Every country in the European Union has its own local cybersecurity consulting companies. Atlant Security is one of them.
How to identify a good cybersecurity consulting company?
The most important criteria when making a selection between multiple cybersecurity consulting companies is their business model. Do they primarily perform penetration tests with the aim of reselling dozens of security products as the conclusion of the penetration test, ‘solving’ the problems they identified? In that case, what you are looking at is not a security consulting company, but a reseller disguised as a consulting team.
A consulting company’s business model aims at delivering sound security architecture and building a long-term consulting relationship with their clients rather than reselling security product licenses. The first question you should ask your potential vendor: “Do you resell any security products/licenses?” – if the answer is yes, just hang up the phone!
Ranking criteria for the top European cybersecurity consulting companies
First, what the criteria cannot be? Money – there are amazingly successful security companies having nothing to do with true consulting. Second: number of staff. What if 90% of their employees are in the sales & marketing department? Third, awards and certifications. Awards are usually a function of sponsorship money invested with event organizers and certificates are sold left and right – they are not a guarantee of quality.
- Staff experience – does their staff regularly speak at security conferences?
- Community contribution – does the company produce quality content? Have any of their employees ever written security books, for example?
- What is the ratio of consultants vs sales and marketing in the company?
List of the top European cybersecurity companies, according to the criteria above and in no specific order:
The company is young and you are on its website! The mere fact you got here means you should at least have a discussion with us on our contact page!
We are a small European cybersecurity company, but we are proud to say that we do not resell any security vendor’s software or solutions. We also regularly speak at security conferences, and our CEO has written 2 cybersecurity books. We have a lot of value for your clients and are very happy to share it.
NCC Group is known globally, not just in the EU. Their consultants are top-notch, however with recent rapid growth their quality might have suffered a bit due to the rapid expansion. Always remember: the bigger the company, the less personalized attention you can get due to the conveyor-belt business model they have.
Surprisingly for many, Microsoft offers security consulting services, too. The author of this blog post, the CEO of Atlant Security – Alexander Sverdlov, has worked in Microsoft’s security consulting team and highly recommends it to those who can afford the service. Many people don’t even realize that a software and cloud-provider company such as Microsoft could offer security consulting services, but it does – through its professional services division. It’s not the cheapest and there are others who offer more specialized and independent consulting, but if your company is 100% focused on Microsoft products you might as well get your security consulting from them.
BAE Systems
BAE Systems is a large consulting company based out of the UK (which is still in the European Union as of the time of this publication). It is one of the biggest global cybersecurity consulting companies and is likely offering the highest quality at… likely the highest price. If you represent a government organization you should probably select them as they are primarily working with governments and large corporations.
If you need security products reverse engineering or high-quality penetration tests or if you need reverse engineering in general, reach out to SEC Consult.
They mostly focus on Austria, Germany and Switzerland, but also work globally as every other company on this list. The amount of reverse engineering they do to discover security vulnerabilities in security products is just staggering. This is one of the cases when we love to promote and refer clients to our competition – they just do an amazing job and have great staff, too.
Google’s security company – Chronicle
Google recently unveiled their stealth security startup and we don’t know if we should keep calling it a ‘startup’. It is global but also is one of the top European cyber security consulting companies. Once again, it mostly serves large customers but if you are a very profitable boutique business they will be happy to help you defend yourself.
When talking about security architecture and consulting companies we just can’t miss…
Accenture is one of the largest technology consulting firms and understandably they have a very good mix of knowledgeable and experienced security consultants and architects for any task complexity. We recommend them specifically for large, enterprise projects, such as the implementation of a large ERP system in a large corporation or the development of a large software project.
All the cybersecurity consulting companies listed in this article are located or otherwise operate in the European Union.