Bulletproof’s range of cyber security, data protection and compliance services are your best defence against threats to your business. With nearly a decade of providing trusted security services, we’re continuing our mission of solving the greatest cyber security & compliance challenges through innovation and simplicity. Explore our range of services and find out how Bulletproof can help your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you.
Discover CREST penetration testing & continuous security
Internal & external infrastructure, network & system testing
Manage multiple tests & get external security assurance
Thoroughly assess your web apps & APIs for security flaws
Test your response to a simulated real-world cyber attack
All cloud platforms & services tested, including Azure & AWS
Test your human cyber defences with social engineering
Android, iOS & custom mobile application security testing
Find out more about penetration testing – what it is, when you need it, and why it’s a core component of any business. Discover how pen test helps with compliance, powers best practices, and helps your organisation win new business.
Gap analysis, implementation, audits & more from GDPR experts
On-going support to easily manage your data protection obligations
Consultant-led support to meet all levels of DSPT submission
Flexible & engaging data protection training from certified experts
Get peace of mind that your data protection is being managed by trusted, certified consultants. All Bulletproof data protection services are delivered by our highly trained, experienced and qualified staff.
Gap analysis, implementation, audits & more from dedicated ISO consultants
Find the next step in your strategy with this consultant-led assessment
Get quick & easy CE certification with a range of feature-packed packages
Flexible access to top-tier information security strategy & management
Experienced SOC 2 consultants, AICA audits & compliance automation platform
On-site, remote and video-based security training to boost your resilience
Affordable expertise & support to help you meet & maintain PCI DSS compliance
Go beyond compliance with information security services that are designed to give real operational benefits to your business. All delivered by seasoned, certified Bulletproof security consultants.
24/7 defence against cyber attacks with proactive threat detection
Get help responding & recovering from cyber incidents
Detect, analyse and stop cyber attacks with real-time prevention
Forensic support & data recovery following cyber attacks
Stay on top of new vulnerabilities with powerful, flexible scanning
Evaluate your wireless network for security weaknesses
Discover how your business can identify & manage cyber threats
Comply with regulations, meet certification standards & best practices
Train and test your staff for security resilience, data protection & compliance
No matter what your cyber or compliance challenges, Bulletproof is here to help. We like to work with you as a trusted partner to solve problems, not sell services. No pressure tactics and no false promises.
Learn about our mission to make cyber & compliance accessible to all
Grow your business with high-margin, high-value & partner-ready services
Become part of the Bulletproof team & supercharge your career
Bulletproof’s in-house SOC powers our Managed SIEM & MDR services
We love to talk. Tell us about your cyber & compliance challenges
At Bulletproof we love to solve problems with simplicity & innovation. It’s our mission to make compliance & cyber security services accessible to all. We take pride in building and nurturing teams of exceptional talent, so we’re confident that our cyber security & compliance services are the best way to stay one step ahead of the hackers and protect your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you, no matter what you have to say.
Get the latest news, views & expert insight in the world of cyber security, data protection & compliance
How-to guides, top tips and other handy resources for getting the most out of your security & compliance
Discover what we have to say about the threat landscape & what businesses need to know to get ahead
Find out how we can make companies like yours Bulletproof. Don’t take our word for it, hear direct from our clients
Detailed insights & helpful tips for understanding penetration testing, data protection & more
Interesting data & top tips at a glance, with insightful infographics covering all areas of cyber security & compliance
Watch our experts talk through their thoughts & opinions on a variety of security & compliance topics
See when & where we’re going to be bringing Bulletproof insight to an event near you
A helpful index of cyber security terms, compliance acronyms and industry terminology to make life easy
Ayisha Bari
Find out what ransomware is, how attacks work & types of attack to help you get started with keeping ransomware out of your business.
Read More
Trusted, cost-effective support from experienced consultants to help transition to ISO 27001:2022. Find out about our accessible packages.
I'd like to receive free cyber and compliance resources, and stay up-to-date with Bulletproof services. Privacy policy
Flexible service works around your schedule to minimise disruption to your everyday business
Get a best-fit service to transition to ISO 27001:2022 with our accessible package
Everything’s made as easy as possible thanks to our experienced & certified ISO 27001 consultants
Experience a seamless, end-to-end consultancy service from the initial kick-off to certification.
ISO 27001:2022 is the latest version of the internationally celebrated ISO 27001 standard. The 2022 version replaces the previous 2013 edition and brings the standard in-line with modern business practices and technologies, such as cloud computing. At its core it’s still the same information security standard, making it a valuable addition to your business.
ISO 27001 2022 has updated its controls so it remains relevant to modern business operations. Along with 11 new controls added to the 2022 edition of ISO 27001, the controls have been re-organised so that the total number has decreased from 114 to 93. The controls have also been categorised into four themes to make it easier to organise and implement. The new and updated requirements are referenced in Annex A of ISO 27001:2022, which means that organisations that currently use Annex A controls will need to update their Information Security Management System (ISMS) before being assessed against ISO 27001:2022.
The four themes are:
37 controls
Covers confidentiality, on/off boarding, remote work, and how employees interact with information.
14 controls
Deals with site maintenance and security, physical access to data, and environmental threats
34 controls
Encryption, authentication, access control, and ensuring your technology is appropriate to the task.
8 controls
Policies, use of assets, management, and things that don’t fit into other three themes.
Our friendly ISO consultants are seasoned compliance experts with extensive experience of providing ISO 27001:2022 compliance services to a wide range of organisations across multiple sectors. We leverage this experience when transitioning your business from 2013 to 2022 version of ISO 27001. Bulletproof will get your organisation ready to certify against the new standard:
Many of our information security consultants also provide valuable on-going ISO support through our popular virtual CISO service.
Get help at every stage of the journey moving your business from ISO 27001:2013 to ISO 27001:2022, with gap analysis, implementation and audit support.
Understand where your compliance currently is vs where you need to be
Includes everything in a Gap Analysis, plus hands-on help implementing the changes
Includes everything in Gap Analysis & Implementation, plus a thorough audit
If you’re undertaking the gap analysis and implementation work in-house and are confident in your compliance status, we can provide external assurance with a full ISO 27001:2022 audit.
Our auditor will assess your ISMS and Annex A controls to make sure you’re ready for your certification audit.
If you’re part-way through ISO 27001 certification then check with your provider if you’re under the 2013 or 2022 edition of the standard. Bulletproof recommends ISO 27001 certification is carried out under the new 2022 version.
The updated controls of ISO 27001:2022 are outlined in Annex A and covered in much more detail in the supplementary standard ISO 27002. ISO 27002:2022 details how each control works, its aim and objective, and includes implementation advice. For organisations using ISO 27002, Bulletproof offers a dedicated ISO 27002 gap analysis for the new 2022 update.
One of the reasons ISO 27001 certification is so valuable is that it makes a profoundly positive change to your business security. It overlaps with the GDPR in a number of areas and makes GDPR compliance easier:
If you currently have the ISO 27001:2013 certification, now is a great time to upgrade to ISO 27001:2022. You don’t have to wait until it’s time for your renewal. If it’s approaching time to renew your ISO 27001 certification then take a look at our packages to see what level of support you need to upgrade from ISO 27001:2013 to ISO 27001 2022.
Annex A of ISO 27001:2022 lists the updated controls that make the new version of ISO 27001 more relevant to modern business operations. The 11 new controls listed in Annex A are:
One of our expert ISO 27001:2022 consultants will get back to you as soon as possible.
ISO 27001 compliance has helped us improve our security investment and build credibility with our global client base, as well as enabled us to successfully win UK Government procurement contracts. Bulletproof made the whole process easy and effortless from start to finish, strengthening our information security and improving our position in the industry.
We work extensively with Bulletproof both with Cyber Essentials and ISO 27001. I always find the team both helpful and knowledgeable.
Rated 5 stars on Google
We’ve always been very impressed with the cyber security services Bulletproof provide us. Their professional approach, knowledge and flexibility have ensured they have become a key trusted partner in our supply chain.
Meet & maintain ISO 27001:2022 compliance with trusted compliance consultancy from Bulletproof..