SMB Security
SMB IT Security Consultancy
Ongoing security consultancy for UK small and mid-size businesses — a dedicated senior engineer provides monthly reviews, patch oversight, staff awareness programmes, and board-level reporting.
No In-House Security Team RequiredSenior Engineer AssignedMonthly Fixed RetainerUK-BasedCancel Anytime
Monthly Retainer Plans
Foundation
£495/month
Security oversight for small businesses up to 25 users
- ✓Monthly security review call (60 min)
- ✓Patch management status review
- ✓Monthly security metrics report
- ✓Email support (2 business day response)
- ✓Annual re-assessment included
MOST POPULAR
Growth
£895/month
Full consultancy for businesses 25–100 users
- ✓Bi-weekly security review (60 min each)
- ✓Patch management oversight and advisory
- ✓Quarterly staff phishing simulation
- ✓Security policy documentation
- ✓Monthly board/management report
- ✓Email and phone support (same-day response)
- ✓Annual professional re-assessment included
- ✓Incident response advisory support
Enterprise SMB
From £1,500/month
Comprehensive vCISO engagement for 100+ users
- ✓Weekly security reviews
- ✓Dedicated senior consultant
- ✓Full security programme management
- ✓Regulatory and compliance advisory
- ✓Vendor security reviews
- ✓Board-level security reporting and presentations
- ✓Unlimited incident advisory
- ✓Annual penetration test coordination
What Your Consultant Does
Monthly Security Review
A structured call with your dedicated consultant covering: vulnerability status, patch compliance, any recent incidents, upcoming changes with security implications, and progress against agreed security objectives.
Patch Management Oversight
We review your patch status monthly — operating systems, applications, and network device firmware — and flag any critical CVEs that require urgent attention before the next review cycle.
Staff Security Awareness
Quarterly phishing simulations using your domain and current lure templates, with reporting on click rates by department. Training materials and recommended remediation for high-risk staff groups.
Security Policy Documentation
We draft and maintain your core security policies: information security policy, acceptable use policy, remote working policy, and incident response plan. Updated annually or after significant changes.
Board & Management Reporting
A monthly one-page security dashboard for non-technical stakeholders showing security posture score, incidents summary, risk trend, and key actions. Designed for board papers and management review.
Start With a Free Assessment
Run the free 5-minute assessment first. If it shows significant gaps, we can discuss a consultancy engagement from a position of shared understanding.