Endpoint detection & response (EDR)
Microsoft Defender for Business on every Windows and Mac device. Automated remediation for the common patterns, and a human on the console for the edge cases.
Service · Cyber security
Cyber security for small businesses in West Sussex
EDR, MFA, phishing defence, Cyber Essentials v3.3 readiness and incident response — built into every managed IT contract, not sold as a scary upsell. We write every client setup to pass Cyber Essentials by default.
What we do
Layers that actually stop the common attacks.
The attacks hitting West Sussex SMEs are unexciting: phishing with a stolen password, a ransomware payload through an unpatched laptop, an invoice-redirect fraud via a compromised mailbox. The defences are boring too. We stack them properly.
Multi-factor authentication
MFA on Microsoft 365, remote access, accounting and CRM. From Cyber Essentials v3.3 onward, if a cloud service offers MFA and you haven't switched it on, you auto-fail certification.
Phishing & email defence
Defender for Office 365 P1 with Safe Links, Safe Attachments, anti-impersonation and DMARC/DKIM/SPF configured properly. Phish reporting built into Outlook.
Identity & Conditional Access
Entra ID P1 with Conditional Access policies — block sign-ins from high-risk countries, require compliant devices, enforce MFA on admin roles.
Patching & hardening
Windows, macOS and third-party apps patched on a schedule. CIS-based hardening baselines applied via Intune. Attack-surface reduction rules on.
Security awareness training
Short, quarterly training plus simulated phishing. We track who clicks and which roles need a follow-up — not as a witch hunt, as a coaching plan.
Cyber Essentials v3.3 Danzell
Danzell takes effect 27 April 2026 — here's what changes.
Cyber Essentials is the NCSC-backed scheme most UK small businesses use to prove a baseline of security to insurers and clients. The new v3.3 "Danzell" requirements take effect on 27 April 2026. The headline change: MFA on cloud services is no longer optional. If a service offers it and you haven't turned it on, you fail.
- Full v3.3 gap analysis against your current setup
- Remediation plan with owners and dates
- Self-assessment questionnaire completed with you, not for you
- Submission through an IASME-accredited certification body
- Cyber Essentials Plus hands-on technical audit support (typically £1,400–£3,000 certification fee)
- Annual renewal reminders and re-gap before the audit
Bonus: IASME-certified organisations under £20m turnover get bundled cyber liability insurance as part of the certification — one of the less-known benefits of going through the scheme.
What auto-fails v3.3
- Any cloud service with MFA available but not switched on
- Admin accounts that share credentials with everyday accounts
- Unsupported operating systems in the scope (Windows 10 without ESU after Oct 2026)
- No documented patching schedule
- Devices not enrolled in a management or compliance tool
If the worst happens
Incident response, written down before you need it.
Every managed contract includes an incident response plan. Roles, numbers, a containment checklist, and an out-of-hours phone line that rings a real engineer. You don't want to be writing this at 2am.
Contain
Isolate affected devices and accounts. Block sign-ins, revoke tokens, pull identity logs.
Eradicate
Remove the payload or persistence, rotate credentials, close the entry path.
Recover
Restore from tested backups, rebuild anything suspect, re-enrol devices.
Report
ICO notification if needed, insurer notification, written post-incident report with lessons learned.
FAQ
Common cyber security questions.
Do we need Cyber Essentials or Cyber Essentials Plus?
Most SMEs start with Cyber Essentials (self-assessed, from around £320+VAT for a micro business). Cyber Essentials Plus adds an on-site technical audit and costs £1,400–£3,000. If you bid for public sector work or have clients who ask, go Plus. Otherwise start with the base level, bank the IASME insurance benefit, and move to Plus when a contract demands it.
What's EDR and why do we need it instead of antivirus?
Traditional antivirus matches files against known-bad signatures. EDR — endpoint detection and response — watches behaviour: processes spawning processes, PowerShell running obfuscated code, files being encrypted in bulk. It catches things AV misses and can automatically isolate a device before the attacker spreads. Microsoft Defender for Business (included in 365 Business Premium) is the sensible default for SMEs.
What does the IASME cyber liability insurance actually cover?
If you certify Cyber Essentials or CE Plus through an IASME-accredited body and your UK turnover is under £20m, you get bundled cyber liability insurance as part of the certification. The cover sits at the lower end of commercial cyber policies (£25k limit is typical) but it's a real benefit few SMEs realise they're paying for already.
Can you help if we've just been hit?
Yes — we take on incident response work for non-clients. Call the number at the top of the page. We'll isolate, investigate and help you rebuild. Afterwards we write up the incident for your insurer and the ICO if notification is needed. If you become a managed client after, the investigation time is credited against the first three months.
Do you do penetration testing?
We don't run in-house pen tests — we're a managed services team, not a red team. We project-manage them through partners we trust, scope the engagement around what your insurer or client actually needs, and then remediate the findings with you. Pen testing as a checkbox is a waste of money; we make sure it's not.
Free Cyber Essentials v3.3 gap check.
A 60-minute session plus a tenant and endpoint scan. We tell you what would fail today — whether you certify with us or not.