Skip to content

Council members

This page lists, in alphabetical order, the current members of the UK Cyber Security Council. Details will be updated from time to time.

A members-only area of this website is in development.

Aggress Ltd is an independent security consultancy supporting the National Cyber Security Strategy by providing cyber security services such as: 

  • Assessment, audit and certification 
  • Cyber Essentials and Cyber Essential PLUS 
  • IASME Assurance 
  • IoT Security Assured 
  • Assessment, testing and reporting 
  • Risk assessments 
  • Vulnerability assessment 
  • Penetration testing 
  • Supporting engagement and change 
  • MSP Consultancy 
  • Critical friend to the management and board 
  • Information Security Partner 

It works with all sizes of organisations and their suppliers to raise the standard of information security. Providing pragmatic security guidance covering people, processes, and technology that supports overall business resilience, effectiveness and growth. 

A partner of the Scottish Business Resilience Centre. It does not provide IT support services or sell software so that it can provide unbiased and balanced guidance. 

Arcanum Information Security is an NCSC-Certified provider of Cyber Security Consultancy services to Government and the private sector.

Its team of consultants all have Certified Cyber Professional status awarded by GCHQ and the National Cyber Security Centre and supports clients ranging from critical national infrastructure, manufacturing, and defence to SMEs. Services include cyber security consulting, penetration testing and digital forensics, from its UKAS ISO 17025 Accredited laboratory. As an IASME certification body, it supports organisations to achieve Cyber Essentials, Cyber Essentials Plus and the IASME Governance Standard.

BCS, The Chartered Institute for IT is the UK’s professional body for computing. It promotes and advances the education and practice of computing for the benefit of the public.   

As the professional membership and accreditation body for IT, it serves over 60,000 members including practitioners, businesses, academics, and students, in the UK and internationally. BCS is also a leading IT qualification body, offering a range of widely recognised professional and end-user qualifications. 

BCS actively promotes and campaigns for the highest ethical and professional standards and practices in our rapidly changing digital landscape. It acts as an influential voice in the tech sector, listened to by government, industry, and wider society.  It works with its community and the wider profession to identify and address the digital challenges facing our society to ensure technology’s impact is positive for everyone. 

C3IA is an SME that provides Cyber, Information Security & Assurance services to our clients across Defence, wider Government, Law Enforcement and the private sector.  We are a NCSC certified company and a critical supplier to defence.

Our purpose ; We want to do the right thing and have a positive impact in so doing.

Our business function is to serve and to deliver, making a difference to, and for, our clients. 

We want to actively contribute to making the world  around us a better and safer place for good people and we want to impede and if necessary, prevent those who would harm them and that world.

Cantarus is a UK-based digital solutions provider specialising in web, mobile apps, online communities and hosting. Under its Kalani brand, it also offers managed and unmanaged security and infrastructure services through partnerships with leading vendors, spanning public cloud, edge computing, zero-trust solutions, firewalls, endpoint security, encryption, disaster recovery, vulnerability scanning and monitoring.

Registered on the UK government DOS and G-Cloud frameworks, Cantarus works with organisations across the public and private sector.

Jersey’s Cyber Emergency Response Team (CERT.JE) is responsible for promoting and improving the cyber resilience across the Island’s critical national infrastructure, business communities and citizens to reduce the risk and impact of major cyber incidents in Jersey.

As the Cyber Security Centre for Jersey, we form part of an international cyber emergency response network and represents the interests of Jersey internationally, helping to maintain and strengthen the Island’s international reputation as a safe place to live and to do business online.

The CERT can also provide expert assistance in the case of a cyber security incident. We are an independent voice for cyber security and designed to operate at arms length from Government.

We are run by cyber security experts who can provide cyber security advice and best practice guidance on the management of cyber security risk to help you raise the awareness of the importance of cyber security within your own business, as well as help with incident response processes, policies and procedures.

The Chartered Institute of Information Security (CIISec) was formed in 2006 to advance the professionalism of information security practitioners and thereby the professionalism of the industry. CIISec is the only pure-play cyber and information security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in cyber and information security. We have a growing membership that represents over 15,000 individuals and provides a universally accepted focal point for the profession, ensuring standards of professionalism for practitioners, qualifications, operating practices, training and individuals.

Website Link:

CODA is a dedicated penetration testing, vulnerability assessment, and cyber security consultancy company, specialising in the following areas:  

  • Penetration Testing - including web, cloud, and internal infrastructure.  
  • Vulnerability Assessment - across a wide range of technologies and governance structures/  
  • Risk Management - including Government and Defence requirements, NIST frameworks, and compliance with ISO 27001 and PCI DSS/  
  • Red-Team Engagements - including simulated adversary and assumed breach exercises.  
  • NCSC CHECK IT Health Check Assessments - primarily focused on central Government and classified systems.  

We are entirely independent, with no commercial interest beyond delivering tailored cyber security assessment and consultancy services for our clients.  

Our penetration testing and consultancy teams are from both defence and national security backgrounds and commercial companies. All consultants have extensive experience and multiple certifications in cyber security and related disciplines.   

The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the global information technology ecosystem and the estimated 75 million industry and tech professionals within it. It is a hub for advancing the tech industry and its workforce, through training, certifications, and market research. 
CompTIA’s Cyber Security Pathway helps individuals understand the skills they need to progress in their careers, with certifications mirroring the current skills of IT professionals. 

Based in Scotland, Consider IT provides IT and cyber security services, ranging from cyber essential and vulnerability management to penetration testing and fully managed security services, to organisations of all sizes. 

Consider IT is CREST accredited, an IASME Cyber Essentials Plus assessor, and a partner to the Scottish Business Resilience Centre.