Here is an overview of the Cyber Essentials and GDRP Readiness Assessments that Marathon have recently delivered:


 

GLOBAL BRAND EVENTS COMPANY – PROJECT: CYBER ESSENTIALS SELF-ASSESSMENT

This highly successful organisation is heavily project focussed and needed to instil best practise information security awareness and control across the whole company to ensure that personal, confidential and time critical project information was being protected using best practise. Although this company had already implemented a security framework including policies and controls, Marathons’ Cyber Essentials Readiness Assessment workshop was able to highlight loopholes and gaps that presented a threat and risk to the company. As a certified assessor Marathon have been able help the company improve on its current security posture and certify under the UK governments Cyber Essentials scheme.

Roles: Cyber Essentials Certified Assessor


GLOBAL INSURANCE COMPANY – PROJECT: CYBER ESSENTIALS PLUS

This organisation is growing at an incredible pace and has inherited Information Security challenges associated with group companies that have been acquired. Marathon was able to re-certify two of the group company under Cyber Essentials Plus and is now leading a project to achieve Cyber Essentials Plus certification across the global organisation (5000 users).

Roles: Cyber Essentials Certified Assessor


UK CONSULTANCY – PROJECT: GDPR READINESS ASSESSMENT

Personal Information is core to this organisation’s business operation, with highly sensitive categories of data being collected and processed. GDPR compliance has therefore been recognised, at board level, as an organisational and commercial risk, taking into account the huge potential penalties that could apply (20,000,000 euros) to non-compliant companies. Partners and clients are also putting pressure on this company to underpin their existing information security controls (Cyber Essentials) and demonstrate Data Protection best practise especially relating to personal data. Marathon conducted a GDPR readiness assessment with all of the personal information owners (HR, Finance, Sales) and board level management present. The workshop was seen by the attendees as tremendous value in terms of their better understanding and awareness of GDPR and highlighting the specific challenges for each department. Following the workshop the company was given a template to conduct a personal information audit from which a comprehensive report was produced by Marathon including a gap analysis, risk assessment and the next steps. The organisation now feels a lot more confident in that we have helped them to initiate a GDPR project and program of work that will mean that by the time the GDPR becomes law on the 25th May 2017, their risk of being penalised will be significantly reduced.

Roles: GDPR Practitioner


UK ASSOCIATION – PROJECT: GDPR READINESS ASSESSMENT

This organisation recognised that the way they currently communicate with their clients would be challenged under GDPR and that they needed to adapt quickly. A GDPR workshop with the board of directors present established a common level of GDPR knowledge. Marathons approach to GDPR readiness means that the organisation is now undertaking a personal information audit across the organisation and Marathon will provide the gap analysis to drive the GDPR project forward in good time for when GDPR becomes law.

Roles: GDPR Practitioner