Our Services
Security capabilities designed for modern businesses.
Fixed-price engagements, plain-English reports, and no pressure. Start with a Health Check or go straight to strengthening your defences.
1. Cybersecurity Health Check
Your business, secured — without the guesswork.
Our flagship entry service shows you where you stand and what to fix first. We assess your systems, identify risks, and provide a clear, step-by-step plan — no jargon, no pressure.
What's included
- Review of firewall, remote access, and Wi-Fi security
- Microsoft 365 security baseline (Multi-Factor Authentication, email, identity)
- Backup and disaster recovery check
- Endpoint protection and patching review
- Cloud service risk scan (e.g. Dropbox, Google Drive)
- Simple, plain-English report with top 5 fixes
Ideal for: Businesses who want to understand their risks and take control of their cybersecurity — without hiring a full-time expert.
Typical engagement: 1–2 days, fixed price, remote or on-site.
2. Firewall & Network Hardening
Fast, secure, and structured — the way your network should be.
We design and implement secure, scalable networks that protect your business from internal and external threats — and make your systems run smoother.
What we do
- Replace outdated routers with business-grade firewalls (e.g. OPNsense, Cisco)
- Separate your network into zones (staff, guest, IoT, cameras)
- Lock down remote access (VPN, verify-every-access approach, MFA)
- Strengthen Wi-Fi and improve performance
- Monitor for unusual activity
Why it matters: Most small business networks are flat, exposed, and slow. We fix that — fast.
Typical engagement: 2–5 days, fixed price or scoped project.
3. Microsoft 365 Security Hardening
You're already paying for Microsoft 365 — let's make it secure.
Microsoft 365 is powerful, but most businesses only use a fraction of its security features. We help you unlock its full potential to protect your people, data, and reputation.
What we secure
- Multi-Factor Authentication (MFA) — an extra sign-in step so only the right people get in
- Conditional Access — rules that control who can sign in from where and which devices
- Email phishing and malware protection
- Data Loss Prevention (DLP) — controls to stop sensitive data leaving your organisation
- Identity and access controls
- Admin account lockdown
Why it matters: Microsoft 365 is the #1 target for cybercriminals. We make sure it's not your weakest link.
Typical engagement: 1–3 days, fixed price, remote delivery.
4. Vulnerability Scanning and Patching
Find and fix security gaps before attackers do.
We find weaknesses in your systems, applications, and network before attackers do. We prioritise by risk, coordinate updates with your team, and help you stay ahead of known threats.
What we do
- Internal and external vulnerability scans
- Reports that rank issues (critical, high, medium) so you know what to fix first
- Update guidance and coordination
- Integration with CISA's list of known exploited vulnerabilities (KEV) and threat intelligence
- Re-scan to verify fixes
- Monthly or quarterly scan cycles
Ideal for: Businesses that want ongoing visibility into their exposure and a clear process for staying updated.
Typical engagement: Ongoing — monthly or quarterly scans, with optional patching support.
5. Security Education and Training
Build a human firewall — your people are your first line of defense.
Most breaches start with a click. Security awareness training and phishing simulations help your team recognize and avoid threats, reducing risk and building a culture of security.
What we offer
- Security awareness workshops (in-person or remote)
- Phishing simulation campaigns with reporting
- Tailored training on passwords, email, and social engineering
- Best-practice guides and quick-reference materials
- Ongoing training cycles (e.g. quarterly)
- Metrics and improvement tracking
Ideal for: Any business that wants to reduce human error and meet compliance or insurance requirements for security training.
Typical engagement: Customizable — one-off workshops or ongoing programs (e.g. quarterly).
6. Cybersecurity Managed Service
Your virtual security team — ongoing monitoring and support.
We act as your extended security function: monitoring, managing, and responding so you can focus on running your business. Ideal for teams that don't need a full-time security lead in-house but want continuous security coverage.
What's included
- Ongoing security monitoring — we review and prioritise alerts so you see what matters
- Vulnerability scanning and fix prioritisation
- Policy and configuration reviews
- Dedicated point of contact and regular check-ins
- Support when things go wrong — we help you respond and recover
- Quarterly security reports and roadmap updates
Ideal for: Small and mid-size businesses that want consistent security oversight without hiring in-house.
Typical engagement: Monthly retainer — scope and hours tailored to your environment.
7. Incident Response Planning
Be ready before an incident happens.
When a breach or outage happens, speed and clarity matter. We help you create clear runbooks (who does what, and when), run practice scenarios (tabletop exercises), and define roles so your team knows exactly what to do — and who to call.
What we deliver
- Response playbook (roles, contacts, steps)
- Tabletop exercise — a practice run of a real incident
- Communication templates (internal, customer, regulator)
- Integration with your backup and recovery procedures
- Optional: retainer for live support when an incident occurs
Ideal for: Any business that wants to reduce downtime and confusion during a security or IT incident.
Typical engagement: 1–2 days for playbook and tabletop; optional retainer for ongoing support.
8. Endpoint Hardening
Secure every device — laptops, desktops, and mobile.
We secure your laptops, desktops, and phones (endpoint hardening) so lost or stolen devices don't become a breach. Encryption, access controls, and device protection — tailored to your environment.
What we do
- Device encryption (BitLocker, FileVault, or equivalent)
- Endpoint detection and response (EDR) or antivirus — advanced threat detection on devices
- Update management and patch policies
- Screen lock, password, and Multi-Factor Authentication (MFA) policies
- Mobile device management (MDM) — managing and securing phones and tablets
- Removable media and USB controls
Ideal for: Businesses with laptops, desktops, or mobile devices that handle sensitive data or need to meet compliance requirements.
Typical engagement: 2–3 days for policy and baseline; optional per-device or fleet rollout.
9. Backup and Recovery
Protect your data — and know you can get it back.
Ransomware and hardware failures can wipe out critical data. We design backup strategies, verify recovery procedures, and run tests so you can restore quickly with minimal data loss.
What we deliver
- Backup strategy review (what to back up, how often, where)
- Configuration of local and/or cloud backup
- Recovery time and point objectives (RTO/RPO) — how quickly you need to be back up and how much data you can afford to lose
- Documented recovery procedures
- Recovery test — restore from backup to confirm it works
- Integration with incident response and DR planning
Ideal for: Any business that relies on data and cannot afford prolonged downtime or permanent data loss.
Typical engagement: 2–3 days for strategy, setup, and recovery test; optional ongoing verification.
10. NexCyber Vulnerability Platform
Self-hosted vulnerability testing — your portal, your agents, your scans.
Run vulnerability scans on your own systems. You install lightweight agents on the hosts you want to test; each customer has their own portal to manage agents and run scans. Results stay in your environment, with step-by-step fix guidance.
What's included
- Dedicated customer portal per organisation
- Manual agent installation on your servers or devices
- Industry-standard scan tools (nmap, nuclei, and others)
- Step-by-step fix recommendations
- Free tier: run scans on 2 agents at no cost
- Additional agents chargeable (pricing TBD)
Ideal for: Teams that want self-service vulnerability testing with full control over what gets scanned and where.
Pricing: 2 agents free; more agents chargeable. Pricing model in development. Contact us to request access or be notified when the portal is live.
Optional Add-ons
Available on request
We don't advertise these upfront, but once trust is built, we can also support:
- Cyber Essentials preparation
- Backup & disaster recovery implementation
- Device security (endpoint) & monitoring
- Policy writing & supplier assurance
- Ongoing security advisory retainers
Ask us during a Health Check or when you get in touch.
Frequently Asked Questions
What's included in a Cybersecurity Health Check?
Our Health Check includes a review of your firewall, remote access, and Wi-Fi security; Microsoft 365 security baseline (Multi-Factor Authentication, email, identity); backup and disaster recovery check; device protection and update review; cloud service risk scan; and a simple, plain-English report with your top 5 fixes.
How long does a typical engagement take?
Health Checks take 1–2 days; Firewall & Network Hardening 2–5 days; Microsoft 365 Security 1–3 days. Vulnerability scanning, training, and incident response planning are often 1–2 days or ongoing. Endpoint hardening and backup and recovery are typically 2–3 days. Managed service is a monthly retainer. Most work can be done remotely.
Do you work with small businesses?
Yes! We specialize in helping small and mid-size businesses who don't have a full-time security expert. Our services are designed to be accessible and practical for businesses of all sizes.
Can you work remotely?
Most of our services can be delivered remotely. Health Checks and Microsoft 365 Security Hardening are typically done remotely. Firewall & Network Hardening can be done remotely or on-site, depending on your needs.
What happens after a Health Check?
You'll receive a clear, prioritized report with your top 5 security fixes. From there, you can choose to implement fixes yourself, or we can help with Firewall Hardening, M365 Security, or other add-on services.
Do you offer ongoing support?
Yes. Our Cybersecurity Managed Service is a monthly retainer that includes monitoring, vulnerability management, and incident support. We also offer ongoing vulnerability scanning, security training cycles, and optional add-ons like advisory retainers — all can be tailored after an initial engagement.
What is the NexCyber Vulnerability Platform?
It's our vulnerability testing platform that runs on your own systems. You install agents and run scans (nmap, nuclei, and others) from your own customer portal. Each customer has a dedicated portal. Step-by-step fix guidance is included. You can run scans on 2 agents for free; additional agents are chargeable (pricing TBD). Platform overview.
Where do I sign in to the customer portal?
The customer portal is where you manage agents and run scans. The portal login will be available from the Customer Portal page once it's live. Contact us if you'd like early access or to be notified at launch.