Calm, outcome-led cyber - delivered by a team you actually meet.
We become your security function - so you don’t have to build one. For organisations roughly 20–500 staff where cyber is now a board topic, not just an IT chore.
Clarity first
A plain-English view of exposure, priorities and evidence gaps.
A plan leadership can back
A fix-first roadmap with outcomes, owners and proof - not buzzwords.
Delivery support (or delivery ownership)
Your team runs it with us - or we run it through Fully Managed Cyber.
No drama. No jargon theatre. Just a clear plan and steady progress.
We’re basically the “independent assurance” function - clarity for leadership, evidence for auditors, and practical fixes for IT.
- Cyber Trust delivery team
What you get (in plain English)
A believable story for the board
What matters, why it matters, and what you’re doing next.
Proof you can show customers
Evidence that stands up to scrutiny.
Less noise, more progress
Fix-first momentum with calm oversight.
Cyber is noisy.We make it simple, calm and provable.
Growing organisations are big enough to be targeted, but rarely have the budget (or appetite) for a full security department. That’s where confusion creeps in: tool sprawl, unclear ownership, and “are we actually okay?” becoming a board question.
We believe every organisation deserves a clear, honest view of risk and a realistic plan that fits how they actually operate - not how a tool vendor wishes they did.
Clarity
What matters most to the business - and what evidence backs it?
Order
What to fix first, second, third - with realistic owners and timescales.
Momentum
Steady progress month by month, without drama or theatre.
A small senior team.Not a ticket queue.
The same people you meet at the start are the people who help you deliver the plan. Calm, approachable, and used to both boardrooms and server rooms.
Luke Drewer
CEOSets the overall direction for Cyber Trust and keeps delivery focused on practical, business-first outcomes.
James Pitron
Cyber Security SpecialistTurns deep technical detail into clear actions, from hardening infrastructure to guiding incident response.
Charlie Pedro
Head of International RelationsBuilds and maintains relationships with clients and partners across multiple regions and sectors.
Ethan Weston
Cyber Essentials Plus AssessorGuides organisations calmly through CE and CE+ assessments, even when deadlines are tight.
Mitchell Munday
Penetration TesterFinds weaknesses before attackers do, then explains them in language boards and engineers can both use.
Stanley Miles
Head of Client and Partner RelationsMakes sure clients always know what’s happening next and have a clear, reliable point of contact.
Joe Kenton
Cyber Essentials Plus AssessorSpecialises in making certification accessible for teams who don’t live and breathe security.
Alex Drewer
Commercial DirectorWorks with leadership teams to shape engagements around commercial priorities and real-world risk.
Reid Howard
Cyber Security AnalystSupports delivery across assessments and security workstreams, keeping actions practical and aligned to real business risk.
We turn cyber from noise into a clear plan.
Start with clarity, then build momentum. We connect leadership questions, technical reality, and evidence into one joined-up programme.
Know what matters most (and what could actually hurt the business).
Fix the right things first (not the loudest things).
Build evidence that stands up to customers, insurers and auditors.
Plus the essentials, done properly.
Cyber Essentials & Cyber Essentials Plus, penetration testing, vulnerability scanning and security talks - all connected back to one plan, with consistent evidence.
Board Cyber Posture Audit
A focused diagnostic: where you’re exposed, what evidence exists, and what to fix first.
12-Month Fix-First Plan
A prioritised roadmap leadership can back - with outcomes, owners and proof built in.
Fully Managed Cyber
If you want, we become your outsourced security team - owning governance, reporting and delivery support.
A simple rhythm your team can stick to.
However you find us - tender pressure, insurer queries, or a board asking for confidence - we follow the same pattern.
Step 1
Listen
Understand the business, pressures and current reality - not just a tool inventory.
Step 2
Clarify
Translate risk into plain-English, with evidence - captured in the Posture Audit.
Step 3
Plan
A prioritised Fix-First Plan for the next 12 months - with owners and outcomes.
Step 4
Run
Your team runs it with our support, or we run it as your outsourced security team.
The goal: steady progress you can see, with evidence to back it up - without adding workload chaos to your IT team.
Built for growing organisations.
The sweet spot is teams that are too big for guesswork, but not big enough to justify an army of in-house specialists.
Mid-market teams
20–500 staff, across multiple sites, cloud services and key suppliers in high-trust sectors.
Some controls, no clear plan
You may have tools or Cyber Essentials, but no joined-up roadmap or single owner for assurance.
Leaders under pressure
CFOs, COOs, MDs, IT and InfoSec leaders answering insurers, customers, regulators and boards.
Independent public feedback
Rated “Excellent” on Trustpilot, with additional five-star feedback on Google.
This probably isn’t for you if:
- • You only want the absolute cheapest certificate, once.
- • You’re looking for a box-ticking exercise, not a real view of risk.
- • You want a DIY checklist you know you’ll never actually run.
Want the same team behind your cyber?
The best next step is a 30-minute, plain-English conversation about where you are today and whether a Board Cyber Posture Audit makes sense as your starting point.
No hard sell - just clarity.