Most cyber security sales pitches are designed to frighten you into buying everything. Ours is designed to work out what you actually need. Cyber Essentials, Cyber Essentials Plus, endpoint protection, phishing training and incident response, priced so small businesses can afford proper cover.
Tell us your biggest current concern and we'll come back with a short written review of where you stand. No obligation, no sales call.
Before we talk about tools, let us work out what you actually need. Cyber security is not one purchase, it is a set of decisions sized to your business.
We get you through certification first time. Cyber Essentials is a self-assessment verified by an auditor, and CE+ adds an on-site technical audit. Most businesses need some prep work first: we scope it honestly, fix what needs fixing, then submit. Usually 3 to 6 weeks end to end.
Phishing is now the single biggest threat to small businesses. Managed email filtering, MFA enforcement and monthly simulated phishing training turn your team from risk into defence. Priced per user, starts from a few quid each.
Stop reading, call 01656 521505. If you are an existing client an engineer picks up immediately. If not, we will respond within two hours during working hours. Quick first move: disconnect affected systems from the network from a different device.
Compliance-driven cyber projects are short, focused, and deliverable. We tell you what the auditor actually wants to see, build it, document it, and rehearse you for the questions. CE+ certificate on the wall helps with most UK tenders.
Cyber security is full of vendors selling fear. We would rather sell you a written plan, and the minimum set of tools to run it.
Most cyber checklists try to sell you everything. MFA, patching and proper backup beat 80% of small business threats for almost no cost. We recommend paid tools when they genuinely move the needle.
We have walked dozens of South Wales businesses through CE and CE+. We know what the assessors look for, what trips people up, and how to get the certificate on your wall without drama.
Security baked into how your IT is actually run is ten times more effective than a bolt-on. Because we handle your managed IT too, every control we recommend is something we can actually maintain.
Pricing is typically per user or per device, but some services are project-based. For example, Cyber Essentials is a fixed project while antivirus is a monthly licence. We will give you a written breakdown, not a single vague figure.
Here is exactly what happens when you request an exposure review.
We look after the cyber security of businesses from Bridgend to Newport, Swansea to the Valleys. Click through to your area for local context.
If yours is not here, ask it in the widget above and we will answer properly.
The certification itself is around £320-£500 per year depending on business size, paid to IASME. Our role is helping you pass first time, which for a typical small business is around £500-£1,500 of support depending on how far off you currently are. Ongoing tooling (AV, MFA, patch management) is priced separately, typically from £6 per user per month.
Cyber Essentials is a self-assessment verified by an auditor. Cyber Essentials Plus adds an on-site technical audit where we test your defences live. CE is the entry bar; CE+ is what larger buyers and public sector contracts want to see. We do both.
Yes, we run targeted pen tests to validate your controls are actually doing what you think they are. Most small businesses do not need a full CREST-grade test; a scoped engagement on your key apps or external surface is usually the right move.
It depends what you need. Certification support is a fixed project. Tooling like endpoint protection or email filtering is per user per month (typically £3-£10 each). Incident response is quoted per engagement. We will give you a written breakdown rather than a single vague price.
If you are an existing client, call 01656 521505 and you will get an engineer immediately. If you are not, email hello@thornetechnology.co.uk with 'INCIDENT' in the subject and we will respond within two hours during working hours. For active ransomware, we recommend disconnecting systems from the network first and calling us from a different device.
Yes. Simulated phishing campaigns, short monthly training modules, and reporting for the board. Included in Professional and Advanced IT support tiers, or available standalone from around £3 per user per month.
A short written review of where you are exposed, what to fix first, and what it would cost. No sales call, no follow-up nag.
Get my free review →