Capabilities

Four practices. They share a single underlying belief: the right answer in technology is almost never the new thing. It is the well-run version of what you already have, with the right things added at the right time.

Cyber security and zero trust

We work on the parts of cyber that survive a CIO conversation, not the parts that sell well at conferences.

  • Identity and access at scale, including zero trust for systems as well as users
  • Segmentation and network ingress and egress design
  • Third party and supply chain risk
  • Cyber Essentials Plus and ISO 27001 readiness
  • Security debt remediation in legacy and acquired estates

We are Cyber Essentials Plus certified ourselves. We do not give security advice we have not lived with.

AI and software delivery

We use AI coding agents and modern delivery tooling on our own work every day. We help clients do the same without losing what makes their engineering culture work.

  • Engineering productivity assessments and target operating models
  • AI tooling rollout: Codex, Claude Code, Copilot and the build vs buy questions
  • Platform engineering and developer experience
  • Release and change management modernisation
  • Quality, observability and incident maturity

Energy optimisation

From the LDS Test Bed we run real experiments on energy use. We then take that into estates with meaningful energy bills and decarbonisation pressure.

  • Energy baselining and cost attribution across digital infrastructure
  • Optimisation of compute, storage and network workloads
  • On-site generation, storage and grid interaction strategy
  • Building services integration and demand response
  • Reporting that satisfies ESG and procurement without inventing numbers

Risk and governance

The thread across all three. The work that keeps the board calm and the auditor satisfied without slowing the business down.

  • Board level risk reporting and the Digital Trustee model
  • Programme assurance for technology change
  • Vendor and product risk
  • Regulatory readiness, DORA, NIS2 and sector specific frameworks
  • Incident response and crisis governance

How an engagement starts

Most engagements start with a short assessment. Two to four weeks, fixed price, with a written set of findings and a recommended path. From there we either help you deliver or we hand you to the right person and move on. Either is fine with us.

Start a conversation