Our specialist cyber advisory group provides an impartial service, focusing solely on enabling large and mid-market enterprises to navigate complex cyber security issues and meet regulatory requirements. Using a proven methodology and supported by national security-level advisors, our experts assess a client’s cyber maturity, and provide guidance to help them identify, understand and manage their security risks.



The crucial first step in managing cyber risk is to understand it. An ITC Cyber Assessment will provide you with this understanding. We assess every aspect of your organisation: technology; culture; governance; and people, to give you a clear, comprehensive and independent understanding of the specific levels of risk you face. This puts you in the optimum position to address and lower your cyber risk.

Why you might need an assessment

To manage your organisation’s cyber security and ensure the safety of your most valuable data assets. You need to understand the levels of cyber risk you are carrying, to know where you are most vulnerable and to determine how best to prioritise your security budget.

Key benefits

An ITC Cyber Assessment covers:

  • Governance (strategy, accountability, board oversight)
  • Identification (asset inventory, third-party risk, user access)
  • Situational awareness (threat intelligence, collaboration)
  • Protection (patch management)
  • Detection (continuous monitoring, incident response)

What we deliver

Following the assessment, we deliver a report that highlights the vulnerabilities you carry in each area of your organisation. This will include a management-level executive summary of the identified issues and their potential business impact, together with a detailed technical appraisal.

We will also ensure you consider any relevant regulatory standards.

Why ITC Cyber Advisors

Our advisory team includes former members of National Intelligence and has access to some of the world’s leading security experts. Using a proven methodology to show organisations their current cyber maturity, we deliver clear, outcome-based recommendations that assist organisations in making the right cyber investment choices.



Regular penetration (or pen) testing is an important step in hardening an organisation’s cyber security posture. Under controlled conditions it will highlight vulnerabilities and enable them to be fixed before they are exploited. By identifying vulnerabilities, predicting their likelihood and quantifying the possible impact, penetration testing enables proactive management and the implementation of corrective measures which can be used to shape an organisation’s cyber security strategy.

Why you might need this service

In an age of threat actors with advancing sophistication, a growing number of breaches are achieved or leveraged using application vulnerabilities. Regular penetration testing is therefore a crucial aspect of any robust cyber security solution. It will enable vulnerabilities to be identified before they can be exploited. Penetration testing also provides the initial vulnerability assessment that is an essential part of any cyber security strategy.

Key benefits

Following the penetration test we deliver a report highlighting identified vulnerabilities and recommend the remediation steps necessary to mitigate these vulnerabilities. The report will include an executive summary of the identified concerns and their potential business impact.

An ITC Penetration Test will help you to:

  • Uncover critical vulnerabilities in your environment
  • Prioritise and tackle risks based on their exploitability and impact
  • Meet compliance with industry standards and regulations such as ISO and PCI-DSS
  • Protect your brand and market reputation
  • Provide assurances to information security and senior management

Why ITC Cyber Advisors

Our penetration tests are delivered by professionals with a history of handling complex, large-scale vulnerability assessments across a widerange of clients and industry sectors. The advisory team uses a proven ITC methodology to assist organisations with achieving cyber security maturity.



As cyber threats continue to increase in frequency and complexity, successful organisations consider information security their key priority. Chief Information Security Officers (CISOs) are sought-after individuals who have the experience and skills to bridge the gap between the C-level leaders and information security professionals within an organisation.

Why you might need this service

With the cyber security talent gap widening – 53% of organisations wait over 6 months for qualified candidates – mid-tier businesses are struggling to find experienced (and certified) personnel who are both knowledgeable cyber professionals and leaders with a high degree of business acumen.

However, hiring the right CISO is not the only challenge. Long-term retention of good CISOs is also difficult as they are often being poached by other companies. So, for many mid-tier enterprises, attracting and retaining a full-time CISO is simply not cost effective.

Key benefits

Utilising CISO as a service will enable you to bridge the gap between senior leadership and information security. When the right CISO is placed within an organisation, they use their field experience and leadership skills to develop information security to not only support the business cyber security needs, but to enable an organisation to keep winning in their marketplace. This service provides:

  • Security leadership at a cost tailored to your organisation’s needs
  • Direct access to a selection of experienced and highly skilled candidates that can competently drive your organisation towards achieving mature, sustainable information security defences

Why ITC Cyber Advisors

The advisory team will ensure you are paired with a CISO that is right for your business. ITC has been providing CISO as a service for many years and can draw on experience of working with various high-profile organisations.



This is a non-invasive review that assesses an organisation’s current cyber security (controls and practices), IT architecture and protection status. It identifies high-risk areas, red flags and cyber vulnerabilities to deliver a clear and easy to understand security ratings report.

Why you might need this service

It’s critical you have a qualified view of the cyber risks your organisation is exposed to. Whether it’s a point-in-time view of your own cyber security maturity, that of a current third-party supplier, vendor or partner, or that of a business you are considering investing in, trading with or acquiring, this service will provide you with the information needed to make informed decisions.

Key benefits

We provide a straightforward report that rates the cyber security of your business or that of a third party, giving comparisons with industry peers.

The ratings report provides data on:

  • Compromised systems (evidence of any communication with known malware-associated IP addresses)
  • Diligence (the configuration of public facing services, such as emails and encryption)
  • User behaviour (potentially insecure practices such as the use of peer-to-peer file sharing)

Why ITC Cyber Advisors

We partner with leading private equity and international law firms to promote cyber due diligence. Our credible and confidential reporting enables better, fact-based, decision-making which helps prevent financial loss and reputational damage.

Additionally we provide:

  • Strategic advice
  • Nation security-level advice
  • Compliance consulting
  • Private client security
  • Crisis communication
  • Forensic investigation
+44 (0) 20 7517 3900