GDPR & Privacy

Upcoming regulatory change (most notably the General Data Protection Regulation) and recent trends towards the monetising and large scale use of 'big data' means there are increasing privacy implications, for both the everyday consumer and large organisations. With regulators clamping down harder than ever before and increasing awareness of data subject rights by consumers, organisations are starting to have to think strategically about how they manage and handle personal data.

To respond to these increasing needs for privacy and regulatory support, we offer a wide range of services, including;

  • Privacy/GDPR Health-Check - performs a gap analysis of your risk exposure due to the personal data that your organisation handles. We provide recommendations and risk mitigation strategies to help enable immediate risk reduction.
  • GDPR Programme Design - we can help build a programme of work that will strategically drive risk reduction and start to bring your organisation in line with the GDPR regulation that comes into effect on the 25th May next year.
  • Training & Cultural Change - we will conduct a training needs analysis to understand what the high risk roles are in your organisation so that targeted training and awareness campaigns can be delivered to them.
  • DPO Target Operating Model - designs a target state operating model for your new Data Protection Officer (DPO) function. Answers questions like; where should the DPO function sit? Who should/can be our DPO? Do we need a DPO for each different legal entity in our group or can we have one overarching DPO? What are expected services and capabilities that will need to be provided by the DPO function to the business?

Security Assessment

Over the years, the need for continued security assessment and re-assessment has changed. Initially used as a tool for understanding fundamental security risks, today security assessments are used as a strategic tool to demonstrate to both internal and external stakeholders risk reduction and the successful mitigation of cyber security risks.

We understand the drivers behind the need for assessing your cyber capabilities and offer a range of services to respond to these needs;

  • Threat Assessment - performs a cyber threat assessment to understand the 'crowne jewels' within your organisation, the attack actors who might be interested in accessing, stealing or manipulating these assets and then understanding the attack vectors by which they might attempt to do so. This helps then drive control design and testing ensuring that your most vulnerale areas are protected accordingly.
  • Security Maturity Assessment (point in time) - includes a cyber threat assessment, current state assessment, definition of your desired/optimal target state of maturity and a roadmap designed to transition from current state to target state.
  • Security Maturity Assessment (ongoing re-assessment) - includes everything in the security maturity assessment above, but also includes 6-12 monthly snapshots of cyber maturity re-assessment to demonstrate return on investment and risk reduction over time.

Regulatory & Compliance

With an ever changing regulatory environment, organisations are required to be increasingly agile when it comes to responding to data related regulations and compliance issues. Failure to comply with these stringent requirements can result in hefty fines and operating sanctions that can impact busi impact both financially and reputationally.

We offer a strategic approach to helping organisations respond to their regulatory and compliance requirements. We offer a number of services, including;

  • Compliance Gap Analysis - we assess the people, process and technology of your organisation to identify gaps in compliance against numerous regulations and/or frameworks, namely;
  • PCI DSS (Payment Card Industry Data Security Standard)
  • ISO27001/2 (Information Security Management)
  • GDPR (General Data Protection Regulation)
  • Cyber Security Best Practice, e.g. NIST, SANS, COBIT, ISF

  • Compliance Remediation Plans - once a gap analysis has been performed we design remediation plans that outline the path to compliance. These are prioritised roadmaps with discrete  and defined work packages in them that are specifically designed to address the risks identified in the gap analysis work.


Experienced in providing information security, GDPR/privacy and regulatory & compliance cyber services to the Financial and Insurance sectors globally for almost a decade.


7 Barnes Street,

Limehouse, London

E14 7NW

0800 8611 960


We endeavour to provide a response in 24hrs and are always happy to be contacted regarding new opportunities or questions you may have - please don't hesitate to ask!

© 2017 Copyright. All Rights Reserved.