How long does a security audit take?

The on-site assessment takes one day. You receive the written report within five working days. We then schedule a 30-minute call to walk through the findings and answer questions.

Our IT company already does security checks. Why do we need an independent audit?

When your IT provider assesses their own work, there is an inherent conflict of interest — even if they are excellent. An independent assessment gives you a genuinely objective view and a report suitable for insurers, regulators, and client due diligence. Most businesses use both: their IT provider for day-to-day maintenance, and us for an independent annual audit.

We’re a small company. Are we really a target?

Yes. Ransomware campaigns are automated — they scan the entire internet for vulnerable systems without checking company size first. SMBs are frequently targeted because they are perceived as having weaker defences. According to the UK Government’s Cyber Security Breaches Survey 2025, half of UK businesses experienced a cyber incident in the past year.

Serving York, East Riding & North Yorkshire

Independent Network Security Audits for Yorkshire Businesses

Q: What does the Wolds Cyber Audit cost?

£750 fixed price for businesses with 10–50 employees. No day rates, no scope creep, no surprises. If we find fewer than three actionable security issues, you pay nothing.

Q: Do you hold CREST certification?

Not yet. CREST certification is on the roadmap. For most SMB engagements — particularly those driven by GDPR compliance, cyber insurance, or basic regulatory requirements — CREST certification is not a requirement. Where a client specifically needs CREST-certified output, we will be upfront about that and recommend an appropriate provider.

Fixed price. Plain English. Money-back guarantee. Know exactly where your business stands — without paying enterprise rates or asking your IT provider to mark their own homework.

Book a Free 15-Minute Call See What's Included

£750 fixed price

Money-back guarantee

Report within 5 working days

Fully independent

Most SMBs are exposed. Most don't know it.

Half of UK businesses experienced a cyber incident last year. The two most common responses: doing nothing, or asking the same IT provider who set up the network to check whether it is secure.

50%

of UK businesses breached in 2024

Half of UK businesses and a third of charities reported a cyber security breach or attack in the past twelve months, according to the DSIT Cyber Security Breaches Survey 2025.

£15k+

average SMB recovery cost

A successful ransomware incident costs the average small business £15,000–£50,000 in lost time, recovery work, and reputational damage. Many do not fully recover.

1 in 3

affected businesses take no action

Of the businesses that identify a breach, around a third make no changes to their security practices afterwards. Familiarity normalises risk.

The conflict of interest nobody talks about

Most SMBs already have a managed IT provider. Many of those providers now offer security reviews as part of their service. The problem is structural: when your IT provider assesses their own work, they are evaluating whether the network they designed, configured, and maintain is secure. Even the most diligent engineer faces an unconscious tension between finding problems and implicating themselves. An independent assessment removes that tension entirely.

Sources: DSIT Cyber Security Breaches Survey 2025; Hiscox Cyber Readiness Report 2024.

The Wolds Cyber Audit

A structured, specialist network security assessment. One fixed price. One plain-English report. One consultant throughout — the person doing the work, not an account manager.

What the audit covers

External network exposure — what attackers can see from the internet
Internal network configuration — segregation, access controls, open services
Firewall and router configuration review
Wireless network security assessment
User access and privilege review
Patch status and known vulnerability exposure
Written report with plain-English findings and remediation actions
30-minute follow-up call to walk through findings
30 days of post-report email support

Pricing

The Wolds Cyber Audit

£750

10–50 employees. Single site.

The Wolds Cyber Audit Plus

£1,250

50–100 employees or multiple sites.

Lockdown Retainer

£2,500/year

Quarterly re-assessments with ongoing support.

Money-back guarantee. If we complete the audit and find fewer than three actionable security issues, you pay nothing. No questions, no admin, no awkwardness.

How it works

From first conversation to final report in under two weeks.

Scope

A free 15-minute call to understand your setup, confirm the work is suitable, and agree on scope and timing. No commitment required.

Test

On-site assessment, typically one day. We work around your team and cause no disruption to normal operations. All work is agreed in advance.

Report

Written findings delivered within five working days. Plain English throughout — an executive summary you can read in ten minutes, and technical detail for whoever needs it.

Support

A follow-up call to walk through the findings and answer questions. Thirty days of email support as you work through the recommendations.

Built for businesses with something to protect

Sectors where data loss, downtime, or a regulatory breach would cause real harm. We understand the compliance context for each.

⚖️

Solicitors & Legal

SRA cyber security guidance, client money accounts, GDPR

🧾

Accountants

HMRC data handling obligations, client financial records

🏥

Healthcare & Dental

CQC Data Security and Protection Toolkit, patient records

🚚

Logistics

Ransomware exposure, operational continuity, supply chain

👥

Recruitment

Candidate personal data, right-to-work records, GDPR

🏠

Estate Agents

Anti-money laundering, property transaction data, GDPR

Charles Cassam

Founder, Wolds Cyber Ltd — Pocklington, East Yorkshire

I spent over a decade in automotive management, running a busy bodyshop and workshop. That background taught me how operational failures actually propagate — how a single point of weakness cascades into downtime, data loss, and reputational damage. It also taught me how to communicate technical findings to people who need to act on them, not just read them.

I switched to network engineering and cybersecurity because the skills transfer directly, and because I found the work genuinely interesting. I run an enterprise-grade home network — Proxmox cluster, full UniFi stack, VLAN segmentation, network-attached storage — not because I have to, but because understanding how things break is how you understand how to secure them.

I am studying Network Engineering with the Open University, with the CCNA module completing in the second half of 2026. CompTIA Security+ is next. I will not claim credentials I do not hold, and I will tell you if a job needs someone more qualified. What I can offer is an independent, specialist assessment at a price that makes sense for your business, from someone who lives and works in this part of Yorkshire.

OU Network Engineering CCNA (H2 2026) Homelab: Proxmox + UniFi Security+ in progress York & East Riding based

Common questions

Straight answers.

What does the Wolds Cyber Audit cost, and what does the money-back guarantee actually mean?

£750 fixed price for businesses with 10–50 employees. There are no day rates, no variations for scope, and no surprises. The money-back guarantee is exactly what it sounds like: if we complete the full audit and find fewer than three actionable security issues, you pay nothing. The trigger is actionable findings — real problems with real remediation steps — not the severity of what we find.

Our IT company already does security reviews. Why would we need an independent audit?

The distinction is independence. When your IT provider assesses the network they built and maintain, there is a structural tension — even for diligent, well-intentioned engineers. An independent assessment removes that tension. It also produces a report you actually own, suitable for sharing with your insurer, a regulator, or a large client doing due diligence on you. Most MSP security reports are not suitable for those purposes. Most of our clients continue to use their IT provider for day-to-day maintenance and use us for the independent annual audit. The two are complementary.

We're a small business. Are we actually a target?

Yes, and more frequently than larger businesses relative to their number. Ransomware and credential-harvesting campaigns are automated — they scan the entire internet looking for systems with known vulnerabilities. They do not check company size first. SMBs are specifically attractive because they are perceived as having weaker defences and fewer resources to respond. According to DSIT's Cyber Security Breaches Survey 2025, half of UK businesses experienced a breach or attack in the past year.

How long does the assessment take, and will it disrupt our working day?

The on-site assessment takes one working day. We discuss timing during scoping and work around your team's schedule. The assessment itself involves network scanning and configuration review — it does not require taking systems offline or interrupting normal work. The written report is delivered within five working days of the assessment.

Do you hold CREST certification?

Not yet. CREST certification is on the roadmap and I am working towards it. For most SMB engagements — those driven by GDPR compliance, cyber insurance requirements, or basic regulatory due diligence — CREST certification is not a mandatory requirement. Where a client specifically needs CREST-certified output (some larger contract requirements or certain financial sector engagements), I will be direct about that and, where appropriate, refer to a suitable provider. The goal is always to give you an honest assessment of what you need, not to oversell what I offer.

Get in touch

The first step is a free 15-minute call — no commitment, no sales pitch. We confirm the work is suitable for your situation, discuss timing, and answer any questions you have.

hello@woldscyber.co.uk

Phone

Available on request

Based in

Pocklington, East Yorkshire

Service area

York East Riding of Yorkshire North Yorkshire Hull Beverley Bridlington Driffield Scarborough Harrogate

Book a free 15-minute call

Tell me a little about your business and what you're looking for. If the Wolds Cyber Audit is the right fit, we'll agree on next steps. If it isn't, I'll say so.

Send an Enquiry

Response within one working day. No automated emails, no sales sequence — just a reply.