Cyber Security Health Check

Cyber Security Health Check

Cyber Security Health Check is the essential tool in establishing a solid foundation upon which to review, renew and improve your Cyber Security footing. The Cyber Security Health Check helps you identify your weakest security areas and recommends the appropriate actions to mitigate any potential risks that we discover.

Cyber Security Health Check, What is it?

The Cyber Security Health Check is an essential activity that businesses and organisations should undergo every year. Like an MOT for a car or a financial audit for a business’s finances, the Cyber Security Health Check identifies issues in your Cyber Security before they become a real problem.

The Cyber Security Health Check will help you identify your weakest security areas, it will also recommend the appropriate actions to mitigate any potential risks that we discover. A cyber health check will provide you with a detailed report describing your current cyber risk status and will leverage best practices, like Cyber Essentials. Cyber Essentials Plus, ISO 27001, CIS 18 Critical Controls and NCSC guidance. The report provides recommendations for reducing your overall cyber risk footprint and tightening you current controls with existing technology. The health check helps you to uncover your Cyber Security weak spots before the attackers do and can help you identify your weakest security areas.

Cyber Security Health Check

An awareness of Cyber Security risks at board level is critical to your organisation, as part of our comprehensive health check we focus on executive management’s knowledge and awareness of your key risk areas. Our Cyber Security health check service quickly identifies potential issues by asking targeted questions. We assess how you respond to cyber incidents, as well as your team’s knowledge of Cyber Security and risk management and ensure that your cyber risk management processes are sufficiently robust.

Our experienced advisers evaluate your current cyber capabilities across multiple dimensions including governance and strategy, security defenses and controls, threat and vulnerability management, and incident readiness, response, and resilience. We implement a phased approach to identify the true nature of your organization’s threat profile, assess your Cyber Security posture and provide practical and actionable recommendations to assist you in maturing your organization’s Cyber Security program.


Cyber Security Health Checks are priced in an affordable manner to help all businesses adopt a more practive cyber security program.

Micro Business: £1700

Small Business: £2550

Medium Business: £4250

Larger: Call for a quote

Talk To A Security Specialist

Book a free consultation with a security specialist to discuss your current concerns or security requirements.

Hedgehog Security needs the contact information you provide to us to contact you. You may unsubscribe from these communications at any time.  By clicking "Request Callback" below you agree for us to store and process your data.  For information on how to unsubscribe please review our Privacy Policy.

Cyber Security Health Check Brochure


The Cyber Security Health Check / IT Health Check requires both an External and Internal assessment. We will assign a qualified security consultant to help with scoping the engagement and delivering the project.

Depending on the size of the network and number of devices, sample testing of a minimum of 10 per cent of the estate can be performed and correct scoping is critical to ensure that the service offered meets the CoCo requirements without being overbearing and over budget.

Internal Assessment

Internal testing takes the form of a Penetration Test and should include Vulnerability Scanning and a thorough Manual Analysis of your internal network.

At a minimum it should include:

  • Desktop and Server build and configuration, and network management security
  • Patching of Operating Systems, Applications and Firmware levels
  • Configuration of Remote Access solutions including Virtual Private Networks (VPNs) and the associated authentication
  • Build and Configuration Review of Laptops and other Mobile devices such as phones and tablets used for remote access
  • Internal Security Gateway configuration including the Firewall connection to the PSN network.
  • Wireless Network configuration

The assessment of the above look to provide assurance that your internal systems are configured in a secure manner and are being properly maintained

External Assessment

The External Assessment part of the ITHC should include public-facing services such as email servers, web servers and other systems such as the firewalls in place to prevent unauthorised access from the public Internet into your organisation.

Any other inbound connections from the Internet such as Remote Access or Site-to-Site Virtual Private Networks (VPNs) also need to be penetration tested as part of the engagement. This assessment takes place for the infrastructure and authentication methods in place to protect the connections.

PSN IT Health Checks

We are a CREST member company and can scope and perform your IT Health Check (ITHC) for access to the Public Services Network (PSN).

Web technologies have advanced in recent years and so have the Web Applications that we all use daily. With this advancement and reliance on web technologies, we have also been exposed to security risks associated with these applications.

The Public Services Network (PSN) is the government’s high-performance network, which helps public sector organisations work together, reduce duplication and share resources. Organisations, both public and private sector that require a connection to the PSN required to complete a Code of Connection (CoCo) application is requirement of the CoCo application to provide a recent (within 12 months) IT Health Check report that has to be performed by a qualified organisation. Through our CREST member status, we are able to provide ITHC services to organisations at a local government level requiring connection to the PSN.

Not only does the ITHC allow access to the PSN, which is a great benefactor to your business but simply showing you’re on the network demonstrates that your organisation’s security arrangements, policies and controls are sufficiently rigorous.

Organisations connecting to the PSN have to perform an annual IT Health Check in order to sustain the connection.

Be Prepared with a Cyber Security Retainer

Get preferred terms and service levels ahead of a Cyber Security breach to reduce response time,
help manage the impact of a cyber event, and enable faster recovery.

Cyber Security / IT Health Check Sectors

Supply Chain Security

Your supply chain partners risk is your risk. Do you have confidence in your supply chain and business partners Cyber Security processes and systems?


Do you have have the right technology to deal with cyberattacks like advanced persistent threats (APT’s) or denial of service attacks (DDOS)?

Incident Response

Incidents happen. Do you have current internal protocols equiped to deal with cyber crises and to have processes in place to deal with cyber attacks?


Threats are constantly evolving, do you have governance processes in place to monitor, learn from and deal with emerging cyberattack trends?


Do you have built up an internal culture of Cyber Security, starting with your upper management, all the way down to your general employees?


You can’t always secure everything all of the time. Do you understand what your priority items are and how well they are currently protected?