Skip links

Information Security Advisory & Assurance

Our Information Security Advisory and Assurance services are designed to protect your digital assets – both internally, and throughout your supply chain.

Nine23 advisory helps you achieve operational capability for higher security tiers; strategically aligned, and investment-optimised. Whether you’re looking to adopt Secure by Design principles, work above OFFICIAL, develop a cyber strategy or risk assessment – we can help.

We work alongside NCSC-Certified partners to deliver our Information Security Advisory & Assurance Services. Delivering expert guidance across the full spectrum of information and cyber security. Each component can be delivered independently or as part of a continuous assurance programme.

We are more than just a cyber security consultancy – we are practitioners embedded in the secure delivery of digital services. Actively contributing to the development of UK cyber resilience policy through TechUK forums and workshops, we align closely with the Secure by Design mandate outlined in the UK Government’s Cyber Security Strategy 2022. With a proven track record of securing environments above OFFICIAL, we have delivered NCSC-aligned security assurance artefacts for the MOD, Police, and other public sector bodies. Our expertise is recognised on G-Cloud, where we provide information assurance and cyber security advisory services.

Relevant Services

Adopting Secure By Design

Security and Cyber Strategy

Working above OFFICIAL

Assurance as a Service

Threat, Vulnerability & Risk Assessment

“I need to implement Secure by Design Principles”

Contact Us

Policy-Driven Assurance: Secure by Design & the Cyber Security and Resilience Bill

The UK Government’s Secure by Design mandate is reshaping how digital services are developed and delivered – embedding cyber security at the heart of every stage of the lifecycle.

In parallel, the forthcoming Cyber Security and Resilience Bill will introduce new legal duties on essential sectors to proactively manage their cyber risks and demonstrate resilience against evolving threats.

Nine23 helps organisations stay ahead of these developments by:

– Embedding Secure by Design principles across system architecture and procurement pipelines

– Producing robust, risk-based assurance documentation aligned with the organisation’s risk appetite

– Supporting compliance readiness for the Cyber Security and Resilience Bill, helping organisations understand their obligations and prepare for future regulatory scrutiny

BNS Cyber

Nine23 is proud to partner with BNS Cyber, a UK-based, specialist cyber security consultancy who provide exclusively to the MoD and Government sectors operating under the Government Security Classifications Scheme, with extensive experience working from OFFICIAL through to ABOVE SECRET.

BNS Cyber are committed to providing high-quality security consultancy exclusively to MoD / HMG and their suppliers, and have become one of only a handful of companies certified by NCSC to provide Security Architecture and Risk Management offerings under the NCSC Assured Cyber Security Consultancy (ACSC) Service.

Through our partnership, Nine23 and BNS Cyber share the same values – cyber security should be business enabling rather than a business constraint.

We combine strategic advisory and operational expertise to offer a comprehensive Information Security Advisory & Assurance service. Together, we support clients across the full risk and assurance lifecycle, from threat and risk assessments to Secure by Design reviews and ongoing governance. This collaboration ensures our clients benefit from both strategic insight and hands-on delivery, helping them navigate complex security requirements with confidence.