Who we are
Real people. Straight answers.Serious cyber for growing organisations.
We’re a UK cyber security team that works with organisations of roughly 50–5,000 staff where cyber is now a board topic, not just an IT chore. We show you where you’re really exposed and what to fix first, then give you a plan your team – or ours – can run.
- UK-based team focused on real-world risk, not buzzwords.
- Built for mid-market organisations that sit between “too small for a full security department” and “too big to wing it”.
- Equally at home in boardrooms and server rooms – we translate between both.
- Calm, plain-English approach – no scare tactics, no jargon, just clear advice and steady progress.
- Backed by CREST-certified testers and IASME Cyber Essentials Certification Body status.
We turn cyber from noise into a clear plan.
Most organisations we work with already have tools, policies and the odd certification. What they don’t have is a single, joined-up view of risk and a realistic order of attack.
We start with a Cyber Security Audit – a time-boxed diagnostic that shows you where you really stand and what to fix first. Out of that comes a simple Fix-First Plan that your leaders can sign off and your teams can actually run.
From there, you choose the mix that makes sense: ongoing vCISO support, Cyber Essentials & Cyber Essentials Plus certification, penetration testing, vulnerability scanning and security talks that keep people in the loop. One team, one plan, no drama.
We’re built for growing organisations.
The sweet spot for us is the organisation that’s too big for guesswork, but not big enough to justify an army of in-house security specialists.
Mid-market teams
Organisations with roughly 50–5,000 staff, often spread across sites, cloud services and suppliers.
Some controls, no clear plan
You may already have tools or Cyber Essentials in place, but you don’t have a joined-up, prioritised roadmap that everyone understands.
Leaders under pressure
CFOs, COOs, MDs, IT and InfoSec leaders who are fielding questions from insurers, customers, regulators and boards – and need straight answers, not acronyms.
This probably isn’t for you if:
- • You only want the absolute cheapest certificate, once.
- • You’re looking for a box-ticking exercise, not a real view of risk.
- • You want a DIY checklist you know you’ll never actually run.
Why teams trust us with their risk.
We sit between specialist penetration testers, certification bodies and your internal teams – translating everything into a single, practical plan the business can back.
Our work is grounded in CREST-certified technical testing, IASME Cyber Essentials Certification Body experience and day-to-day exposure to regulated and supply-chain-sensitive sectors.
On top of that, we’ve delivered 150+ five-star reviews on independent review sites, mostly for Cyber Essentials work run calmly and without drama.
Independent public feedback
Rated "Excellent" on Trustpilot, with additional five-star feedback on Google.
Trustpilot
Verified clients describe the team as friendly, helpful and "always available" when needed.
Extra reassurance for boards and stakeholders who like to see public feedback before they choose a partner.
Trusted by businesses like
Meet the people behind the plan.
We’re a small, senior team – not a call centre or anonymous ticket queue. The same people you meet at the start are the people who help you deliver the plan.
We’re used to boardrooms and server rooms, and we’re deliberately calm and approachable. You can ask the “silly” questions – we probably hear them every week.
Luke Drewer
CEO
Sets the overall direction for Cyber Trust and keeps the team focused on practical, business-first outcomes.
James Pitron
Cyber Security Specialist
Turns deep technical detail into clear actions, from hardening infrastructure to guiding incident response.
Charlie Pedro
Head of International Relations
Builds and maintains relationships with clients and partners across multiple regions and sectors.
Ethan Weston
Cyber Essentials Plus Assessor
Guides organisations calmly through CE and CE+ assessments, even when deadlines are tight.
Mitchell Munday
Penetration Tester
Finds the weaknesses before attackers do, then explains them in language boards and engineers can both use.
Stanley Miles
Head of Client Relations
Makes sure clients always know what’s happening next and have a clear, reliable point of contact.
Joe Kenton
Cyber Essentials Plus Assessor
Specialises in making certification accessible for teams who don’t live and breathe security.
Alex Drewer
Head of Business Development
Works with leadership teams to shape engagements around commercial priorities and real-world risk.
How we work with your team.
However you find us – tender pressure, an insurer query, or a general sense that “we should probably get a grip on this” – we follow the same simple rhythm.
Step 1
Listen
We start by understanding your business, pressures and existing setup – not just listing tools.
Step 2
Clarify
We show you where you really stand today and which risks matter most to the business.
Step 3
Plan
We build a simple, prioritised Fix-First Plan that boards, IT and partners can all follow.
Step 4
Run
Your team runs it with our support, or we act as your vCISO to drive actions and reporting.
No scare tactics, no drama – just steady progress against a shared, realistic plan.
Why we do this.
Cyber has become noisy, crowded and confusing – especially for growing organisations that are big enough to be a target but don’t have limitless budgets or time.
We believe every organisation deserves a clear, honest view of their risk and a realistic plan that fits how they actually operate – not how a tool vendor wishes they did.
Our job is to be the steady pair of hands that makes cyber simple, so your leaders can make decisions with confidence and your teams can get on with the work.
Want the same team behind your cyber?
The best next step is a 30-minute, plain-English conversation about where you are today and whether a Cyber Security Audit makes sense.
No hard sell. Just a quick call to understand your situation, answer questions and outline what working together could look like.