Great, It looks like you are ready to renew your Cyber Essentials?

The time it takes some companies to complete re-certification can vary greatly, for some this can take months and others just days. Be aware that we strive to mark and certify all submitted questionnaires (SAQ’s) ASAP.

It is always recommended that you start the re-certification process prior to your expiry date and allow yourself enough time ensure that you have met all recommendations. However, please be aware that submitting certification prior to your current renewal date, may change your future certification date much like getting your vehicle MOT early.

If this will be a problem, we recommend completing the SAQ’s but not submitting your answers until the required re-certification date.

Please enter your email, so we can follow up with you.

Why Partner with Capula?

As well as being a leading integrator for large parts of the UK’s most critical assets, hundreds of companies have chosen Capula for their Cyber essentials because…

Who are Capula?

Capula is the go-to industrial systems integrator for process, manufacturing, power, utilities and engineering businesses throughout the UK.

As experts in industrial control, instrumentation and automation, we have an in-depth knowledge of our technology sectors and provide many specialist capabilities that have proved of great value to our clients. Established nearly 50 years ago, we’ve decades of experience partnering with customers large and small. Our portfolio includes work on some of the UK’s most complex critical infrastructure projects – projects that have been delivered on time and within budget.

Our depth of applications knowledge, embodied in our highly skilled, experienced and committed team, truly sets us apart. Our specialist in-house engineering staff adopt a whole-systems approach to ensure that your valuable assets will be fully safeguarded during the course of your projects. Clients often return to us with confidence, knowing that they will receive leading-edge quality and implementation that go beyond the confines of traditional engineering solutions.

With offices nationwide, we’re able to offer local support to your business. We also have the backing that comes with being part of the Imtech group, a large technical services provider

Our Security Portfolio

CDCAT Risk & Compliance Assessments
An effective security program must start by assessing the risk. giving you greater visibility into your current OT environment and see the vulnerable assets.

In the industrial cyber-security space, the risks are changing all the time, as companies extend, adapt and improve their systems, as new vulnerabilities are identified and as threat strategies evolve.

Using the CDCAT assessment tools, our audit identifies the maturity level of individual or combined elements we qualify as ‘defensible units’ within your business, based on pre-defined controls using a wide range of security standards including ISO 27001, IEC 62443, NIST SP800-53 – Security Controls and many others.

Security awareness and phishing training
Gauge the security awareness proficiency of your employees and measure your organisation’s overall security culture posture using our KnowBe4 Assessments. These two science-based assessments help you tailor training to address proficiency gaps and weaknesses, as well as monitor the impact your security awareness training program has on improving your users’ knowledge and sentiment to security awareness over time.
Offline Patch Management Services
Our offline patch management service is tailored according to your unique requirements. It may include a full system analysis to confirm all systems are operational, functional and fully patched. Full operating system patching and reporting may be included, whether required for a fully connected, partially connected or an isolated system. Anti-malware signature updates for a chosen vendor can also be implemented, as well as USB port control and ‘sheep dip’ validations that check content ensuring only trusted data is imported into a secure engineering environment.
Real time vulnerabilty scanning
Every organisation is at a different stage in their IoT & ICS cyber security maturity. Just as adversaries are becoming increasingly sophisticated, organizations are also continually challenged to up their game. Capula partners with world leading technology vendors that enable you to easily adopt new capabilities to match your organisational readiness. Their technology combined with our vast experience put’s Capula as the partner of choice for most of the UK’s critical infrastructure.
Penetration testing
We can undertake a full penetration test on all your systems, networks, websites or web applications. Using trained and certified ethical hackers or ‘Tiger’ team members, you can be assured that the items in scope will be rigorously tested for vulnerabilities. This assessment can be operated as a ‘red team’ test where nothing is provided, and we will detail what we can find as an outsider.

We can further undertake a full review of your perimeter defenses, try to gain access to your site as an adversary and use detailed social engineering skills to obtain access to restricted areas. If required, our teams can pose as trusted insiders, contacting staff for information or professing to be support agents to gain access to hardware as part of an ongoing maintenance agreement. Perhaps you are interested to know what happens to USB devices that are found on your premises and who may be curious enough to plug them in?