Monthly subscription
One review is a snapshot.
Oversight is how you stay on top of it.
Monthly cyber oversight for small businesses that want a continuing security presence, without hiring internally or committing to an enterprise-grade managed service.
What it is
Ongoing security oversight, not monitoring
Monthly Oversight is a structured, written service. Not 24/7 monitoring, not managed detection and response, not a technology product. It is expert-led attention to your security position on a regular basis, delivered asynchronously in plain English.
Each month, we review your current position, track progress against identified actions, flag anything relevant that has changed in the threat or technology landscape, and respond to your questions within the tier's query allowance. You receive a written monthly update you can read and act on. Not a dashboard you have to interpret.
Most clients begin with the Baseline Cyber Review before moving to oversight. The Review gives the oversight service a clear foundation: starting position, priorities, and agreed actions. If you have had an equivalent structured review from another provider in the last 12 months, direct enrolment may be possible; mention this in the Start Here form.
Two tiers
Essential and Guided Oversight
Choose the tier that matches the level of support your business needs. Both are monthly, both are cancellable with 30 days' notice, and both are delivered asynchronously.
Tier 1
Essential Oversight
£199 + VAT / mo
$249 USD / month
The core ongoing service. Structured monthly review, written update, and limited async guidance. Right for businesses that want regular security attention without a high-touch advisory relationship.
What's included each month:
- Monthly security oversight review
- Written monthly summary and update
- Action tracking against Baseline findings
- Up to 3 substantive async questions answered in writing
- Initial written response if you flag a possible security issue
- Annual summary report
Response times:
Standard async queries: within 2 working days. Flagged issues: best endeavours within 1 working day.
Enquire about EssentialTier 2
Guided Oversight
£349 + VAT / mo
$449 USD / month
Everything in Essential, with more advisory involvement. Right for businesses with more operational complexity, active supplier or client security requirements, or a need for deeper monthly engagement.
Everything in Essential, plus:
- More involved monthly review depth
- Up to 6 substantive async questions per month
- Policy review input (up to 2 documents per quarter)
- Supplier questionnaire support (up to 2 per quarter)
- Quarterly posture summary with trend analysis
- Priority response target
Response times:
Standard async queries: within 1 working day. Flagged issues: prioritised, best endeavours.
Enquire about GuidedMonthly billing. Cancel with 30 days' notice. No penalty, no lock-in. UK prices exclude VAT. US prices are inclusive of all charges. Annual billing may be introduced in future; not available at launch.
Which tier is right for you?
Essential vs Guided: at a glance
Essential may be right if you…
- Want structured oversight without frequent advisory input
- Have a relatively stable team and set of tools
- Rarely receive security questionnaires from clients or suppliers
- Have an IT provider who can implement recommendations
- Want a regular review cadence and written accountability
Guided may be right if you…
- Are growing, onboarding new staff, or changing key systems
- Receive security questionnaires from enterprise clients or suppliers
- Need policy documents reviewed or created
- Want more frequent and involved written guidance
- Have more complex supplier or data dependencies to manage
How it works
Low-friction by design
At the start of each month, you receive a short prompt to share any changes in your business: new tools, new staff, anything security-relevant that happened since last month. This takes most clients 5–10 minutes.
We review your update alongside the ongoing record of your security position and send you a written monthly summary: what we reviewed, any new observations, progress on open actions, and recommended next steps for the coming month.
You can submit async questions through the service at any time, up to your tier's monthly allowance. Questions are answered in writing within the response time for your tier.
Do I need to do the Baseline Review first?
In most cases, yes. The Baseline Review creates the foundation that the oversight service works from. Without it, we do not have a clear record of your starting position, your main risk areas, or your agreed priorities. Oversight without a baseline is largely working in the dark.
If you have had a comparable structured assessment from a credible provider in the last 12 months, we can review that in lieu of the Baseline Review. Mention it in the Start Here form and we will advise on whether it is sufficient.
If you want to start with oversight but have not had a prior review, we can factor a condensed baseline element into the first month of service, at the appropriate rate. Use the Start Here form to explain your situation and we will advise the right path.
What Monthly Oversight is not
- Not 24/7 monitoring: we do not monitor your systems in real time
- Not incident response: if you have an active breach, contact a specialist IR firm
- Not managed IT services: we do not administer your systems or implement changes
- Not a compliance certification: advisory oversight, not formal certification
- Not unlimited scope: each tier has defined query allowances and response time targets
Start with the Baseline Review
Most clients begin here. The Start Here form takes about 2 minutes. No commitment, no payment at this stage.
Start HereAlready interested in oversight directly? Select "Monthly Oversight" in the Start Here form and we'll be in touch within one business day.