Evidence-based, data-driven cyber security assessment and assurance

Good security – driven by evidence and data, instead of hyperbole and fear – is a business enabler. It makes your organisation more agile, protects brand value, and reduces your risk in a digital world.

Talk to us

COVID-19 (Coronavirus Disease) Update:

Data Security People, like many of our clients, is fully complying with the UK Government’s instruction on social distancing, meaning that every member of our team is now working from home in order to reduce the risk of COVID-19 to them, their families and the people they may come into contact with.

We remain committed to ensuring that we are available to respond to your queries and to provide the high quality and timely advice and guidance that you have come to expect, including around the increased risks to your critical information systems introduced by hastily-organised remote working arrangements.

To learn more about our response and how we can help you, read our blog



At the benchmarking stage, our assessors will position your organisation against applicable industry and regulatory standards, as well as relevant best practice guidance.

They will also assess your risk and threat environment, and make proportionate recommendations for improvement that are sympathetic to your wider business needs.



Once recommendations have been made, our consultants partner with your team to design, build, and implement evidence-based security controls that meet the threat profile of your organisation.

These controls vary across organisations, but usually range from ‘just enough’ to ‘cyber excellence.’ The point is, the controls will be fit-for-purpose, and maintainable by your team.



After the security programme has reached a state of maturity, our assessors will provide a repeatable assessment framework to allow your organisation to measure improvement over time.

By aligning to a common benchmark, our assessors can track progress using both on-site and remote ‘checks and balances’ activities, backed by clear KPIs: great for the board and your security team.

Data Security People is trusted by:

Passionate work from passionate people

Our work and expertise

We provide assessment and assurance services that help to benchmark, improve and maintain a robust security posture. We take great pride in creating fit-for-purpose and defensible security programmes that meet the individual needs of our clients’ businesses.

Alongside our delivery work, we frequently publish security articles, white papers, and case studies, as well as evidence for research and government.

Crucially, we believe that rationalised information assurance policies – driven by evidence and data, rather than hyperbole and fear – are the best way to improve our clients’ security capabilities.

Read more about our work


Of breaches rely on privilege abuse

Source: 2019 Data Breach Investigations Report, Verizon


Average number of days to detect a data breach

2019 Cost of a Data Breach Report, IBM


Cost to UK business of CEO email fraud

Source: The cyber threat to UK business 2017-18, NCA


Businesses seek external help on cyber security

Source: Cyber Security Breaches Survey 2019, DCMS