Guides

UK cybersecurity guides written by people who ship the work

Deep, practical guides for UK security, IT and compliance leaders — no fluff, no product pitches.

Cyber Essentials certification in the UK: the practical guide

How UK companies get Cyber Essentials and Cyber Essentials Plus certified — scope, controls, timeline, cost and audit-ready checklists.

Read guide

ISO 27001 checklist for UK companies (2026 controls)

A practical ISO 27001:2022 implementation checklist for UK companies. Annex A controls, evidence expected by auditors, and typical time to certify.

Read guide

UK GDPR data breach response: 72-hour playbook

Step-by-step UK GDPR breach response — how to notify the ICO within 72 hours, when to tell customers, and what evidence to preserve.

Read guide

Penetration testing cost in the UK (2026 rates)

Real UK penetration testing prices for web apps, cloud, infrastructure and mobile. What drives cost, and how CREST vs non-CREST changes the price.

Read guide

Managed SOC services in the UK: what to look for

How to choose a UK managed SOC — 24/7 coverage, MDR vs SOC-as-a-service, EDR/XDR integration, average response times and typical pricing.

Read guide

Ransomware recovery in the UK: what actually works

A UK-focused ransomware recovery guide — first 24 hours, NCSC guidance, decision to pay, legal exposure, and rebuild sequencing.

Read guide

Phishing awareness training for UK teams that actually works

UK phishing training that changes behaviour — simulation cadence, reporting culture, and how to measure real risk reduction, not click rates.

Read guide

vCISO services in the UK: when to hire one, what to expect

How UK companies use fractional CISOs — scope, day rates, what to expect in the first 90 days, and when to hire a full-time CISO instead.

Read guide