This page lists, in alphabetical order, the current members of the UK Cyber Security Council by their relevant membership package. Details will be updated as new members join.
To learn more about our affiliate membership packages - Support, Share, Sponsor & Showcase, visit our membership page here.
SHOWCASE MEMBERS
About ISC2
ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world.
It offers a portfolio of cybersecurity credentials that are part of a holistic, pragmatic approach to security, and is best known for the Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) certifications.
Vodafone Business is part of the Vodafone Group. We help businesses of every size to embrace positive change through digital communications technologies - today, tomorrow and into the future. We work with the world's largest multinational companies, fast growing enterprises, Government teams, ambitious start-ups and small businesses around the world. We can provide services globally, regionally and locally – mobile, fixed, unified communications, Internet of Things (IoT) and cloud and security - connecting the people, places and things that matter to businesses – wherever they are.
Vodafone Business Security Enhanced (VBSE) is a specialist unit within Vodafone Business UK - we’re dedicated to strengthening the cyber security position of large and public sector organisations that form the UK's Critical National Infrastructure with UK sovereign solutions and security cleared staff.
With over 25 years’ experience, we simplify day-to-day cyber security operations by applying intelligent technologies and advanced threat expertise so that you can focus on bigger strategic priorities.
SPONSOR MEMBERS
Innovate Healthcare Services is a joint venture company of South Warwickshire University NHS Foundation Trust and George Eliot Hospital NHS Trust, providing digital and ICT services across Warwickshire and the West Midlands.
Innovate delivers excellent digital, technology, cyber security and information governance services to partners supporting them to revolutionise care delivery, unlock productivity benefits and drive the efficiencies of digitally enabled healthcare.
For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology and the cyber and digital age. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, enabling enterprises to train and build quality teams that effectively help their organization to realize the business value of the use of technology, through technology/cyber: security, governance, risk management and audit & assurance. ISACA is a global professional association and learning organization that leverages the expertise of more than 150,000 members, in 188 countries, through more than 220 chapters worldwide.
In the UK, ISACA is represented by 6 local Chapters: Central UK, Ireland, London, Northern England, Scottish & Winchester, with a total of around 8,500 members.
ISACA has also established One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations.
Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK.
We are passionate about the work we do and transforming services for citizens. We apply our skills in innovation and collaboration from across the Methods Group, to deliver end-to-end business and technical solutions that are people-centered, safe, and designed for the future.
Methods is certified by the National Cyber Security Centre’s Cyber Security Consultancy framework. As an assured service provider through the NCSC’s framework, Methods’ team of experts provide the most appropriate cyber security consultancy services to protect clients’ services and information.
Qualification through this framework recognises that Methods has a proven track record of delivering defined cyber security consultancy services; a level of cyber security expertise supported by professional requirements defined by NCSC; and the relevant Certified Professional (CCP) qualifications.
We are experts in delivering secure, resilient, cyber and information services - keeping systems and data safe.
At QA, we believe the answer to closing your digital skills gap lies with the people you already have and the talent we can bring for the future. We’re experts in reskilling, upskilling, apprenticeships and other talent needs for leading enterprises and public sector organisations in the UK and around the world.
Our bespoke and customisable training methods, learning programmes and talent acquisition solutions cover all your digital requirements including emerging and in-demand tech skills to transform your workforce and fuel your business.
Red Helix specialise in helping businesses like yours defend themselves against inevitable cyber threats. Our managed services seamlessly integrate with your existing IT team to provide the necessary support whenever and wherever needed. We cater to companies of all sizes, offering tailored solutions to address your specific cyber security challenges.
While security measures can sometimes impact network performance, this is not the case with Red Helix. With over 35 years of experience managing complex networks in the UK, we have honed our expertise in network optimisation and performance monitoring. This means we can provide both speed and security, ensuring your network functions efficiently while keeping it protected.
Share Members
C3IA is an SME that provides Cyber, Information Security & Assurance services to our clients across Defence, wider Government, Law Enforcement and the private sector. We are a NCSC certified company and a critical supplier to defence.
Our purpose ; We want to do the right thing and have a positive impact in so doing.
Our business function is to serve and to deliver, making a difference to, and for, our clients.
We want to actively contribute to making the world around us a better and safer place for good people and we want to impede and if necessary, prevent those who would harm them and that world.
CODA is a dedicated penetration testing, vulnerability assessment, and cyber security consultancy company, specialising in the following areas:
We are entirely independent, with no commercial interest beyond delivering tailored cyber security assessment and consultancy services for our clients.
Our penetration testing and consultancy teams are from both defence and national security backgrounds and commercial companies. All consultants have extensive experience and multiple certifications in cyber security and related disciplines.
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the global information technology ecosystem and the estimated 75 million industry and tech professionals within it. It is a hub for advancing the tech industry and its workforce, through training, certifications, and market research.
CompTIA’s Cyber Security Pathway helps individuals understand the skills they need to progress in their careers, with certifications mirroring the current skills of IT professionals.
Condatis deliver Identity and Access Management services to government and other large and complex, IT-driven organisations. Our solutions are designed to enhance security, simplify onboarding and boost business efficiency for our clients, globally.
We’re on a mission to empower organisations to accelerate their digital maturity using trusted credentials. As a Microsoft Solutions Partner, we build-upon best-in-class Microsoft Entra and Azure AD technologies, to offer practical solutions for complex client requirements. Our team of over 50 experts are skilled in consolidating and streamlining systems to improve user experience and reduce the associated friction, risks, and costs.
We constantly explore new strategies to help our clients stay ahead of the competition. Working in close collaboration with the Microsoft Product Engineering team, our expertise and practical experience help develop Microsoft’s Identity roadmap.
Condatis’ helps our clients to enable their digital relationships by building communities of trust .
Cyber Wales is a representative body with the aim of being the Heart and the Voice of the cyber Communities in Wales.
Cyber Wales is a registered CIC and the Management Team, the Cluster Managers and the Steering Committee all strive to provide a platform for Members to find Guidance, share News, ideas and best practice, to encourage collaboration through Clusters, Events and Competitions and to identify Opportunities for the cyber Communities in Wales to thrive and grow.
EC-Council is one of the world’s largest cyber security technical certification bodies, working with training partners, governments, corporations and academia in the pursuit of furthering the transfer of knowledge and skills to cyber security professionals and learners.
EC-Council’s hands-on portfolio of certifications, such as the Certified Ethical Hacker (CEH), have developed a community of over 230,000 members across 145 different countries. In the UK, EC-Council works our Accredited Training Centers and over 100+ academic partners to further cyber security education.
FastNetMon is a UK-based network security vendor, providing DDoS detection and mitigation software. Its mission is to provide an affordable and reliable instrument for preventing DDoS attacks and puts all its effort and experience into reducing damage from DDoS attacks and keeping networks running smoothly. The company has an international presence in the telecom, mobile and cloud industries.
Immersive Labs is the leader in people-centric cyber resilience. We help organizations continuously assess, build, and prove their cyber workforce resilience for teams across the entire organization, from front-line cybersecurity and development teams to Board-level executives. We provide realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities and decision-making against the latest threats.
Organizations can now prove their cyber resilience by measuring their readiness compared to industry benchmarks, building team capabilities, and demonstrating risk reduction and compliance with data-backed evidence. Immersive Labs is trusted by the world’s largest organizations and governments, including Citi, Pfizer, Humana, HSBC, the UK Ministry of Defence, and the UK National Health Service. We are backed by Goldman Sachs Asset Management, Summit Partners, Insight Partners, Citi Ventures, Ten Eleven Ventures, and Menlo Ventures.
The Nuclear Decommissioning Authority (NDA) is a non-departmental public body engaged in cleaning up the UK’s earliest legacy nuclear sites safely, securely and cost-effectively, with care for people and the environment.
The Office for Nuclear Regulation (ONR) is the UK’s independent nuclear regulator for safety, security and safeguards. Its mission is to protect society by securing safe nuclear operations, and delivers five statutory purposes to meet that mission: nuclear safety, conventional safety, nuclear security, nuclear safeguards, and the safety and security of transport.
Its regulatory focus for cyber security centres around industrial control systems that have a role in nuclear safety or security, and information technology used to store or process sensitive nuclear information.
Pionen specialise in offering independent cyber security consulting and project delivery partnerships for strategy and solutions design, risk management and all related security change and project delivery services.
As a vendor agnostic business, we are able to effectively and honestly engage with business executives and provide advice, guidance and support in a way that is most appropriate for our customer.
Pionen's HMG department delivery expertise, experience and delivery focus is class leading.
We ensure that all proposed solutions are aligned with our clients’ strategy, business objectives, enterprise architecture and most importantly are delivered the right way.
Launched in 1989 as a cooperative for information security thought leadership, SANS’ ongoing mission is to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place.
From cyber foundations to leadership strategies, SANS offers more than 80 hands-on, in-depth courses to provide cyber professionals at every level of experience with immediately applicable skills.
Our instructors are experienced practitioners who also excel in mentoring others. Every SANS instructor and course author belong to an elite group of information security practitioners; driven to share their knowledge and experience with others who find their inspiration in a shared goal to protect governments, militaries, commercial and non-profit organisations from the cyber threat. We leverage this expertise and our training capabilities to deliver research, career tools, cyber ranges and many other widely available learning opportunities.
Integrity and collaboration are the values that guide us in choosing how to best contribute to our global security community. In doing so, we collaborate with a broad community of cyber professionals and organisations, partnering with those who share our mission and commitment to creating a diverse, capable and innovative industry.
SecAlliance is a cyber threat intelligence product and services company. Delivering cyber threat intelligence services across the globe, its clients include governments, central banks, healthcare, financial services, manufacturing, transportation, energy, research and Critical National Infrastructure.
Its team comprises threat intelligence professionals, with diverse backgrounds ranging from conventional intelligence, law enforcement, consulting, research and academia, to technical, software development and penetration testing.
As organisations embrace growing opportunities within digital environments, they need to increase protection against cyber risk at all levels. The Cyber Scheme was established in 2013 to develop robust professional standards for ethical security testers, providing a high quality platform for certification in critical skills areas required to support the UK’s National Cyber Security needs.
The Cyber Scheme has been contracted to operate technical certification for the CHECK assured service scheme operated by The National Cyber Security Centre (NCSC). Our CSTM and CSTL exams are led by NCSC approved Assessors who hold CHECK TEAM LEADER Qualifications for Infrastructure and Web Applications.
The Cyber Scheme believe in making assessments both relevant and accessible to people from all backgrounds working across many different sectors, and are working with charity partners to make a career in cyber attainable to people who don't discover it through traditional channels, helping to address the skills shortage this industry is increasingly facing.
Our aim is to provide suitably qualified staff nationwide, working with UK businesses, the academic community and the public sector to help provide digital resilience and protection in the ever-changing world of digital security
Support Members
We work with clients to help them extract more from IT. Our uniquely deep business and technology expertise helps us to better understand our client’s strategic requirements and how to best apply IT to meet those needs. The following is a summary of our capabilities:
· Outstanding Support: Comprehensive pre-take-on audits, heat-maps, transition plans, Cyber Security assessments, advanced support toolsets, point in time SLA’s and a zero tolerance to faults.
· Portfolio: Alongside Managed Services we have expertise across a wide range of solutions including Connectivity (ISP), Workspace, Video Conferencing, Data Processing including Cloud Migration, Business Applications and Website development.
· Transform & Innovate – We help our clients to develop pragmatic and cost-effective technology roadmaps to support their business plans.
· Cyber Security: We provide expertise across deterrence, detection, defence, containment, and recovery and have a track record of putting our clients through independent Cyber Security certifications such as Cyber Essentials (UK). Our expertise includes Cyber Essentials, ISO27001 & the new NIS2 Directive (Europe), NIST (US) and CNCERT/CC (China).
· Global Reach: We have clients and projects spread worldwide.
Cyber Ops Global Ltd is a UK based Cyber Investigation and Incident Response Consultancy and Training company, established in 2009.
We offer a refreshing approach to the challenging world of Cyber, Internet and Digital investigations, providing highly experienced investigators to address your bespoke criteria.
Our practitioners are also our trainers and consultants, bringing real world knowledge and experience to projects and immersive, modern, and interactive learning programmes.
We have experience of cyber investigations, consultancy and training delivery in over 50 countries and operate in the most sensitive of environments across all sectors.
You Gotta Hack That is a leading cyber security consultancy specialising in penetration testing and hacker training for Internet of Things (IoT) and Operational Technology (OT). Between the two main services their customers come away with a better understanding of the deeply technical nature of cyber security risks for IoT and OT. Their consultancy services include penetration testing, hardware and software reverse engineering, and both wired and wireless protocol analysis.
The training services offer a variety of course modules that delve into a specific area of hacking into embedded systems ensuring that students have the opportunity to master the intricacies of the subject.
The team is composed of highly skilled professionals with many years of expertise in offensive cyber security and the organisation has the core ethos of pushing for the cutting edge to guarantee they stay at the forefront of the field.
Complus IT delivers tailored IT services with a strong emphasis on cybersecurity and compliance. Based in London, the company serves clients in financial services, media, and other critical industries. Through its Manage, Protect, and Assure service pillars, Complus helps businesses safeguard their operations while enhancing system reliability and performance.
With a proactive, client-focused approach, Complus ensures that every IT infrastructure is secure, resilient, and ready for future growth.
Since 2004, Evolve North has been safeguarding businesses with expert IT Security and Information Governance. Our team delivers clear, practical solutions, ensuring compliance with standards like GDPR, ISO27001, and Cyber Essentials.
We integrate seamlessly with your team, leveraging our deep industry knowledge and expertise to provide tailored, real-world guidance that keeps your data secure and your business ahead of the curve.
All Your Base is a leading penetration testing company specializing in identifying vulnerabilities to fortify clients defences. With cutting-edge methodologies and a dedicated team, we deliver actionable solutions to safeguard digital assets in today's cyber landscape.
They specialize in the following areas:
- Web Applications & API
- Mobile Applications
- Phishing
- IoT & Hardware
- Code Review
- LLM / GenAI
https://allyourbase.uk/
Acubed.IT delivers cost-effective, cyber-secure solutions through our specialised expertise in Cross-Domain technology. Our team collaborates closely with HM Government to design, develop, and integrate powerful applications that automate and transform business processes.
Leveraging extensive experience in secure cloud solution design, we deliver digital solutions that are user-focused, scalable, and aligned with GDS standards.
Our work includes partnerships with UK Cyber Authorities and other government departments, supporting the R&D of Cross-Domain innovative technologies and solutions. In collaboration with the NCSC, we have developed the next generation Cross Domain Hybrid Application Framework.
CloudSEK provides AI-powered Digital Risk Protection, External Attack Surface Monitoring, and Software Supply Chain Monitoring. By leveraging Indicators of Attack (IOAs) and contextual AI, we predict, detect, and mitigate cyber threats from surface web, deep web, and dark web, empowering organizations to protect their digital assets proactively.
Unlike conventional solutions that rely heavily on Indicators of Compromise (IOCs) to detect threats after they've already occurred, CloudSEK emphasizes Indicators of Attack (IOAs), which focus on identifying early stages of attack behavior. This allows organizations to detect threats proactively—before they cause damage—leading to quicker response times and reduced incident impact.
CloudSEK is the 3rd highest rated Security Intelligence vendor in the world, and number one in APAC and is backed by prominent investors like MassMutual Ventures and Exfinity Ventures.