Aegis is a new Cyber Security Maturity (CSM) service that helps your organisation make the right decisions when it comes to protecting your data.
Aegis provides organisations with a concise and contextual way of reporting cyber security to the board and other stakeholders

Aegis is a new Cyber Security Maturity (CSM) service that helps organisations continuously assess internal security tools and processes as well as behaviours, events and evolving threats. This intelligence enables organisations to completely transform the quality and value of short, medium and long-term planning and decision making.

CSM programmes provide organisations with a clearly-defined dashboard of business metrics to highlight cyber risk and benchmark cyber technology, resources and investment. This form of analysis and reporting leads to better, more informed conversations about cyber with every stakeholder in the business, especially at board-level.

The benefits of CSM benchmarking are:

  • Demonstrate the ROI of cyber security spend
  • Prioritise future cyber security spend for greatest risk reduction
  • Highlight the key areas of cyber security risk that require immediate action
  • Identify the greatest internal and external threats to an organisation
  • Reduce overall cyber security spend over a three-year period


Organisations that invest in CSM can all confidently answer the following questions:

Compliance and Accreditation

Are we meeting all mandatory regimes and standards?

Technical Compliance

Where are the vulnerabilities and insufficient controls in our infrastructure and what are we doing about them?

Transformation and Maturity

What’s our current status across all projects?

Events, Alerts and Threats

How good is our internal and external threat intelligence?

Governance and Policy

How robust is our policy compliance? Where are the exceptions, and who owns what?

Aegis diagram

Using an agreed benchmarking process allows CISOs, IT security managers and CIOs to create a contextual action plan, track and share improvements and concisely report on the value and impact of every investment.


Aegis is a benchmarking tool that our consultants use to measure and score your current Cyber Security Maturity against 5 key domains and 73 sub-domains.

From this information we formulate a contextual, prioritised plan for your organisation to reach its cyber security objectives. Aegis’ CSM scale draws measurements from standards such as:

  • ISO 27001
  • Cyber Essentials Plus
  • (SANS/CIS/CPNI) Top 20 Critical Controls Set
  • Sarbanes Oxley
  • NCSC HMG IA Maturity Model and Risk Management Principles

For the duration of the contract, you will have access to a dedicated portal which will allow clients to:

  • Review domain and sub-domain weightings
  • Revise answers to questions
  • Export data for specific regimes
  • Create benchmarks for ongoing comparison
  • Assess weightings and questions
  • Create third party benchmarks to evaluate the supply chain


Initial benchmarking workshops

The initial benchmarking workshops include four on-site meetings involving all client stakeholders, our security expert and any relevant experts from the clients side. The purpose of these workshops is to assess the client’s current Cyber Security Maturity using the Aegis benchmarking tool.

An initial cyber security (Aegis) score will be given across 5 domains and 73 sub-domains. This will be compared to industry and best practice standards and a prioritized improvement plan will be formulated.

Quarterly Benchmarking Workshops

Each quarter we will have another workshop with all stakeholders and experts which will last at least 3 hours. A new CSM score will be provided across the 5 domains and 73 sub-domains. This will benchmark your progress and another prioritized action plan will be formulated.


Contact us today to Learn more about AEGIS