC Framework to help departments with any security related needs across their supply chain.

The SCSC Framework is formed from 7 different consultancy offerings which cover the main stages of a procurement lifecycle such as pre-procurement, in-service and contract end. It has been designed to help departments strengthen their maturity across their supply chain whilst leveraging key security guidance from UK government and the National Technical Authorities (NTAs) such as National Cyber Security Centre (NCSC) and National Protective Security Authority (NPSA).

Active Cyber Defence and Open Standards Adoption

We provide support and expertise to organisations to adopt NCSC’s Active Cyber Defence (ACD) suite of services and other open standards such as MTA-STS, DNSSEC etc.

We have published guidance on how to set up MTA-STS and TLS-RPT email security standards.

Bespoke Consultancy

We also work directly with departments to help with bespoke requirements using the wide range of expertise that exist within our team.

Contact the team

If you are interested in any of our services, or want more information email cybergsec@hmrc.gov.uk

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now