• An IASME Certification Body since 2014.
  • CREST and Cyber Scheme qualified testers.
  • Cyber Essentials, CE Plus and IASME Cyber Assurance.
  • North East based. Delivered UK-wide.
What's forcing your hand

Certify, or fall out of the supply chain

Manufacturing rarely faces a single legal mandate. The pressure is commercial: OEMs, primes and large buyers push security requirements down their supply chains and make certification a condition of being awarded, or keeping, the work. Cyber Essentials is the usual entry ticket, and Cyber Essentials Plus is what the more demanding buyers ask for.

Bid for public-sector work and Cyber Essentials is often a pass-or-fail requirement under government procurement rules. Supply a global automotive OEM and you may meet TISAX, the automotive sector's information-security assessment. Sit in an aerospace or defence supply chain and you may meet JOSCAR and the MOD's Def Stan 05-138. The thread through all of them is the same baseline of technical controls.

As production networks connect to corporate IT, the risk moves onto the factory floor. IT and OT convergence widens the attack surface and lets an attacker move from the office into production. Manufacturing is one of the most targeted sectors for ransomware.

When a customer wants more than Cyber Essentials, IASME Cyber Assurance is the proportionate next step: a governance-led standard built on Cyber Essentials, with a verified and an audited level, and a lighter route than full ISO 27001.

What we deliver

What we deliver for manufacturers

Cyber Essentials and CE Plus

Certified directly by us. The entry ticket for OEM, prime and public-sector contracts, with the audited tier when a buyer demands it.

Supply-chain assurance

Know what you expose before a customer asks, and flow your own requirements down to your suppliers.

OT and IT security

We help you separate the factory floor from corporate IT and reduce the risk that a breach in the office reaches production.

The step beyond CE

A clear path to IASME Cyber Assurance when a customer wants more, mapped to your size and risk.

Penetration testing

CREST and Cyber Scheme qualified testing of the systems your customers and auditors scrutinise.

Ransomware resilience

Manufacturing is among the most targeted sectors for ransomware. We pressure-test your backups, segregation and recovery so an attack does not stop the line.

Rigour that keeps the line running

We have certified UK organisations since 2014 and work with regulated and supply-chain-driven clients. We prioritise by real risk, help you close the gaps, and give you certification evidence that unblocks contracts, without disrupting production. Certification, testing and assurance under one roof, so you deal with one team from baseline to audited.

Regional focus

The North East makes things

The North East is one of the UK's strongest manufacturing regions: a major automotive base around Sunderland and its supply chain, rail manufacturing in County Durham, and one of the country's largest process and chemical clusters on Teesside. It is exactly the kind of certification-hungry, supply-chain-driven base we are built to serve, on our home turf.

  • Newcastle
  • Gateshead
  • Sunderland
  • Durham
  • Northumberland
  • Tees Valley
Questions

Manufacturing FAQs

Why do manufacturers need Cyber Essentials?

Usually because a customer requires it. OEMs, primes and public-sector buyers push security requirements down their supply chains and make Cyber Essentials, or Cyber Essentials Plus, a condition of winning or keeping contracts. It is the entry ticket to staying in the supply chain.

Is manufacturing regulated for cyber security?

General manufacturing is not regulated as an operator of essential services under the NIS Regulations. The real pressure is commercial: customer and supply-chain requirements, and procurement rules when you bid for public-sector work.

We supply automotive customers and have been asked about TISAX. Can you help?

Yes, we can help you prepare. TISAX is the automotive sector's information-security assessment, based on ISO 27001 with automotive additions. The assessment itself is carried out by accredited audit providers; we get your controls and evidence ready and certify the Cyber Essentials baseline beneath it.

What is IASME Cyber Assurance and when do I need it?

IASME Cyber Assurance is a governance-led standard built on Cyber Essentials, with a verified level and an independently audited level. It is the proportionate step up when a customer wants more than Cyber Essentials but you are not ready for full ISO 27001.

Can you help with OT or factory-floor security?

Yes. As production networks connect to corporate IT, the factory floor becomes part of your attack surface. We help you separate the two and reduce the risk that a breach in the office reaches production.

Do you work with manufacturers in the North East?

Yes. We are North East based, in the heart of the region's automotive, rail and process-manufacturing base, and we certify across the region and the wider UK.

Keep making. Keep winning work.