Engineering trust through security
Welcome to the world's 3rd biggest economy
A shift in attitude is required to survive the new-age of cyber-crime attacks
As cyber-crime has exploded in size, becoming the third largest economy on the planet, there is a renewed focus on the efficacy of cyber security.
Every organisation in the world, no matter how big or small, is at significant risk from cyber attackers.
Given the scale and variety of attack, complexity is often a liability. Simple, well-understood, and elegantly implemented security measures are more effective and less prone to error than overly complex systems.
“Cybercrime is the number one problem for mankind, and Cyberattacks are a bigger threat to humanity than nuclear weapons”
Warren Buffet
$9.5 trillion
Cybercrime costs projected to reach $9.5 trillion annually by 2024
$24 billion
Ransomware damage costs predicted to hit $24 billion in 2024
4.5 billion
records were exposed in the top 10 data breaches alone in 2022
$4.35 million
Average cost of a data breach stands at $4.35 million in 2022
Get the basics right first
The six critical security domains that matter
"An ounce of prevention is worth a pound of cure."
Benjamin Franklin
The majority of data from cyber incidents indicates a consistent under-engineering in six critical security domains. These domains must be at the forefront during the assessment, design, implementation, and operation of all cyber security services. This integration should be deeply embedded in your people and IT processes, forming a 'trust by design' approach that consistently reinforces and enhances your cyber security posture.
2-Factor Authentication
No longer the domain of just web facing resources, extending the implementation of 2FA across all systems and for all access requests delivers significant improvement in systems.
End Points
The explosive growth of sophisticated, interconnected IP endpoints amplifies the pressing need for enhanced protective measures in this domain.
Privileged Access Management
Restricting privilege sprawl ensures that access to critical systems and data is restricted to authorised personnel, mitigating the risk of breaches and unauthorised activities.
Application Layer
The surge in cloud migration and complex API integrations underscores the urgent need for enhanced application layer protection.
Monitoring
The overwhelming volume of output from modern security monitoring has surpassed human manageability, creating an urgent need for a streamlined, IT-integrated approach that balances automation with human oversight.
Offline Back-up
In the face of the escalating threat of cybercrime, offline backup is an essential but often underutilised strategy, providing a crucial safety net for data recovery and restoration.
Speak to one of our experts
How we help our clients
Our team of experts has decades of experience providing Cyber Security assistance to both private and public companies
Board-Level Security Advisory
Bridging the gap between the technical intricacies of cyber security and the strategic decision-making processes at the highest organisational level.
Securing Digital Innovation & Architecture
Construct a secure foundation for digital projects from the ground up, integrating security best practices into their design, development, and deployment.
Secure Data Centre & Cloud Strategy
We believe cloud security must also navigate a legacy to cloud pathway to secure your most critical digital assets wherever they sit, and however they move.
Information Resilience & Protection
Critical information supply chain, a focus on core assets, and associated recovery models, can be the difference between inconvenience or failure.
Managed Security Services (MSS)
Monitoring requires precise end-to-end systems and processes. We focus on refining data inputs and establishing sophisticated correlation techniques.
Secure Strategy Consulting & Go-to-Market Plan
Merging cyber security expertise with business guidance to drive consolidation, optimisation, and service improvement with a cost/risk balance.
Organisation, People & Security Awareness
Our team of experts has decades of experience providing Cyber Security assistance to both private and public companies.
Secure Project & Programme Management
A security-first approach ensures that risk management, compliance, and cyber security best practices are integrated into project management throughout.
Security Audit Maturity Assessment
Identifies gaps and areas for improvement by providing a maturity score or level that reflects how resilient your security practices are.
Our Process
Building and maintaining your dam

1| Upstream Planning
Establishing robust firewalls, encryption methods, access controls, and incident response plans
2| Build & Maintain
Cyber security systems need continuous monitoring, updating, and refining to adapt to new threats
3| Protect Downstream
Good upstream planning protects not just your immediate assets but also your customers, partners & ecosystem
4| Emergency Plans
Proactive measures and an incident response team is akin to opening the floodgates and spillways
Secure By Design

Creating resilient defences is like building and maintaining a dam
If you don't build it securely from the ground up it will fail. If you don't maintain your wall, cracks will appear and eventually it will leak. If you don't monitor your wall vigilantly, you will fail to notice where it has become vulnerable.
This is why we combine a 'secure by design' approach with a process cycle that continually improves your security infrastructure.
Our Cyber Security practice is led by Tom Burton
Partner - Cyber Security
Tom Burton is a cyber professional with over 20 years of experience in business, IT, and security leadership roles. His expertise lies in simplifying complex security problems and enhancing cyber security and efficiency across various industries such as Defence, Aerospace, and Pharmaceuticals. His approach is based on applying engineering principles to deliver sustainable business change.
Tom's career highlights include serving as a Commissioned Officer in the British Army, where he was promoted to CIO. He later joined Detica (now BAE Systems Applied Intelligence) as the Strategic Advisor to the Ministry of Defence CIO, overseeing a multi-billion set of IT-enabled benefits-driven change programmes. He also held the position of Global Head of Managed Security Services, growing the business from sub-£1m to £15m+ orders.
In 2014, Tom moved to KPMG UK as Director for Cyber Security, responsible for selling and delivering business across various sectors. He co-founded Cyhesion in 2017, developing a SaaS platform to disrupt the Third-Party Risk Management market. Most recently, he founded Digility in 2022 to deliver security and digital transformation consultancy and interim management, serving as Interim CISO at a Tier 1 Outsourced Service Provider.
Our team can be your team
Our team of experts have multiple decades of experience across many different business environments and across various geographies.
We can build you a specialised team with the skillset and expertise required to meet the demands of your industry.
Our combination of expertise and an intelligent methodology is what realises tangible financial benefits for clients.
Our Cyber Security Experts
Gert Van Den Poel
A world-class expert in advising and designing Security Operations Centres for large enterprise, Gert is technical with good business sense.
Cyber Case Study
Major UK Academic Institution
A major UK academic institution sought out Cambridge MC to identify their cyber vulnerabilities, assess the overall maturity of its cyber security practices, and recommend strategic improvements. This meant not only highlighting technical deficiencies, but also providing a holistic evaluation of the institution’s security posture, considering the practical realities of defending against threats. This included an assessment of the institution’s risk readiness, infrastructure resilience and staff preparedness.
Cyber Security insights




Get in touch with our Consultants today
Case Studies
Our team has had the privilege of partnering with a diverse array of clients, from burgeoning startups to FTSE 100
companies. Each case study reflects our commitment to delivering tailored solutions that drive real business results.
CASE STUDIES
A little bit about Cambridge MC
Cambridge Management Consulting is a specialist consultancy drawing on an extensive global network of talent. We are your growth catalyst.
Our purpose is to help our clients make a better impact on the world.
ABOUT CAMBRIDGE MC