Based in Cheltenham, the cyber hub of the UK.

Our team deliver projects from autonomous underwater vehicle security to corporate business security transformation programs.

By applying advanced skills honed in defence primes to corporate strategies, we help protect all 3 lines of defence across multiple industry sectors, securing existing investments in cyber security whilst determining the root causes of risk profiles.

Cyber risk management is a discipline, one that continuously shifts based upon your evolving strategies and the threat landscape.

We work with our customers to identify and rectify vulnerabilities – protecting what they value most – across every facet.

Our Services Include:

First Line of Defence

Build, maintain and test the foundations of your cyber risk strategy.
It’s all about control.

Identify how your assets are vulnerable, outline any cyber risks within your acceptable tolerances and implement protection controls.

We work with your information security team to establish formal policies, procedures and processes – then rigorously test these to identify, treat and mitigate risk.

Second Line of Defence

It’s time to move beyond the walls of your information security team and systems, to look for aggregate risks at an enterprise level.

We secure your known unknowns by evaluating ‘business as usual’ activities.

Our 2nd line of defence services are designed to challenge the efficiency of a cyber security strategy, such as current control frameworks, how corporate KPIs are affected and reviewing the conformity of the 1st line of defence in order to mitigate cyber risks.

Third Line of Defence

We don’t know, what we don’t know.

So how do you mitigate the unknown cyber threats to your business?

We ensure your internal control framework is resilient enough to deal with any unexpected cyber risks that may arise in your business. This is a truly strategic approach that leaves no stone uncovered, with no eventuality unaccounted for – putting the 2nd line of defence under pressure to see how it holds up.

Our 3rd line of defence services all stem from auditing – working with you as external auditors or as an extension of your information security team – so we can evaluate the overall process of cyber risk governance for your entire organisation.

Company values

  • ACCOUNTABILITY Do the right thing, always
  • INTEGRITY Act with uncompromising honesty in everything we do
  • LONG-TERM VIEW Look beyond the present to deliver for the future
  • RELIABILITY Don’t make promises we cannot keep
  • RESPECT Value everyone, treat people with dignity and professionalism
  • RESPONSIBILITY Appreciate our social and physical environment
  • COLLABORATION Leverage collective genius


To learn more about Salus please click here