Our ISO27001 consulting services can be tailored to your exact needs and budget and our proven implementation approach and tools can be adapted for any size company, from large corporates right down to small business ventures.
As an IASME-accredited Cyber Essentials certification body, we can provide you with the support and expertise you need to make sure you protect your business and achieve Cyber Essentials certification for your organisation.
We offer a broad range of penetration testing services that can be tailored to suit your security needs. We pride ourselves in making penetration testing as simple as possible to help fulfil your security and compliance requirements.
Audit & Assurance
With a Big-4 background in IT Internal Audit, and experience in auditing IT within large and small organisations, we can provide the expertise you need to gain comfort that your IT function is performing effectively and within your risk appetite.
We bring together a wide variety of training programmes to help you build up the skills and knowledge your staff and security teams need, delivered on-line, off-site or at your office locations by ourselves and our training partners.
We have developed a number of resources you can use to improve information security within your organisation. From awareness posters to technical security guides, these resources play an important role in maintaining a good security posture.
Established in 2009 by two information security and IT audit professionals, CS Risk Management has become an award-winning security consultancy providing high-quality advice, testing, training and certification services across a broad set of security disciplines and industry sectors.
Based near the sleepy village of Binfield in Berkshire, we help businesses in the UK, Europe and the US get to grips with their information security and cyber security challenges by finding ways to meet these risks head on using cost-effective, practical solutions.
Over the last few years we have helped our customers build information security management systems considered "best in class" by Certification Body auditors, and supported many businesses large and small achieve their security goals successfully.
Call us today to find out how we can help you improve security in your business.
We are proud of the relationships we build with our customers and as testament to this the majority of our business comes from our existing customers and referrals.
We work with companies of all sizes from SMEs to multi-national organisations across various sectors, in the UK and globally.
Recent awards include Innovation & Excellence in Cyber Security 2016, Business Awards Best for Cyber Security Consultancy 2016 and Security & Fire Excellence Awards Finalist 2015
Our consultants have many years of experience in information security within SMEs, leading consultancies and blue chip companies. Our consultants are members of professional industry bodies including ISACA, (ISC)2, the IISP and BCI and hold professional certifications such as CISA, CISSP, CISM, SCCP and CBCI.
Meet the team
CISSP, SCCP, CISA
CISSP, CISM, CISA
Excited to share the news that we’ve been shortlisted in the Risk Management Team of the Year category at the CIR Risk Management Awards 2016!
We’re pleased to announce that we’ve been selected as a Finalist in the Security Company of the Year category at the Computing Security Awards 2016! The winner will be decided by public vote so please visit Computing Security Awards and cast your vote for us now! Voting closes 5th October 2016.
We’re pleased to announce that CS Risk Management have been named one of AI Awards 2016 Businesses of Distinction!
We’ve pleased to have been selected as winner of the Most Exceptional Business in United Kingdom in the AI Most Exceptional Business Awards!
In February 2016, hackers hit the headlines again as news broke of a cyber attack on Bangladesh’s central bank. Specially crafted malware was used to hack into Bangladesh Bank’s SWIFT software, allowing the hackers to transfer $81 million from Bangladesh’s account at the Federal Reserve Bank of New York into accounts held at other banks, reportedly in the Philippines.
When we think of IT systems and Industrial Control Systems (ICS) we tend to think that there is a vast difference in the way they are secured and managed but in reality there is little difference in the approach needed to secure the two separate system types.
Cyber-extortion and blackmail are not new, but cyber-criminals have just about perfected their techniques of extracting money from the masses through the use of ransomware.
Businesses rely on data stored on their PCs, mobile devices and the cloud more and more each day – not necessarily important enough to make sure it is backed up reliably, but certainly enough to panic when criminals encrypt their data and then offer a decryption key at a price. […]
The European Parliament adopted the General Data Protection Regulation last Thursday as expected. The Regulation will likely enter into force on or before 20th July, 20 days following its publication in the EU Official Journal. Its provisions will be directly applicable in all Member States two years after this date. So organisations now have 27[…]