Brightridge has enhanced its cyber security offering with the appointment of its first in-house Cyber Essentials Assessor and accreditation as a Cyber Essentials and IASME Cyber Assurance Certification Body.
Nicola McKay joined the business in February, bringing extensive compliance experience and supporting clients from initial assessment through to certification and annual renewals. She is also among the first to be recognised under the UK Cyber Security Council’s Associate Cyber Security Professional (ACSP) title, reflecting nationally recognised standards for technical capability, professionalism and ethical practice.
The Aberdeen and Livingston based technology provider, is accredited to deliver both Cyber Essentials and Cyber Essentials Plus. The company is also accredited to provide IASME Cyber Assurance at Levels 1 and 2, extending its support beyond technical controls to include policies, processes and people.
Closing the gap between certification and delivery
Cyber Essentials is a UK Government-backed scheme designed to protect organisations against common cyber threats. It has two levels - Cyber Essentials, a self-assessed certification, and Cyber Essentials Plus, which includes independent technical verification of systems and controls.
While there are a number of Certification Bodies operating across Scotland, only a small number, in the single figures, deliver both Cyber Essentials and Cyber Essentials Plus alongside the in-house IT support and remediation needed to help organisations achieve and maintain compliance.
For many businesses, particularly those without in-house IT expertise, that creates a challenge - being told what needs fixed, but not having a clear route to get there. Brightridge removes that barrier by combining certification, remediation and ongoing IT support within one team.
Making compliance measurable
Accreditation is increasingly a requirement across insurance, supply chains and tender processes, but certification alone is no longer enough. Organisations are expected to demonstrate that security controls are in place and working.
Iain Bett, Founder and CEO of Brightridge, said: “Cyber security has to be built into how a business operates, not treated as a standalone exercise.
“As a Managed Security Service Provider, everything we do is underpinned by security, from protected connectivity through to managed IT. By bringing certification in-house, we can not only assess but implement, support and provide ongoing evidence that those controls are effective and actively managed.
“That’s what gives clients real confidence - knowing their security stands up to scrutiny, whether that’s from insurers, customers or across their supply chain.”
Nicola McKay, Associate Cyber Security Professional and Cyber Essentials Assessor at Brightridge, added: “A lot of organisations come to us unsure of where they stand or what’s required. Cyber Essentials provides a clear framework, but the real challenge is applying it properly and consistently.
“By working closely with clients, not just assessing, but supporting them through the process, we act as a reassuring guide throughout their cyber journey.”
Built for what’s next
With increasing reliance on cloud platforms, connected systems and emerging technologies such as AI, maintaining visibility and control over security has never been more important.
Brightridge’s integrated approach, combining certification, in-house expertise and AI-enabled monitoring capabilities, gives organisations a clearer view of their entire environment, helping them identify risks early and address them before they become issues.