top of page
Search

Pluggin Ecosystem plug some gaps with help from Cyber PATH

  • 2 days ago
  • 3 min read

Pluggin Ecosystem is a growing social enterprise that has benefited from two Cyber PATH services. Chief Executive Jay Baughan took time to share his experience working with the Cyber PATH team to help improve their website's security.

 

Pluggin Ecosystem works closely with organisations of all sizes in the public, private and third sectors, so it is critical to them that their platform is resilient and safe for their stakeholders. Jay was introduced to the Cyber PATH programme while working on a project with West Mercia Police and the Cyber Resilience Centre for the West Midlands, both of which are currently using the ecosystem.

 

Pluggin Ecosystem operates a digital social value marketplace built with and for public procurement authorities; designed to connect public sector buyers, their business suppliers, and local non-profit organisations (charities and social enterprises) into collaborations for building healthier, safer, and more resilient communities.

 

Its marketplace’s primary purpose is to geographically facilitate and validate the "social value" within public procurement contracts across public buying in counties and regions, ensuring that businesses bidding for supply contracts contribute directly to local impact objectives.

 

It aims to create a level playing field for UK businesses (including SMEs) and public buyers by standardising how supplier social value is developed, contracted, measured, and reported, so that communities can see trusted Social Returns on Investment from public buying teams within regions.

 

After an initial discussion with the Cyber PATH team, Jay’s team followed their recommendation to start with the First Step Web Assessment service (FSWA), a light-touch assessment of a website’s security that highlights the most pressing weaknesses, such as sensitive data exposure or vulnerable, outdated components. Cyber PATH student, Oscar Innes, working under the supervision of a professional cyber professional, conducted the FSWA.

Pluggin Ecosystem Chief Executive, Jay Baughan
Pluggin Ecosystem Chief Executive, Jay Baughan

Speaking about the initial service, Jay said: “The report was surprising; we pay a great deal of attention to cyber resilience; however, the assessment revealed some loopholes in our email setup and in the configuration of some plugins. There were no major concerns, but even these small issues were creating vulnerabilities we weren’t aware of. “Armed with the report and with the assistance of Danielle Healy, we were able to work with our tech team to rectify all of the issues very quickly.”


Following this, Jay decided to go a step further and have the Cyber PATH team conduct their Web Application Assessment, which assesses the website and web services for weaknesses. Service reporting describes, in plain language, what each weakness means to your business and the risks associated with each. This service is conducted over several weeks and is currently underway with Benjamin Sawyer.

 

Speaking about his experience so far with the Cyber PATH services, Jay commented: “The whole experience has been very, very good; it’s well managed with excellent communication in non-techie language. The reporting is extremely beneficial because it enables us to fully understand the issues, which allows me to speak to my web team about any remedial work that is required.

 

“Right from my initial meeting, I’ve felt that we’re in safe hands. I’d recommend Cyber PATH to any business operating online. We have greater confidence in the resilience of our ecosystem technology architecture; we were happy with the setup when we started, but working with the Cyber PATH team has helped us plug some gaps we didn’t know existed.

 

“These are fully funded services specifically tailored to SMEs and community organisations that don’t have internal IT and cyber security services, so even if you think you are resilient, it costs nothing to have the reassurance provided by the Cyber PATH team, we will almost certainly be looking at the other services they provide, because we appreciate our responsibility as an impact facilitation environment is to ensure we are not creating a weak link in the supply chains we support.”

 

If you would like to find out more about Pluggin Ecosystem and how it provides support to public sector buyers, business suppliers, and community organisations to promote and validate Social Value, contact Jay Baughan at jay.baughan@pluggin.org



Further information on the ecosystem

The ecosystem consists of three main elements:

 

  1. Pluggin Marketplace: A digital platform where public buyers and suppliers collaborate with community organisations through a Social Purchase Order (SPO) platform to formalise and then track, audit and promote the supplier's social value commitments (such as money, equipment, or volunteering) throughout a contract's lifecycle.

  2. Pluggin Studios: Focused on supporting community organisations to produce, publish and communicate their social impact via digital content.

  3. Pluggin Research Hub: Conducts independent impact research through the marketplace and community organisations being supported to validate suppliers' contracted social value contributions, moving away from supplier self-assessment models and into marketplace community validation.

 
 
 

Comments

Commenting on this post isn't available anymore. Contact the site owner for more info.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

WMCRC Logo New white.webp

The Cyber Resilience Centre for the West Midlands is a trusted resource for  support to protect businesses and third sector organisations in the West Midlands region.

USEFUL LINKS

Home

About Us

Contact Us

Privacy Policy

Terms and Conditions 

Legal Disclaimer

CONNECT WITH US

  • Facebook
  • LinkedIn

© 2024 The Cyber Resilience Centre for the West Midlands

bottom of page