We advise chief information officers, information security officers, boards of directors, and IT and risk management departments.

Our work is grounded in a wealth of experience in security and compliance for companies and governments at the highest levels. We tailor our approach to each project in close consultation with our clients and avoid a one-size-fits-all solution.


Our team have a diverse set of skills from varied industries. From former Chief Information Security Officers of multinationals to former system administrators and governance specialists, we ensure that each project has the right team with relevant and in-depth industry expertise.


Our reporting is accessible to employees at all levels of organisations. We clearly explain security issues by utilising language that is appropriate for the intended audience. We avoid jargon and contextualise security issues by benchmarking against industry peers.


We leverage our global network and adapt our responses in line with clients’ needs. Wherever possible, we work with clients’ existing security infrastructure and avoid re-inventing the wheel to provide practical advice that assists our clients in improving their security as quickly and efficiently as possible.


Together with market-leading partners, we provide easy-to-use platforms that simplify and consolidate security processes.

S-RM’s unique approach combines specialist technical testing services with the investigative capabilities of our Business Intelligence function.

On completion of testing, our clients receive easy to read reports enabling management and technical teams to understand security issues and how to fix them.

Our security testers hold industry best practice accreditations including Offensive Security and CREST credentials.

Services include:
  • Phishing assessments
  • Penetration testing
  • Red team assessment

We provide practical recommendations and roadmaps to reduce our clients’ cyber risks and align them with leading governance standards.

We work closely with our clients to drive their remediation programmes and implement the controls required for an effective security programme.

  • Security: We provide cyber security risk assessment and mitigation services.
  • Regulations and Standards: Our assessment services cover security and data privacy regulations and standards.

We combine specialist cyber incident response and crisis management experience with forensic expertise to ensure effective management of cyber incidents for our clients.

We offer three service model options:

  • Retainer: Immediate access to advice and support 24/7, 365 days a year.
  • Preparation: Implementing measures to ensure that when problems do occur, they are contained and resolved as quickly as possible.
  • Emergency/On Demand: Where no retainer is in place our consultants can be deployed at short notice.