Founded in 2021 by 3 highly experienced consultants, Arculus is a specialist, independent CyberSecurity consultancy.

We provide Cyber Security advisory services including conducting CyberAssessments, Information Risk Management and Assurance, SOC2 consulting and certification, ISO/IEC27001 services and Data Privacy consultancy.

Key Specialities

Security Architecture

Security architecture is the design of information systems that have suitable security controls in place to mitigate a given level of risk while supporting business functionality and objectives. Arculus consultants are experienced in the use of security architecture approaches including SABSA and TOGAF.Our architects are qualified to provide expert guidance under the NCSC Certified Professional Scheme.

Penetration Testing

Penetration Testing enables organisations to identify and address vulnerabilities in their information systems before they are exploited and result in a breach.

Arculus is a specialist, independent provider of penetration testing services. We are a member of key security assurance schemes including CREST Security Penetration Testing, and are a Cyber Essentials Plus certifying organisation. Services include:• Web application testing (OWASP)• Network and infrastructure testing.

  • Cloud-based testing, including AWS and Azure
  • Compliance testing, including for PSN and PCI DSS
  • Vulnerability scanning and monitoring
  • Code review
  • Social engineering and Red Teaming.

Compliance & Testing

Arculus are experts at supporting organisations in achieving compliance and certification against key standards including ISO/IEC27001, NIST, SOC2 and the Payment Card Industry Data Security Standard (PCI DSS).

We use principles-based guidance such as the NCSC Cloud Security Principles to assess systems and services and provide reports which can be used to demonstrate how the organisation meets those principles in their own context.

We engage with business and technical stakeholders at all levels to evaluate the governance processes, technical, physical and personnel level security controls. We provide pragmatic support and guidance to build information security management systems that are compliant with ISO/IEC 27001 and can be certified by the chosen certification body.


To learn more about Arculus please click here