Clients, Partners & the Supply Chain

Our valued clients, end clients, partners and suppliers include HMG Departments and their Supply Chains

CLIENTS

 

SCENARIOS

 

CEO

Evidence of Compliance

We are a major UK Government supplier. I need to provide evidence of compliance with our contract and the Schedules including 2.4,  following a partner organisation's widely-publicised breach. 

Breach of Contract

Contractual clauses

Our largest client has advised us we are in breach of contract due to a lack of evidence of compliance with contractual cyber security requirements. I need a review of our contractual obligations.

Supply Chain Lead

Review and assessment

I'm accountable for security in our supply chain. I need a trusted expert to lead a complex programme to determine the current level of risk from our suppliers' level of security compliance including Cyber Essentials controls, NCSC's 10 Steps and ISO27001

CFO

Certification

I'm accountable for our cyber security and data protection risks. I'm aware we have achieved ISO27001 certification but a potential client has questioned the scope of our SOA and GDPR compliance. I need a trusted review of our current position.

Global Risk Owner

Serious incident

I've been summoned to our HQ following a serious incident. I need a trusted expert to help me understand the potential consequences of what happened, what should have prevented it, what risk mitigation we have in place today and what changes we can implement relatively quickly.

Cyber Risk Owner 

Governance

I'm now responsible for cyber security in our department. I need to understand what we should be doing (mandatory requirements) and who should be doing it (roles and responsibilities). 

CISO

Supply Chain Securiy

One of our suppliers has advised us of a  recent security incident. I need someone to liaise with all key stakeholders in the supply chain, lead the investigation at a senior executive level and explain to me what has happened, what the potential impact is and what our options are going forward.

Investigation Owner

Internal investigation

I'm responsible for cyber security risk for our department. A member of staff recently reported an internal security breach to me and I need assistance from a trusted expert. We may need to report the incident to the police and initiate legal proceedings.

Accountable & Liable

Compliance and investigation

I've been advised a member of staff is responsible for a breach of security which must be reported to our Government client, the ICO and potentially law enforcement. I need a second opinion. 

CONSULTANCY

 

Lockcode's CEO and Founder, Samantha, started her specialist infosec career as a Research Scientist for the UK Defence and Evaluation Research Agency (DERA) over 20 years ago, and has over 35 years’ experience in science, technology and engineering.

Samantha Sanderson

BSc (Hons), LCCP, MIET

LI-In-Bug.png

HMG CERTIFIED PROFESSIONAL CONSULTANCY SERVICES

Sam has provided specialist technical security consultancy and coaching services to Government departments and their supply chains in the defence, intelligence, central government, law enforcement and the regulatory environment. She also provides specialist coaching and mentoring services for existing and aspiring information and cyber security leaders. 

NCSC CCP LEAD SIRA | CLAS | ITPC

She has achieved specialist HMG security certifications during her infosec career including CESG (formerly part of GCHQ) Listed Advisor Scheme (CLAS) and is one of the few National Cyber Security Centre (NCSC) Certified Professional Security and Information Risk Advisors (SIRA) at the Lead level.

 

HMG CYBER SECURITY COMMERCIAL GROWTH

In 2015 and 2016 Samantha delivered the HMG-funded role of Cyber Security Small Business Champion, delivered through techUK, addressing the barriers faced by small cyber security businesses in the supply chain.

GCHQ CERTIFIED TRAINING (GCT)

Through her company, Lockcode, Samantha also authors online  GCHQ Certified Training  courses and packages, designed to help busy executives understand and tackle the challenges of cyber security leadership and governance. 

 

SOUTH EAST CYBER | COMMUNITY

She is also the founder of  South East Cyber  (SECyber), a not-for-profit organisation providing free cyber security training, education and awareness workshops to SME business leaders in the South East of England. SeCyber speakers and advisors have included DCMS and other Government departments, techUK, Surrey and Sussex Cyber Crime Unit, South East Regional Organised Crime Unit, Cyber Security Challenge, Barclays Bank, Knowledge Transfer Network, investors and industry.

GCT

GCHQ Certified Training

Introduction to Cyber Security Leadership and Governance

GCHQ Certified Training

The Cyber Threat to UK Businesses

GCHQ Certified Training

Risky Business: Managing your Information Risk

 

Copyright © Lockcode Limited 2020

Registered in England 2004

Company No. 05078345

CCS_2935_Supplier_AW_300dpi.jpg