Are you having challenges acheiving PSN Compliance? Join the club!

In 2013, the transition to PSN by around 600 organisations, most of them local authorities, exposed a number of sub-optimal IA practices which required remediation prior to transition to PSN.

Fast forward to 2023 and PSN is a legacy network but the IA challenges identified back in 2013 remain. The current conditions are a straightforward community security standard and are based on good security practice such as the ISO\IEC 27000 or NIST standards, but many organisations still face challenges understanding what is required, particularly in the area of ITHC scoping and remediation evidence, remote access solutions and unmanaged endpoint solutions. Although the zero tolerance approach is long gone, the same IA conditions from 2013 apply: BYOD solutions need to have demonstrable separation in place from PSN systems and services, and ITHC remediation\mitigation activity must be completed prior to application or a credible plan to remediate must be presented.

Many organisations have taken their foot off the IA Maturity gas pedal now that PSN has expired, but you shouldn’t – the Cabinet Office are working on making something like PSN compliance mandatory for all local and central government, so maintaining your PSN compliance will give you a head start – rather than putting you back to playing catch-up again.

With nearly a thousand connections, all of these organisations are required to meet the PSN Code of Connection, and many will be expected to meet top ups according to their own specialised communities such as Police, Health etc. Lateral Thought have direct experience with the IA conditions in place from PSN including the top ups applied by the Home Office to the Police Service, Law Enforcement Agencies and the Department of Health process for HSCN.

Over the life of the PSN, Lateral Thought have assisted over 300 organisations achieve PSN compliance and in addition – through acting within the PSN & Cyber Assurance team within the Cabinet Office – has unique insight into the process and criteria for achieving PSN compliance and how the assessments are undertaken.

Our services, available through the Digital Outcomes and Specialists framework, other frameworks or direct engagement, include pre-submission checks, submission planning advice, on site assessments, ITHC scoping and remediation advice and liaison.

If you are preparing for your re-submission, Lateral Thought can help, contact us today – see the page footer for contact details.

For a pre-submission check, our price is £800 – this covers a CoCo review, ITHC review including scope and remediation activity and if required a check of remote access solutions. The output we produce will be in a similar format to that of the Cabinet Office, but without requiring the signature of the Chief Exec, SIRO, S151 Officer etc. This rate also covers liaison and query handling by email/phone. This check is conducted offsite: you will need to get your submission to LT. We have email access via CJSM service which is interconnected with Policing PNN, GSI, GSX and wider govt email systems. We hold current SC clearance and current NPPV3 clearance for Police work sponsored.

For onsite work our rate is £989 per day. Typically, we would expect to spend one day onsite running through the submission and providing support as required. We can also provide assistance if you have already received a rejection notice from the Cyber compliance team at the CO. If you require the onsite service, we would recommend that you also consider a pre-submission check as this will provide for telephone and email queries after the onsite day.

You can procure our services from our standard via the Digital Outcomes and Specialists Framework, or if you would prefer to pay in advance for days\assessments to call off as required, the rate is £900 (not via DOS) for Offsite work or £1000 for onsite work.