Our ISO27001 consulting services can be tailored to your exact needs and budget and our proven implementation approach and tools can be adapted for any size company, from large corporates right down to small business ventures.
As an IASME-accredited Cyber Essentials certification body, we can provide you with the support and expertise you need to make sure you protect your business and achieve Cyber Essentials certification for your organisation.
We offer a broad range of penetration testing services that can be tailored to suit your security needs. We pride ourselves in making penetration testing as simple as possible to help fulfil your security and compliance requirements.
Audit & Assurance
With a Big-4 background in IT Internal Audit, and experience in auditing IT within large and small organisations, we can provide the expertise you need to gain comfort that your IT function is performing effectively and within your risk appetite.
We bring together a wide variety of training programmes to help you build up the skills and knowledge your staff and security teams need, delivered on-line, off-site or at your office locations by ourselves and our training partners.
We have developed a number of resources you can use to improve information security within your organisation. From awareness posters to technical security guides, these resources play an important role in maintaining a good security posture.
Established in 2009 by two information security and IT audit professionals, CS Risk Management has become an award-winning security consultancy providing high-quality advice, testing, training and certification services across a broad set of security disciplines and industry sectors.
Based near the sleepy village of Binfield in Berkshire, we help businesses in the UK, Europe and the US get to grips with their information security and cyber security challenges by finding ways to meet these risks head on using cost-effective, practical solutions.
Over the last few years we have helped our customers build information security management systems considered "best in class" by Certification Body auditors, and supported many businesses large and small achieve their security goals successfully.
Call us today to find out how we can help you improve security in your business.
We are proud of the relationships we build with our customers and as testament to this the majority of our business comes from our existing customers and referrals.
We work with companies of all sizes from SMEs to multi-national organisations across various sectors, in the UK and globally.
Recent awards include Innovation & Excellence in Cyber Security 2016, Business Awards Best for Cyber Security Consultancy 2016 and Security & Fire Excellence Awards Finalist 2015
Our consultants have many years of experience in information security within SMEs, leading consultancies and blue chip companies. Our consultants are members of professional industry bodies including ISACA, (ISC)2, the IISP and BCI and hold professional certifications such as CISA, CISSP, CISM, SCCP and CBCI.
Meet the team
CISSP, SCCP, CISA
CISSP, CISM, CISA
It’s been years in the making but the EU General Data Protection Regulation (GDPR) has finally been agreed. It’s a term you’ll see regularly in the run up to May 2018 when the regulation comes into effect. Read more about March 2017 – How much do you know about GDPR?
As UK businesses prepare themselves for the changes that Brexit could bring, data protection is coming to the fore with the imminent introduction of the General Data Protection Regulation (GDPR). Read more about February 2017 – Prioritising Personal Data Protection
For any business, the benefits of a robust information security plan go way beyond the IT department. But for a security plan to be effective, the co-operation of staff at all levels is essential. Read more about January 2017 – Getting Management Buy-in for Cyber Security
Cyber security has been in the spotlight once again in 2016 so as the year draws to a close we take a look back at our past stories and wonder, have lessons been learned and will security be a priority in 2017?
The term ‘APT’ usually refers to a group, such as a foreign government, with both the capability and the intent to persistently and effectively target a specific entity. It is commonly used to refer to cyber threats, in particular that of Internet-enabled espionage using a variety of intelligence gathering techniques to access sensitive information. Read more about August 2016 – Advanced Persistent Threats
The 2012 LinkedIn hack has been back in the news again recently after it was identified that the exposure of credentials leaked has increased from the previously reported 6.5million records to a substantial 117 million records. With a network of 433 million accounts this equates to 27% having been compromised. Needless to say if you haven’t yet changed your details it’s important to do so. Read more about June 2016 – Passwords – Don’t be the Weak Link
Christmas can be an expensive time of the year and with an uncertain financial climate a lot of people are feeling the pinch. This presents a security threat to companies as people who are struggling to make ends meet may be tempted to consider illicit ways to get extra money.
Love it or hate it, social networking has firmly embedded itself into the fabric of our world. The likes of Facebook, Twitter and LinkedIn can be powerful business tools, especially for marketing, communication and recruitment purposes. Read more about October 2016 – Social Media #Friend or #Foe?
The much publicised fight against cyber-crime continues but despite businesses and individuals putting up defences, the cyber criminals appear to be winning the battle for the upper hand.