Skip to content
PYR-00

Virtual CISO Retainer.

Security programme ownership from a senior practitioner. No recruitment lag, no full-time cost.

Book a security review
PYR-01

What is included

A senior practitioner takes ownership of your security programme end-to-end. Every deliverable is board-grade, practitioner-verified, and backed by £5M professional indemnity cover.

REPORT

Board-ready risk reporting

Monthly or quarterly reports in board language — findings ranked by business risk, not CVSS score.

REGISTER

Managed risk register

Live risk register with assigned owners, target dates, and tracking against your selected framework.

POLICY

Policy framework maintenance

All policies kept current to the latest standards. Version-controlled, reviewed annually, with evidence of review.

CERTIFICATION

Certification sponsorship

End-to-end support for ISO 27001, SOC 2, or Cyber Essentials certification — gap assessment through audit day.

INCIDENT

Incident response oversight

IR plan maintenance, tabletop exercise facilitation, and direct practitioner support during active incidents.

EVIDENCE

Audit-ready evidence packs

Organised evidence packages per framework, maintained monthly, ready for auditor request within 48 hours.

PYR-02

Retainer tiers

Three levels depending on the depth of programme ownership you need. All include practitioner access and £5M PI cover.

Oversight

£497
per month

Quarterly security review, risk register maintenance, and board reporting. For organisations with existing security capability who need independent practitioner oversight.

  • Quarterly board-ready risk report
  • Risk register maintenance and review
  • Policy framework review and updates
  • 24-hour incident call-out
  • Direct access to named consultant
  • No minimum lock-in period

Management

£997
per month

Monthly engagement with full security programme management. Framework certification sponsorship and audit prep included.

  • Monthly board-ready risk report
  • Managed risk register with action owners
  • Framework certification sponsorship (ISO 27001, SOC 2, Cyber Essentials)
  • Regulatory audit support and evidence packs
  • Policy framework maintained to current standards
  • Monthly practitioner check-in
  • CloudAuditX multi-cloud scanning included

Command

£1,997
per month

Full ownership of your security programme. Dedicated practitioner, weekly engagement, and complete incident response and security operations oversight.

  • Weekly board-ready risk report
  • Full security programme ownership
  • Incident response oversight and plan management
  • Security operations monitoring and improvement
  • Vendor security assessment management
  • Penetration test management and remediation tracking
  • Dedicated practitioner with direct line
  • CloudAuditX multi-cloud scanning included
PYR-03

Who this serves

Regulated UK SMEs with 20–200 employees who need practitioner-grade security leadership without a full-time hire. Our clients are primarily UK-regulated with operations in the UK and EU, supported by DORA compliance requirements.

Economics In-house CISO ~£110k+/yr · Pyralink vCISO from ~£6k/yr
Best for 20–200 employees, regulated SMEs
Sectors Financial Services, Healthcare, SaaS, Legal, Education
Certifications CISM · CISA · CEH · CC · MSc Data Science
Coverage £5M professional indemnity
Standards 6 frameworks mapped
Company No. 14512137ICO Reg. ZB516923£5,000,000 Professional Indemnity2022
PYR-CTA

Need a vCISO for your organisation?

Book a free 30-minute security review. We will assess whether a retainer model fits your current stage and give you one specific recommendation.

Book a security review