West Midlands Cyber Security & Compliance Specialists

We secure
your business.
Then we keep
it running.

A 13-person specialist team — security first, IT support second. Microsoft Solutions Partner. Cyber Essentials Plus certified. Independently verified by 400+ clients across the UK. Based in Coleshill, Birmingham since 1995.

Book a Free Security Review Supply chain compliance →
Microsoft Solutions Partner
Cyber Essentials Plus Certified
Feefo 5★ Rated
ISO27001 In Progress
30 Years — Founded 1995
30
Years in business Founded 1995
400+
Businesses protected Across the UK
5★
Feefo rating Verified reviews
CE+
Certified ourselves We don't just certify others
13
Specialists Real people, real answers
What makes a security specialist

Credentials matter.
Here is why.

Security and compliance requires specific qualifications, active accreditations, and engineers who do this every day. Here is what to look for — and what ACUTEC holds.

Telecoms companies doing IT
Telecoms & Connectivity
Core business is phone lines and broadband. Security and IT are bolt-ons — added to the contract, not built into the team.
  • Security is an add-on product, not a capability
  • No Cyber Essentials certification ability
  • Call centres, not engineers, answer the phone
  • Cannot support ISO27001 or compliance work
  • Ask them who turns up for your security review
Software resellers & Sage dealers
Software Resellers
Trusted by finance departments because they manage the accounting software. Now pivoting into IT and security — with no infrastructure background.
  • No managed infrastructure experience
  • Cannot certify clients to Cyber Essentials
  • Security knowledge is product-led, not practice-led
  • No relationship with Microsoft as a Solutions Partner
  • Supply chain compliance is beyond their capability
ACUTEC — Security specialists
Telecoms & Connectivity
>Security and compliance is our primary specialism. IT support is the relationship that follows. Built from the ground up — not bolted on.
  • Cyber Essentials certification body — we certify others
  • CE+ certified ourselves. We practice what we preach.
  • Microsoft Solutions Partner — fewer than a handful in the West Midlands
  • ISO27001 in progress — held internally, not just sold
  • 30 years infrastructure experience. Real engineers. Real answers.
Our two verticals

Two reasons
businesses call us.
One outcome.

New clients come to us one of two ways. Both lead to a long-term relationship built on genuine security — not just a certificate on a wall.

01
Cyber Security
& MSSP
You've read about the M&S attack. The NHS breach. You've had a near-miss — or you don't know if you have. You need someone to assess where you actually are, and fix what's broken.
Endpoint Detection & Response — 24/7 monitoring
Dark web scanning — is your data already out there?
SonicWall firewall management & configuration
Vulnerability assessments & pen testing
Incident response & disaster recovery
Security pathway
CE
CE+
MSSP
ISO27001
02
Compliance &
Certification
A client — Severn Trent, the NHS, a large contractor — has told you they need proof of your security before the next contract. You have a deadline. We've been here before.
Cyber Essentials & Cyber Essentials Plus certification
ISO27001 information security management
ISO9001 quality management
GDPR compliance support
Cyber insurance readiness assessment
Security pathway
CE
CE+
ISO27001
Managed
New service — Board & Director Level

Your board needs a
security lead.
We'll be that person.

A virtual Chief Information Security Officer gives your business director-level security leadership without the cost of a full-time hire. We own the strategy. We brief the board. We carry the risk conversation — so your directors understand what they're signing off.

This is for you if
Your board has been asked about cyber risk by insurers, investors, or clients — and isn't sure what to say
You are pursuing ISO27001 or a major compliance standard and need policy ownership at a senior level
A director has asked "are we actually secure?" and nobody has given them a straight answer
You supply a large organisation and they want evidence of a security management function
Board Security Briefing
A single session with your senior leadership team. We assess your current security posture, translate the findings into plain language, and give directors a clear picture of their exposure and responsibilities. No jargon. No slides full of acronyms.
£1,500 – £3,000 per session
vCISO Retainer
Ongoing virtual CISO engagement. We own your security strategy, attend board meetings, write and maintain your information security policies, manage your compliance calendar, and provide a named point of contact for any incident or audit. Director-level accountability, delivered as a service.
£1,500 – £5,000 / month
Includes: policy ownership · board reporting · ISO27001 alignment · incident response leadership
Director Liability Briefing
The ICO is clear: directors can be held personally liable for data breaches. This session covers exactly what that means in practice — what you are responsible for, what a regulator will look for, and how to demonstrate you took reasonable steps.
Included in retainer · available standalone
Supply Chain Compliance — Real Story
"Severn Trent told our client they had 90 days to get certified or lose the contract."

A West Midlands business in the Severn Trent supply chain received a letter — certify to Cyber Essentials or your contract is at risk. They called ACUTEC. We assessed their environment, identified the gaps, guided them through remediation, and got them certified.

This isn't a one-off. Every major utility, NHS trust, and public sector body is tightening supply chain security requirements. If you supply them — this conversation is coming.

60
Days to certification — against a 90-day deadline
£0
Revenue lost — contract retained in full
100%
Of identified security gaps resolved before certification
CE+
Now on the pathway to full CE+ and ISO27001
How it worked
1
The letter arrives
Client receives Severn Trent supplier security requirements. 90-day deadline. No existing certification. Calls ACUTEC.
2
Gap assessment — week one
ACUTEC conducts a full security gap analysis against Cyber Essentials requirements. Identifies exactly what needs fixing.
3
Remediation — weeks two to seven
Firewall configuration, patching, access controls, MFA rollout. Every gap closed. Evidence gathered.
4
Assessment submitted — week eight
Cyber Essentials application submitted with full supporting evidence. Certified within ten days.
Certified in 60 days. Contract secured.
30 days ahead of the Severn Trent deadline
Qualifications that mean something

We earn the right to call ourselves
specialists.

Any company can call itself a security house. Not every company can prove it. Here is what ACUTEC holds — and what it means for you.

Cyber Essentials Plus
We hold CE+ ourselves. Not self-assessed — independently verified. Which means when we guide you through certification, we have done it from the inside.
↗ We certify other businesses — not just ourselves
Microsoft Solutions Partner
One of very few MSPs in the West Midlands to hold this accreditation. Microsoft has verified our technical depth, customer outcomes, and team capability — not just our sales numbers.
↗ Modern Work & Security specialisation
ISO27001 — In Progress
We are pursuing ISO27001 certification internally. Because we believe you should not sell a standard you haven't held yourself. Expected completion 2026.
↗ One of very few MSPs in the region to hold it
IASME Certification Body
ACUTEC is an IASME-accredited certification body. This means we can assess and certify other businesses to Cyber Essentials — not just advise them. A direct commercial and credibility advantage.
↗ Telecoms companies and Sage dealers cannot do this
Feefo 5★ Verified
Every review on Feefo is verified against a real transaction. You cannot buy a 5★ Feefo rating. 400+ businesses have chosen to say something positive about ACUTEC after paying for our services.
↗ Verified, not curated
30 Years — Founded 1995
Independent. Still based in Coleshill. Still answering the phone. The businesses that make noise at Ingram conferences this year may not exist in five. ACUTEC has been here since before the internet was useful.
↗ Privately owned. No VC pressure. No churn targets.
Microsoft Solutions Partner

The full Microsoft
stack. Done properly.

We are a Microsoft house — and one of very few MSPs in the West Midlands with Solutions Partner accreditation. That means better licensing terms, direct Microsoft support, and access to funded deployments that partners without this status simply cannot offer.

Microsoft 365 Business Premium
Microsoft Copilot
Azure Virtual Machines
Microsoft Purview
Microsoft Intune
Teams & SharePoint
Azure Backup & DR
Entra ID
Microsoft Solutions Partner
Modern Work & Security — Accredited
Microsoft has independently verified ACUTEC's technical capability, customer satisfaction scores, and ongoing training investment. This is not a reseller relationship — it is a partner one.
30yr
Microsoft partner
400+
M365 environments
2hr
Avg first response
5
Feefo rating
Azure — the legacy hardware answer

If your business is running ageing servers that cost too much to replace, Azure changes the conversation. Instead of a capital expense you've been avoiding, it becomes a predictable monthly operating cost — and you never have to buy hardware again.

Azure migration assessment — free for existing clients →
AI & Microsoft Copilot

AI is already
in our work.
Now yours.

We use AI tools in our own service delivery — faster threat detection, automated reporting, smarter triage. And as a Microsoft Solutions Partner, we deploy and optimise Microsoft Copilot for clients who want to get real value from it — not just a licence they don't use.

ACUTEC AI trajectory
AI-augmented service delivery — threat detection, reporting, triage (now)
Microsoft Copilot deployment and adoption for clients (now)
Copilot for Security — AI-assisted SOC capability (6 months)
AI compliance gap analysis — faster ISO27001 assessments (12 months)
AI consultancy — business process automation (18 months)
AI-Augmented Security
Available now
AI threat detection identifies patterns in security alerts faster than human review. Automated vulnerability reports. Smarter incident prioritisation. Your security — delivered more efficiently.
Microsoft Copilot Deployment
Available now
Every Microsoft 365 client is a Copilot prospect. We assess your environment, deploy Copilot properly, train your team, and measure adoption. Not just a licence — a working tool.
<
AI Compliance Analysis
Coming soon
AI-assisted gap analysis for ISO27001 and Cyber Essentials — dramatically reducing assessment time and giving clients a clearer picture of where they stand before the formal process begins.
AI Business Consultancy
On the horizon
Process automation, workflow intelligence, and AI integration across your business operations. In development — built on a foundation of real security and compliance expertise, not just AI enthusiasm.
What clients say

Don't take our
word for it.

Verified on Feefo. Real businesses. Real outcomes.

"When we received the Severn Trent letter we had no idea where to start. ACUTEC walked us through everything and got us certified well ahead of the deadline. We didn't lose a day's business."
WM
West Midlands Supplier
Utilities supply chain — Cyber Essentials certified
"We moved from a telecoms provider who said they did IT. The difference is night and day. ACUTEC actually understand security — not just connectivity. Real engineers, real answers."
SR
Sarah R.
Finance Director, Professional Services
"The Microsoft 365 Business Premium migration was flawless. Copilot is now genuinely saving us time. ACUTEC set it up properly — something our previous provider never managed."
TH
Tom H.
Operations Director, Logistics Group
Plain English

Security questions.
Straight answers.

If you run a business and you're not a security expert — these are the questions we get asked every week. No jargon. No acronym soup.

What actually happens if we get hacked? +

The short answer: it's expensive, disruptive, and takes longer to recover from than most businesses expect. On average, a cyber attack costs UK SMEs £8,000–£25,000 in direct costs — that's before you factor in downtime, lost productivity, reputational damage, and the cost of telling your clients their data may have been exposed. If you hold customer data (and almost every business does), you are legally required to report significant breaches to the ICO within 72 hours. The M&S attack in 2025 brought their online operation to a halt for weeks. The same type of attack on a smaller business is often terminal.

What is Cyber Essentials and why do I need it? +

Cyber Essentials is a UK government-backed certification that proves you have the five basic security controls in place. Think of it as an MOT for your business IT — it doesn't make you invulnerable, but it demonstrates you've done the fundamentals. If you supply the NHS, central government, Severn Trent, or many large corporates, they may already be asking for it — or they will be soon. Supply chain security pressure is accelerating. Many businesses come to us after receiving a letter with a deadline. We've certified businesses in 60 days. It's achievable.

We have an IT person / IT company. Aren't we covered? +

Possibly — but general IT support and cyber security are not the same thing. Your IT provider may be excellent at keeping your computers running and managing your Microsoft 365 licences. Security requires different skills: threat monitoring, incident response, compliance frameworks, vulnerability assessment, and the ability to certify you to standards like Cyber Essentials. The question to ask your current provider: "Can you certify us to Cyber Essentials Plus and support an ISO27001 audit?" If they hesitate, that's your answer.

How much does this actually cost? +

It depends on what you need, but it is less than most people expect — and significantly less than the cost of a breach. Cyber Essentials certification typically costs £300–£500 in certification fees, plus our time to prepare you — which varies depending on how much work is needed. Managed security starts from a few hundred pounds per month for a small business. ISO27001 is a larger investment and typically takes 12–18 months. We give you an honest quote before anything starts — no surprises.

What is a "security review" and what happens during one? +

A free security review with ACUTEC is a 45–60 minute conversation — either on-site or via video call — where we ask you about your business, your IT setup, and your current security posture. At the end, you'll know where you are, what your most significant risks are, and what it would take to address them. No hard sell. If we're not the right fit, we'll tell you. If there's something you can fix yourself without paying us, we'll tell you that too.

I'm a small business. Is this relevant to me? +

Yes — and the stakes are arguably higher for smaller businesses than large ones. Large businesses have dedicated security teams and insurance budgets. Small businesses are often easier targets precisely because attackers know they are less likely to have strong defences. If you have ten employees, process payments, hold customer data, or supply a larger organisation — cyber security is relevant to you. You don't need an enterprise-level programme. You need the right basics, properly implemented.

Have a question that isn't here? We're happy to answer it — no obligation, no sales pitch.

Ask us anything →
Get in touch

Are you actually as secure as
you think?

Book a free, no-pressure security review. We'll assess where you are, tell you what's working, and be straight with you about what isn't. No hard sell. No jargon. Just an honest conversation from people who've been doing this since 1995.

Book a Free Security Review Call 01675 469020

St Peters House · Church Hill · Coleshill · Birmingham · B46 3AL · hello@acutec.co.uk