Interconnekt
RRisk pillar of ARC
Security FoundationsCyber Security

Cyber Security

The SMB threat profile has changed. Attacks are automated, credentials are cheap, and the tooling a mid-market firm can actually operate - tools that don't need a SOC team behind them - is finally mature enough to deploy well.

Book a discovery callSee pricing
Next step

Ready to scope Cyber Security for your business?

Book a discovery callSee pricing
What’s included

Scope that’s actually defined.

Every inclusion below is documented, delivered, and renewable under our standard agreement. No surprise scope. No silent exclusions.

Managed MDR

24/7 endpoint detection and response through vetted partner platforms - with response actions, not just alerts.

Email security

Phishing, BEC, and spoofing protection on top of Microsoft 365 - sandboxed attachments, link rewriting, and impersonation detection.

Security awareness training

Quarterly training content + simulated phishing campaigns. Reports you can show your insurer.

Dark web monitoring

Credential exposure monitoring for your domains, plus a workflow that forces resets when exposed credentials turn up.

Incident response

Retainer-style access to our IR playbook. When something happens, you have a process and a number, not a panic.

Backup - immutable

Air-gapped, immutable backups for endpoints and 365. Tested restores. Ransomware-resilient by design.

What’s not included

The boundaries, stated up front.

Knowing where a service stops matters as much as knowing what it covers. Here’s what sits outside this engagement - so there are no awkward surprises later.

A guarantee you'll never be breached

No one can promise zero incidents. We reduce the likelihood and the blast radius and give you a tested response - not an impossible 'you're untouchable' claim.

Cyber-insurance underwriting

We help you meet insurer control requirements and complete the questionnaire honestly, but we don't sell, underwrite, or broker the policy itself.

Forensic attribution and legal response

Our incident-response retainer covers containment and recovery. Deep forensic attribution and regulatory or legal notification are specialist engagements we coordinate, not perform in-house.

How we deliver

A sequence you can hold us to.

Every engagement runs the same four steps. You always know which one we’re in and what comes next.

  1. 01

    Scope

    We map your current state and agree exactly what's in and out, in writing, before any work or invoice. No surprise scope, no silent exclusions.

  2. 02

    Plan

    A documented plan with milestones, owners, and success criteria you can hold us to - so you know what good looks like before we start.

  3. 03

    Implement

    We do the work with change control and your sign-off at each gate. You see progress against the plan, not a black box.

  4. 04

    Operate

    Ongoing management, published performance, and a quarterly review that keeps the work honest and the roadmap current.

Frequently asked

The questions we get most.

Isn't Microsoft Defender enough?
Defender is genuinely capable now, and we use it as the base layer. The gap it doesn't close is the operational one: who's watching it at 2am, who triages the alerts, who executes the response. That's what our managed MDR wrap provides.
Do we need cyber insurance?
Yes, and most insurers now require evidence of the controls in this service offering. We help you complete the control questionnaires and provide the evidence artefacts - we've done this for our customers across several insurers.
What happens if we actually get breached?
You call our incident response line. We isolate, investigate, and recover - with a documented playbook, not an ad-hoc scramble. We've written the runbook because we've used it.
Tools we use

What we run for cyber security

The platforms we standardise on for this service. Picked for fit, not for kickbacks.

Security

Huntress

Managed detection and response built for SMBs. 24/7 human analysts, no SIEM to run, incidents remediated in hours.

View partner
Email security

Avanan

Cloud email security for Microsoft 365 - phishing, business email compromise, and account takeover protection.

View partner
Password management

Keeper

Enterprise password manager and secrets vault. Zero-knowledge encryption, granular sharing, SSO integration, BreachWatch dark-web monitoring.

View partner
Related reading

Go deeper on cyber security

Compliance · 9 min read

Asked for CIS Controls and the Essential Eight? Here's how they actually map.

Auditors and insurers increasingly want both CIS Controls v8 and the Essential Eight. They overlap, but they aren't the same shape. Here's the control-by-control mapping we use - and the four CIS controls the Essential Eight quietly leaves you exposed on.

Read articleSecurity · 9 min read

The SMB buyer's guide to Managed Detection and Response

Every MDR vendor's site says the same things. Here's how to actually tell them apart: the difference between an alert and a response, who's watching at 2am, and the questions that separate real 24/7 detection from a dashboard you'll never open.

Read article
Related services

Usually bundled with cyber security

Incident Response

A plan and a number before you need them, and a team that answers when you do. Retainer-backed incident response for SMBs - containment, recovery, and the regulator-facing steps - run to a playbook, not a panic.

Learn more

Compliance

Roadmap, remediation, and ongoing attestation against the CIS Critical Security Controls and the Australian Essential Eight. Frameworks that actually get implemented, not just referenced.

Learn more

Security Assessments

Vulnerability scans, Microsoft 365 audits, security posture reviews, and dark web exposure checks. Know where you stand before an attacker does - with a remediation plan you can actually act on.

Learn more

Managed IT

Responsive helpdesk, endpoint management, licensing, backup, and vendor coordination. One number when anything breaks - with a co-managed option for teams that have in-house IT.

Learn more
Ready when you are

Leave the MSP that doesn’t pick up.

Tell us what your current setup looks like. We’ll send back a quote, a transition plan, and a firm date you’d be onboarded - within 48 hours.

Response
Within 48 hours
Format
Written quote
Discovery call
Not required
Contracts
No lock-in terms

We’ll respond within 48 business hours. No spam, ever.