What we do

When you mix a fierce intelligence with curiosity and the highest level of cyber security experience you get a team that is able to address the most complex and fast moving cyber risks in new ways. Ways that combine clarity and understanding with a forthright and pragmatic approach towards containment and balance.

We use a mix of tools to achieve this: Risk Analysis, Security Review, Security Architecture and Security Monitoring.

“2T Security took on board my mission and internalised it. Conversations were about what did we need to do, not what I was paying them to do or what they were contracted to do!”

44con-logo-2Tpurple-2000px
ASP-logo-2Tpurple-350px
CyberFirst-logo-2Tpurple-350px
CyberUK22-logo-2Tpurple-2000px
RiskTree-logo-2Tpurple-2000px
cyber-essentials

Why 2T Security?

We are the independent experts on your side. We exist to tackle the most complex and critical situations. In the midst of constantly changing risk we bring calm and understanding, solid experience and the safest pair of hands.

CPU 5G Circuit Board Background
  • We turn complex and constantly evolving risk into a clear and balanced plan.
  • We give truly Independent advice – our only agenda is your agenda.
  • Our counsel is based on many, many years of the highest level experience.
  • We offer complete integrity.
  • We are forthright and approachable – we speak human not jargon.
Learn More

KNOWLEDGE. DISTILLED.

RiskTree puts you on the front foot. It is a unique piece of software that distills complex evolving risks into clear components that can be analysed, understood and balanced.

Try Today

2T SECURITY CASESTUDIES

Our experience has shaped our expertise. We pride ourselves on turning the most complex critical risks into clear, actionable processes. Much of the high level work we do for government departments isn’t sharable online. Here are a few case studies that we are allowed to talk about publicly.

VIEW ALL CASESTUDIES
NHS

Test and Trace

Supporting the Test and Trace Programme.

DWP

Security programme

Enabling DWP to operate its business and online services securely as part of a multi-million transformation.

Latest Insights

Change is constant in our world. Keeping pace with new thinking and practices is a given. This is a chance to explore a range of different ideas from industry experts.

VIEW ALL INSIGHTS

Why it’s critical to consider relationships when building risk reports

If you manage risk, one vital part of your job is reporting your project’s status and results to other groups: the board, management, and external auditors. And when building reports, risk managers must pay careful attention to the relationships of the intended audiences.
Read More

Celebrating Ten Years of 2T Security

We typically don't divulge much of our work, partly because we're security professionals, but also because we've been focused on building an exceptional business. Nevertheless, we are incredibly proud of our team, clients, and delivery. We want to express our gratitude to all those who have been a part of our journey.
Read More

Principles are good, but exceptions are OK

Recently we discussed the security of RiskTree with a client, who ran through the NCSC Cloud Security Principles. Since RiskTree is delivered as software-as-a-service, this made sense. One point that arose was the lack of Multi-Factor Authentication (MFA) in use: CSP Principle 10 states that 2FA is ‘considered good practice’, using either a hardware or software token or out-of-band challenge.
Read More