In March Capita plc were subjected to a cyber attack resulting in a data breach. Heywood Pension Technologies wish to inform clients that they are aware of the incident and they have not had any data breaches. Additionally they have confirmed they have many controls in place to protect data including:
- ISO 27001 and Cyber Essentials. They hold both of these accreditations. 27001 has 114 security controls that they comply too. Their most recent ISO external Audit was April 2023.
- They conduct an Independent Cyber Security Review, which includes penetration testing of their software portfolio and Internal/External infrastructure (data centre) on an annual basis. The last review was conducted in January 2023.
- The data centre they use is Tier 4 which hold the following security certification ISO27001, 22301 and an independent SOC2 report.
- They receive Independent Security consultancy and guidance on control improvements and configuration on an ongoing basis.
- They conduct threat simulations on an ongoing basis, these include phishing emails and tabletop exercises.
- Education is key to protecting data: All Heywood employees complete mandatory InfoSec education assignments.