Cyber Security
Serious protection, sized for a smaller business
You don't need an enterprise security department. You need the right layers, properly run: endpoints watched, email filtered, identities locked down, updates applied — and evidence you can show clients and insurers.
Defence in layers
No single silver bullet — six layers that work together
Attacks rarely beat every control at once. Each layer covers the gaps in the others, and we run them all as one managed service.
Endpoint detection & response
Software on every laptop and server that watches for attack behaviour and isolates it in minutes (the industry calls it EDR/MDR), with human eyes on the alerts.
Email security
Phishing, spoofed invoices and dodgy attachments filtered before they land. Email is still how most SME breaches start.
Identity & MFA
Multi-factor authentication everywhere it matters, admin rights trimmed back, and joiner/leaver access reviewed as routine.
Patching discipline
Known vulnerabilities closed on a schedule across operating systems and applications — boring, relentless, effective.
Security awareness training
Short, non-patronising training and simulated phishing for your team — because people click less when they know what to look for.
Backup that assumes the worst
Ransomware-resistant copies of your data, tested restores, and a written plan for the bad day. Covered fully under Backup & DR.
The honest pitch
We won't sell you fear. Here's the maths instead.
Think about a week without email, files or invoicing, then add the cost of telling clients why. Layered security for an SME costs a small fraction of one such week — that's the whole argument, calmly stated.
Proportionate
Controls chosen for a 10–250-person business — effective, affordable, and light enough that people don't route around them.
Watched by humans
Tooling alerts; engineers decide. Genuine threats get acted on in minutes, and you're told what happened and what we changed.
Evidence-ready
Insurers, auditors and client due-diligence questionnaires answered from records we already keep — not a scramble.
FAQ
Cyber Essentials, cost and the overkill question
The things people check before they trust anyone with their security.
What's the difference between Cyber Essentials and Cyber Essentials Plus?
Same five control areas, different levels of proof. Cyber Essentials is a verified self-assessment questionnaire. Cyber Essentials Plus adds an independent technical audit — an assessor actually tests your systems. Many contracts and frameworks (especially public sector) specify Plus.
How long does Cyber Essentials certification take?
It depends on the gap, not the paperwork. A well-run environment can be ready in a couple of weeks; one with legacy kit and loose admin rights might need a month or two of remediation first. The gap assessment gives you a real timeline before you commit.
Will we pass first time?
If we've done the remediation, that's the intention — we don't put submissions in to see what happens. Where something can't be fixed before the deadline a client has set, we'll tell you early and agree a plan rather than gamble the assessment.
A client has given us a deadline to get certified. Can you help?
Yes — this is one of the most common reasons businesses first call us. Tell us the deadline on the first call and we'll be honest about whether it's achievable and what it needs.
Do we really need all this if we're small?
You need protection proportionate to what an attack would cost you — a week of downtime, a fraudulent invoice paid, client data leaked. The layers above are sized and priced for SMEs; none of it is enterprise theatre.
Is Network Motion itself certified?
We practise what we install — the controls we run for clients are the controls we run internally. Formal certificates and accreditations will be listed on this page as they're published rather than claimed loosely here.
Talk to us
Get a straight answer on your security
Whether it's a client demanding Cyber Essentials or a nagging feeling you'd not survive a bad week — tell us, and we'll tell you where you stand.
The gap assessment shows you the full list of findings before any remediation work is agreed.