The detail: Three steps to securing your business


Cybersecurity starts here.

Criminals have a wide and ever evolving set of cyberattack methods. They are designed to hit thousands of companies seeking to exploit vulnerabilities. Which is why cybersecurity requires a broad set of effective controls. We will check what you have in place, identifying the gaps and vulnerabilities in respect of the three elements of technology, people, and governance. Our expert team will look at your existing security control framework and assess what is missing, and how it should be embedded into your organisation.


  • We will interview key staff to review policy, practice, culture, and controls.
  • Our technology scanner will be installed on site to enable us to assess system resilience to cyberattack.
  • A network assessment (cloud or on-premises) will be carried out to review technology configuration, system logs, controls alerting, and policy effectiveness.
  • Our consultant will penetration test internal vulnerabilities (both human and technical) that could be exploited by a cyber-attacker.
  • The configuration of cloud platforms/software that you rely on will be reviewed against best practice.
  • Your externally exposed attack surface (IPs/domain addresses/Login pages) will be assessed to identify vulnerabilities.
  • We will review the insight we have gained in the context of our control benchmarks and risk assessment expertise to generate your vulnerability assessment report and a roadmap of actions.

Securing your business

To make you cybersecure, we will work with you and your IT support to remove vulnerabilities and get your technology, people and process working together to become defensive strengths. Our detailed vulnerability action plan will be agreed with your technology support team and then set in motion.

This information will be stored in your own branded cybersecurity management portal. Letting you track your progress and work towards achievable deadlines and goals. We will always be on hand, speaking to your team and IT providers to offer support and advice to help make becoming cybersecure a straightforward process.

We will then train your staff, getting them competent to play their role in cybersecurity. Our experts have distilled industry best practice and will apply that to your business in a tailored fashion.


  • The actions from the vulnerability assessment are agreed, managed to closure, and evidenced in a cybersecurity management portal. The vulnerability assessment is repeated annually.
  • A set of tailored cyber policies are drafted and uploaded to the portal for comment and approval.
  • Online training is launched with 4 modules that include assessment. Management reports are uploaded monthly to demonstrate staff progress through the training.
  • Subject experts can be booked via the Mitigo helpdesk to provide support on any security related topics. For example, you may want support on a regulatory questionnaire.

Helping you stay cybersecure

Once you’re cybersecure, it’s our job to make sure you stay that way. After implementation of our recommendations, we continue to work with you to ensure they keep you safe.

We will regularly assess, check and report on the state of your technology. And your tailored maintenance regime, delivered through the management portal, will give you the assurance and evidence that your security processes are embedded and being followed. Giving your business and your customers reassurance.


  • Full vulnerability assessment is repeated annually.
  • Mid-year assurance check is carried out to ensure actions have been completed correctly and that new policies are being embedded.
  • A maintenance regime will be coordinated by the management portal to gather evidence about the key controls.
  • Ongoing staff training, with simulated attacks will be carried out periodically on staff to support culture change and test controls.
  • The Mitigo helpdesk provides ongoing advice and guidance on any security related matters.

Get started. To take your first step towards total cybersecurity simply call 0161 711 0201 or