VERSION CONTROL Document Name: SCHEDULE 6 – CYBERSECURITY SERVICES Version: v1.1 Date Issued: 2nd October 2025 Author/Editor: M.Lulham Versioning: https://infopoint.mtechsystems.co.uk/versioning

1. Interpretation

1.1 Except as defined in this Schedule 6 (Cybersecurity Services), capitalised terms shall have the meanings given to them in the Agreement.

1.2 To the extent applicable to the Cybersecurity Services, in the event of conflict between this Schedule 6 and the Agreement, the provisions of this Schedule 6 shall take precedence, and in the event of conflict with a Service Document, Statement of Work, or Service Order, the provisions of that Service Document shall take precedence.

1.3 For the purposes of this Schedule 6:

• “Cybersecurity Services” means the layered protection, monitoring, detection, baseline enforcement and training services provided by the Supplier to the Customer, as set out in paragraph 2.
• “Security Incident” means any unauthorised access to, or use of, Customer Systems or data, or any event which may compromise confidentiality, integrity or availability.
• “Customer Systems” means the Customer’s IT infrastructure (including devices, accounts, networks, applications and data) in scope for the Cybersecurity Services.
• “Service Scope” means the services expressly listed in the applicable Service Document, Statement of Work, or Service Order. Only those services expressly listed are in scope.
• “Authorised Contacts” means the Customer personnel nominated to receive and approve incident actions, including out-of-hours contact details.
• “Normal Business Hours” means 08:30–17:30 UK time on Business Days.

2. Service Description

2.1 The Cybersecurity Services are designed to reduce the risk of cyber attack and data loss by applying layered controls across endpoints, networks, cloud services and users.

2.2 The Services are delivered through managed tools, monitoring, detection, baseline enforcement, response guidance, and user awareness training. Capabilities may include:

(a) Endpoint and server protection (e.g. EDR/MDR).

(b) Security event collection and analysis, including monitoring and escalation services provided by third-party MDR/SOC vendors (e.g. Huntress, SentinelOne Vigilance) where included in the Service Scope.

(c) Threat containment and isolation (e.g. application allow-listing, zero trust controls).

(d) Secure internet access and cloud edge protection (e.g. SASE, firewalls, secure web gateways).

(e) Email and identity security (e.g. anti-phishing, impersonation defence, URL scanning, attachment sandboxing, policy-based filtering).

(f) Credential and account protection (e.g. password vaulting, MFA enforcement).