Hidden Agenda Ltd
IT Security for Camberley and the surrounding area
We are a small business providing IT Security consultancy to our fellow small businesses in the Camberley area. We offer a range of services to businesses that align with our philosophy.
National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) Compliance.
| Principle | Status |
|---|---|
| A1.a Board Direction | Achieved |
| A1.b Roles and Responsibilities | Achieved |
| A1.c Decision Making | Achieved |
| A2.a Risk Management Process | Not Achieved |
| A2.b Assurance | Not Achieved |
| A3.a Asset Management | Not Achieved |
| A4.a Supply Chain | Partially Achieved |
| B1.a Policy and Process Development | Not Achieved |
| B1.b Policy and Process Implementation | Not Achieved |
| B2.a Identity Verification, Authentication and Authorisation | Not Achieved |
| B2.b Device Management | Not Achieved |
| B2.c Privileged User Management | Not Achieved |
| B2.d Identity and Access Management (IdAM) | Not Achieved |
| B3.a Understanding Data | Not Achieved |
| B3.b Data In Transit | Achieved |
| B3.c Stored Data | Achieved |
| B3.d Mobile Data | Partially Achieved |
| B3.e Media/Equipment Sanitisation | Achieved |
| B4.a Secure By Design | Achieved |
| B4.b Secure Configuration | Not Achieved |
| B4.c Secure Management | Not Achieved |
| B4.d Vulnerability Management | Not Achieved |
| B5.a Resilience Preparation | Not Achieved |
| B5.b Design for Resilience | Partially Achieved |
| B5.c Backups | Partially Achieved |
| B6.a Cyber Security Culture | Achieved |
| B6.b Cyber Security Training | Achieved |
| C1.a Monitoring Coverage | Not Achieved |
| C1.b Security Logs | Partially Achieved |
| C1.c Generating Alerts | Not Achieved |
| C1.d Identifying Security Incidents | Not Achieved |
| C1.e Monitoring Tools and Skills | Not Achieved |
| C2.a System Abnormalities for Attack Detection | Not Achieved |
| C2.b Proactive Attack Discovery | Not Achieved |
| D1.a Response Plan | Not Achieved |
| D1.b Response and Recovery Capability | Not Achieved |
| D1.c Testing and Exercising | Not Achieved |
| D2.a Incident Root Cause Analysis | Not Achieved |
| D2.b Using Incidents to Drive Improvements | Not Achieved |