Advice Cloud

G-Cloud experts and government procurement consultants

0330 124 4224

  • About
  • For Suppliers
    • For Suppliers
    • Our Services
      • End-to-End Procurement Support
      • Go To Market Assessments
      • Workshops & Training
      • Framework Listings
      • G-Cloud Buyability™ Review
      • Bid Review Services
    • Frameworks
      • G-Cloud
      • Digital Outcomes & Specialists
      • Network Services
      • Data and Application Solutions
      • Technology Services
      • Technology Products
      • Transport Technology & Associated Services
      • Other Frameworks
    • Dynamic Purchasing Systems
      • Artificial Intelligence
      • Cyber Security Services
      • Automation Marketplace
      • Spark Technology Innovation Marketplace
      • IoT Technologies Services
      • Digital Technology Services
      • Quality Assurance and Testing for IT Systems
      • Gigabit Capable Connectivity
      • YPO Care Technology
      • HSCN Access Services
    • Why Choose Us?
      • Case Studies
      • Our Experience
      • Our Process
  • For Buyers
    • For Buyers
    • Our Services
      • G-Cloud Support Desk
      • G-Cloud Procurement Services
      • Digital Outcomes and Specialists
      • General Support Services
      • UKCloud Health services
    • Why choose us
      • Our Experience
  • Training
  • Spend data
    • Spend data
    • Spend Data
      • G-Cloud Sales
      • Digital Outcomes and Specialists and Digital Services Sales
  • Resources
    • Resources
    • Procurement Essentials
      • Procurement 101
      • What is a Framework?
      • What is a Dynamic Purchasing System?
    • Ultimate Guides
      • Ultimate Guide to G-Cloud
      • Ultimate Guide to Digital Outcomes and Specialists
    • Tools
      • G-Cloud Sales
      • DOS and Digital Services Sales
      • Procurement Pipeline
      • Framework Alert
    • Resources
      • Blogs
      • G-Cloud
      • DOS
      • Business Guides
      • Expert Insights
      • Research
      • Events
      • Press
      • Videos
      • Announcements
  • Contact Us
End-to-End Procurement SupportGo To Market AssessmentsWorkshops & TrainingFramework ListingsG-Cloud Buyability™ ReviewBid Review Services

Get to grips with the Vertical Application Solutions framework

You can now watch the session for free. Where we run-through the Vertical Application Solutions framework with our Strategic Adviser and ex-Local Gov CIO, Jos Creese.

WATCH NOW

G-CloudDigital Outcomes & SpecialistsNetwork ServicesData and Application SolutionsTechnology ServicesTechnology ProductsTransport Technology & Associated ServicesOther Frameworks

Get to grips with the Vertical Application Solutions framework

You can now watch the session for free. Where we run-through the Vertical Application Solutions framework with our Strategic Adviser and ex-Local Gov CIO, Jos Creese.

WATCH NOW

Artificial IntelligenceCyber Security ServicesAutomation MarketplaceSpark Technology Innovation MarketplaceIoT Technologies ServicesDigital Technology ServicesQuality Assurance and Testing for IT SystemsGigabit Capable ConnectivityYPO Care TechnologyHSCN Access Services

Get to grips with the Vertical Application Solutions framework

You can now watch the session for free. Where we run-through the Vertical Application Solutions framework with our Strategic Adviser and ex-Local Gov CIO, Jos Creese.

WATCH NOW

Case StudiesOur ExperienceOur Process

Get to grips with the Vertical Application Solutions framework

You can now watch the session for free. Where we run-through the Vertical Application Solutions framework with our Strategic Adviser and ex-Local Gov CIO, Jos Creese.

WATCH NOW

G-Cloud Support DeskG-Cloud Procurement ServicesDigital Outcomes and SpecialistsGeneral Support ServicesUKCloud Health services

Missed our recent Progressive Procurement sessions?

You can download our writeup of the sessions – with insight into the feedback given by public sector buyers.

MORE INFO HERE

Our Experience

Missed our recent Progressive Procurement sessions?

You can download our writeup of the sessions – with insight into the feedback given by public sector buyers.

READ HERE

G-Cloud SalesDigital Outcomes and Specialists and Digital Services Sales

Grab a copy of our Public Sector Sales & Marketing Guide!

Our expert advisers and staff have put together this in-depth report to help you get to grips with navigating the Public Sector market. Grab your FREE copy here.

DOWNLOAD

Procurement 101What is a Framework?What is a Dynamic Purchasing System?

Download our free Guide to DOS Tenders!

Get expert advice and tips on how to write winning bids for opportunities on the Digital Outcomes and Specialists framework.

DOWNLOAD

Ultimate Guide to G-CloudUltimate Guide to Digital Outcomes and Specialists

Download our free Guide to DOS Tenders!

Get expert advice and tips on how to write winning bids for opportunities on the Digital Outcomes and Specialists framework.

DOWNLOAD

G-Cloud SalesDOS and Digital Services SalesProcurement PipelineFramework Alert

Download our free Guide to DOS Tenders!

Get expert advice and tips on how to write winning bids for opportunities on the Digital Outcomes and Specialists framework.

DOWNLOAD

BlogsG-CloudDOSBusiness GuidesExpert InsightsResearchEventsPressVideosAnnouncements

Download our free Guide to DOS Tenders!

Get expert advice and tips on how to write winning bids for opportunities on the Digital Outcomes and Specialists framework.

DOWNLOAD

Expert Insights, G-CloudPublished: 09 March 2017

G-Cloud 9 data security: beyond the lollipop lady

  • LinkedIn
  • Twitter
  • Facebook
  • RSS

With G-Cloud 9 launched this week and security being the talk of the town we sat down with Mark Darby from Alliantist.

Mark Darby

Alliantist has been on G-Cloud since day one and was the first (and only) SME of its type to have achieved Pan-Government Accreditation for information security. Their products also include ISMS.online, the cloud delivered information security management system.

Let’s start from the beginning – what is ISO 271001:2013 and why is it important for public sector?

ISO 27001:2013 is an international standard for information security. ISO 27001:2013 aligns closely with the Cloud Security Principles that are at the heart of G Cloud 9 security questions and contract requirements in clauses 12, 13 and 16 of the call off contract.

There is more to the Cloud Security Principles but an independent ISO 27001:2013 certification demonstrates that the supplier takes information security seriously. Having a strong information security posture is important for the public sector because of the valuable information held by the agencies and their need to protect it from a range of threats. Crucially, ISO 27001 is also sought after by the private and third sector too. By achieving that recognised standard, suppliers can also demonstrate their credentials into all sectors, not just the public sector.

Our research shows SMEs with a successful sales record were 50% more likely to be ISO27001 accredited than SMEs with no sales. Can you comment?

It’s almost a moot point now. At the heart of meeting G Cloud 9 requirements is ISO 27001 so quite simply any new business arising from G Cloud 9 is probably only going to go to organisations with ISO 27001 and those that meet the Cloud Security Principles.

We are talking about SME’s here. How much would ISO 27001 set them back?

Many SME’s will initially feel overwhelmed at the requirements and potential costs for compliance as I did several years ago. It is not just the physical cost, it’s the opportunity cost of having your senior management and top talent wrapped up on non-fee earning work. It is why we have set out to help address that with ISMS.online. For a very small investment, perhaps just a few hundred pounds per month it can mean the difference between failure and growth in the future and much faster time to success. How much is that new customer contract worth, your daily rates? It will also help you run a better business and the ‘insurance’ protection will pay dividends too.

Can they not just get Cyber Essentials? What’s the difference?

It’s better than nothing for protecting part of your own organisation from common threats. But CE is woefully inadequate as a certification for smart customers who want to rely on suppliers to process and protect their valuable information in the cloud. It’s a bit like a lollipop lady versus a fully armoured battalion in a battle against the zombies!

G-Cloud 9 just opened with significant changes. Any comments?

It’s a massive shift from recent frameworks and at the right time given the growing contagion facing public services and citizen data. It will be a survival of the fittest now.

Let’s talk GDPR. How will this impact suppliers and how can they get prepared?

Most SME’s will probably wait until their customers demand compliance or leave it as close to May 2018 as possible, which is a major mistake! Doing ISO 27001 now as an investment towards new business on G Cloud also goes a long way to help EU GDPR readiness. The Information Commissioners Office has issued 12 Steps to preparing for EU GDPR which is a useful read but actually digesting the 88 pages of Regulation is sensible too in order to see the size of the task and plan ahead. We’ve already built key elements into ISMS.online.

Finally where do you see things going in the future? Let’s say what’s your vision for data security and compliance ten years from now?

The achievement of standards like ISO 27001:2013 and information security by design will be the norm for starting a business. The same way that health and safety is now. The threats of cyber security will potentially cause loss of life and other significant harm especially within public sector service delivery. So it won’t surprise me to see corporate manslaughter introduced, like health and safety penalties, for careless business leaders who fail to protect their own and their customers’ information assets.

Share

  • LinkedIn
  • Twitter
  • Facebook
  • RSS

Tags: Digital Marketplace, G-Cloud, G-Cloud 8, G-Cloud 9

Advice Cloud Latest

  • Is Data and Application Solutions a success?
  • G-Cloud & DOS Spending Review to April 2022
  • Stotles raise $6.5m to increase help to suppliers
  • Key Findings from our VAS webinar
  • How telecoms suppliers can sell to the public sector
Tweets by @AdviceCloud

Related Posts

  • Why Cloud Compute 2 is perfect for G-Cloud suppliers

    With G-Cloud 13 applications now finished, some relevant suppliers should be considering the Cloud Compute 2 framework.

    Read more
  • G-Cloud 13 is now closed to supplier applications!

    The biggest framework this year has just met its deadline! Now that G-Cloud applications are in, what should suppliers do next?

    Read more
  • About
  • For Suppliers
  • For Buyers
  • Training
  • Spend data
  • Resources
  • Contact Us
  • Terms and Conditions
  • Privacy Policy
  • Cookie policy
  • © 2022 Advice Cloud
wiredsussexchambermembertechukCyber Essentials CertifiedcrownsupplierDisability ConfidentBrighton and Hove living wageSussex Business Awards 29InnopsisBlue for Homepage

Advice Cloud Limited | Registered in England | Company Registration no 05776223
Registered Office: Advice Cloud Ltd, 15-17 Middle Street, Brighton, East Sussex, BN1 1AL

We use cookies to improve your website experience. For example we use cookies to show you relevant webinars, content etc.

We have placed cookies on your device to help make our website better. Some of the cookies we use are essential for our website to work.

We also use some non-essential cookies to collect information to provide you with a better experience and to improve Our Site by better understanding how you use it.

You can use this tool to change your cookie settings.

To control third party cookies, you can also adjust your browser settings.