Cyber Trust
Cyber Trust brand background

About Cyber Trust

Security ownership around your existing IT.

We are a UK cyber security team that wraps around your internal IT team or provider. We do not replace them or run day-to-day IT support. We own cyber risk, governance, and assurance so the business has a clear security owner.

Works alongside IT/MSPsBoard-ready assuranceSenior-led deliveryPlain-English reporting
Talk to usFully Managed Cyber

At a glance

Around your existing IT

We provide the security function without displacing IT teams or MSPs.

Board-level clarity

Clear risk, priorities, and evidence in plain English.

Senior-led delivery

A consistent team you can actually speak to.

4.9/5

from 180+ 5-star reviews across Google and Trustpilot

NHS
St. James's Place
Whistl

What we do

Practical security, owned and delivered.

We run joined-up cyber security programmes for growing organisations, working alongside IT teams and MSPs. We keep governance clear, delivery realistic, and evidence ready for boards, customers, and auditors.

Security ownershipClear prioritiesEvidence-ready assuranceCalm delivery

Core services

  • Running fully managed security programmes, acting as your security team.
  • Delivering board-level cyber posture audits so leaders can see where they are exposed and what to fix first.
  • Providing senior security leadership on a part-time basis.
  • Delivering and maintaining Cyber Essentials and Cyber Essentials Plus, and supporting work towards standards such as ISO 27001 and sector-specific requirements.
  • Carrying out penetration testing and ongoing vulnerability assessments, translated into practical actions.
  • Helping with security awareness, phishing resilience, policies, documentation, and support for tenders and questionnaires.

We make security feel owned: clear priorities for leadership, practical actions for IT, and evidence you can show customers, insurers, and auditors.

- Cyber Trust delivery team

What you get

A board-ready view of risk

What matters, why it matters, and what you are doing next.

Assurance you can prove

Evidence that stands up to scrutiny, not just good intentions.

Less noise, more progress

A calm, consistent programme that does not derail IT delivery.

Why we do this

Cyber is noisy.We make it calm, practical, and provable.

Growing organisations are big enough to be targeted, but rarely want a full in-house security department. The result is often unclear ownership, scattered controls, and a board asking, "Are we actually okay?"

ClarityPrioritiesDeliveryEvidence

We work best when your organisation already has IT in place, but needs a dedicated security partner around them - someone who owns cyber risk, governance, and assurance, and keeps progress visible.

We work with your IT team

We collaborate with internal IT and MSPs - we do not compete with them.

We translate into plain English

Leadership gets clear decisions. IT gets practical, actionable work.

We bring evidence

So you can answer customers, insurers, audits, and tenders with confidence.

Meet the team

A senior UK team you can actually speak to.

Behind Cyber Trust is a senior team of UK cyber security specialists. We run security programmes, audits, and incident response for organisations of all sizes, and we are still the people you can pick up the phone to when something feels off.

Luke Drewer

Luke Drewer

CEO

Sets the overall direction for Cyber Trust and keeps delivery focused on practical, business-first outcomes.

James Pitron

James Pitron

Cyber Security Specialist

Turns deep technical detail into clear actions, from hardening infrastructure to guiding incident response.

Charlie Pedro

Charlie Pedro

Head of International Relations

Builds and maintains relationships with clients and partners across multiple regions and sectors.

Ethan Weston

Ethan Weston

Cyber Essentials Plus Assessor

Guides organisations calmly through CE and CE+ assessments, even when deadlines are tight.

Mitchell Munday

Mitchell Munday

Penetration Tester

Finds weaknesses before attackers do, then explains them in language boards and engineers can both use.

Stanley Miles

Stanley Miles

Head of Client and Partner Relations

Makes sure clients always know what's happening next and have a clear, reliable point of contact.

Joe Kenton

Joe Kenton

Cyber Essentials Plus Assessor

Specialises in making certification accessible for teams who don't live and breathe security.

Alex Drewer

Alex Drewer

Commercial Director

Works with leadership teams to shape engagements around commercial priorities and real-world risk.

Reid Howard

Reid Howard

Cyber Security Analyst

Supports delivery across assessments and security workstreams, keeping actions practical and aligned to real business risk.

How we work

Security ownership, without stepping on IT.

We work alongside your internal IT team or existing provider. We do not run day-to-day IT support. We take ownership of cyber risk, governance, and assurance, then translate findings into practical actions your IT team can deliver.

Calm. Practical. Evidence-led.
1

Step 1

Understand

Your business, pressures, and how IT is delivered (internal and suppliers).

2

Step 2

Clarify

A plain-English view of exposure, priorities, and evidence gaps.

3

Step 3

Deliver

A steady programme: governance, testing, certification, and fixes that stick.

4

Step 4

Assure

Reporting and evidence that stands up to boards, customers, insurers, and audits.

The goal: steady progress you can see, with evidence to back it up - without adding workload chaos to your IT team.

Who we work with

Typically tens to a few hundred staff.

We typically work with organisations with tens to a few hundred staffwho already have an IT team or technology provider in place, but need a dedicated security partner around them as cyber moves onto the board agenda.

You already have IT in place

An internal team, an MSP, or a hybrid setup. You want security to support that - not replace it.

Some controls, mixed confidence

Tools exist, maybe even certification - but no joined-up assurance plan or clear owner for evidence.

Pressure is increasing

Boards, insurers, and customers now expect proof, not reassurance.

Where we help most

Fully Managed Cyber

We run the security programme as your security team: governance, reporting, assurance, and delivery support.

Board Cyber Posture Audits

A clear view of exposure, priorities, and evidence - so leaders know what to fix first.

Certifications and standards

Cyber Essentials and Plus, plus support towards ISO 27001 and sector-specific requirements.

Testing and vulnerability work

Pen testing and ongoing vulnerability assessment translated into practical actions.

See Fully Managed Cyber

This probably is not for you if:

  • • You only want the absolute cheapest certificate, once.
  • • You want a box-ticking exercise rather than real assurance.
  • • You are looking for day-to-day IT support (we are security around IT).

Next step

Want a security team around your existing IT provider?

If you would like to explore whether Cyber Trust is a good fit for your organisation, we can start with a short, plain-English conversation about where you are now and what you might need.

Talk to us about your cyber posture
Plain-English answersClear next stepsNo pressure