Our software fully supports the GDPR process with Regulation (EU) 2016/679 articles built in, providing the DPO with a ready-made suite of tools to model business processes, define what sensitive data exists and where it is, and perform multi-phase Data Privacy Impact Assessments. Click here to read more


Proteus®GRCyber™ helps organisations protect against cyber threats. It prepares you from inside, verifies from outside and discovers attacks. It speaks your language at all levels, from lowly network up to board level, giving you both confidence and risk information aligned to your business objectives.


  • Fastest route to GDPR compliance
  • First reports within four weeks
  • Aim to be compliant within 6 months
  • Demonstrate compliance easily
  • Most comprehensive tool (consent rules, SARs, breach notification, Article 30 report, etc)

Get ready for General Data Protection Regulation (GDPR)
with the No.1 software toolkit

    Comprehensive view of where Personal Identifiable Data resides in your organisation - Scored readiness evaluation and graphical illustration of compliance gaps - Roadmap for compliance with recommendations for immediate action - Insights to start building a robust data protection framework and inform your future technology choices - Helps meet the regulation requirements at a reduced cost, and potentially huge fines mitigated, not to mention reputational damage averted - Snapshot of legal landscape and your potential exposure - Easy, fast breach reporting - Vendor risk management for audits

An introduction to GDPR

What is the fuss about?

Are you ready for it? The regulation comes into force in May 2018 and it’s going to be huge to borrow a trumped up term. The Regulation will increase the complexity of cyber security greatly. It’s a European Regulation, therefore legally binding, and will apply to most organisations worldwide that hold any personal data on any EU citizen. Brexit doesn’t change anything – we already know that the UK Government will implement the regulation. If you control or process data that includes the personal information of any EU citizen, then the regulation is likely to apply to your organisation. The exceptions are where organisations have an exemption – these apply in state security scenarios rather than for business size or purpose reasons. Outsourcing a process does not absolve you of responsibility for data you control.

Is GDPR the same as the Data Protection Act?

No. This is a considerable step up. The DPA was introduced before we had social media or digital business, and at a time when hacking was a computer geek’s hobby rather than a cyber criminal’s occupation. The term ‘identity theft’ didn’t exist and we didn’t live our lives online. GDPR goes well beyond data protection controls. It places data protection obligations on organisations supported by severe fines for failure (up to the greater of €20m or 4% of turnover) and mandatory data breach reporting. It gives consumers greater control over their data, including the right to correct it, to have it deleted or to withdraw consents previously given, all within relatively short timescales.

Will it be a problem for me?

This is quite possibly the biggest legislative change in any of our careers. Therefore, we would urge you to begin this process now. Most organisations with 250+ staff will need to appoint a Data Protection Officer. In order to meet the timelines of the regulation we would suggest early appointment of your DPO is critical so they can coordinate the overall plan of action.

The larger and more diverse the organisation, the more complex and challenging this activity becomes. And because risk is at the heart of the regulation (the standard mentions risk some 75 times) we believe that it is best managed by your risk management system. Proteus®GDPReady™ helps organisations become and remain compliant with the regulations, providing a roadmap for compliance with recommendations for immediate action.

Proteus-Cyber's Proteus®GDPReady™ software can help you:
  • Perform enterprise wide online audits against the
  • Guides you through the process with an integrated project plan
  • Easily survey the business for processes using personal data
  • Maintain a process/data mapping register (Article 30)
  • Model your business processes
  • Report your levels of compliance against the regulation
  • Breach notification (Article 33)
  • Identify non compliances and manage them with project plans
  • Perform data privacy impact assessments (PIAa/DPIAs)
  • Perform risk assessments against business processes with pre defined threats and vulnerabilities
  • Maintain a register of assets, what data is on them and levels of data protection
  • Cross reference your documents and controls against your business processes
  • Graphically view your data flows across international borders
  • Audit your data processors and make sure those suppliers are protecting your data properly
  • Educate your staff with online privacy Awareness Training and create a security culture within your business
  • Processor risk management for audits
GDPR features GDPR Geodata GDPR what to do

What do I need to do? GDPR what to do

GDPR timeline GDPR timeline

Product Versions

Proteus software is provided on a SaaS (Software As A Service) basis. Enterprise versions can be hosted in the Cloud or on-premises, as required. Basic and SME versions are hosted in the Cloud on secure servers within the EU. All versions are ‘upward’ upgradable.

  • Proteus®GDPReady™ Basic
  • For the small company - simple to use GDPR audit, available on hosted SaaS basis.
  • £1,195 / year
  • 1 user
  • 1 site
  • 1 Process/data mapping survey
  • 1 Company wide GDPR survey
  • 1 GDPR compliance status report
  • Request a demo
  • Proteus®GDPR™ SME
  • The SME version is available on a hosted SaaS basis. It offers the same functionality as the Enterprise version, but is restricted in usage by limiting the number of users, sites, business processes and vendor audits.
  • £11,995 / year
  • 5 DPO users
  • 5 sites
  • 5 vendors
  • 25 business processes
  • Process/data mapping survey
  • Data definition
  • Process definition
  • Risk assessment
  • Internal reporting
  • Action planning
  • Breach reporting
  • Vendor assessments
  • Request a demo
  • Proteus®GDPReady™ Enterprise
  • GDPR audit for unlimited sites and suppliers. Unlimited PIA's and dataflows.

  • POA
    All inclusive SaaS price
  • Unlimited DPO users
  • Unlimited survey users
  • Unlimited business processes
  • Unlimited sites
  • Integrated project plan to guide you through the process
  • Privacy Impact Assessments (PIAs/DPIAs)
  • Process/Data mapping register
  • Business process modelling
  • Data Privacy Risk assessment
  • Reporting (e.g. Article 30)
  • Project and task planning
  • Subject Access Request handling
  • Breach notification (comply with Article 33)
  • GDPR risk assessment
  • Easy bulk data import
  • GDPR awareness training built in
  • Multilingual, including RTL, Arabic, Chinese, Japanese and all non-latin character sets.
  • Request a demo
  • Proteus®GRCyber™ Enterprise
  • GRC for the Enterprise users and unlimited sites and users.
  • Enterprise subscription
  • Unlimited users
  • Unlimited sites
  • Unlimited audit templates, with over 40+ international standards to choose from, 27001:2013 included as standard
  • Unified risk framework included
  • Document policy templates included
  • Business process modelling
  • Risk assessment
  • Asset management
  • Business continuity
  • Works with your existing DRM applications
  • Automated control testing and real time risk alerts
  • Unlimited and customisable reporting and dashboarding
  • RiskView 2 - Graphical board level risk presentation
  • Project-task and incident management
  • Real time threat feeds
  • Vendor risk management
  • Customisable alerting and workflow
  • Easy setup and import functions
  • Unlimited customisable security awareness training included
  • Request a demo

Proteus®GDPReady+ is an optional addition to Proteus®GDPReady and consists of a third party product, the data listener, which has been intergrated integrated with Proteus®GDPReady™. This additional capability allows the organisation to respond to data subject access requests. A core requirement of GDPR is the individual’s right to see their data, to correct it, to pass it to another supplier, to be forgotten, etc, and it the Personal Data Listener that collects this information irrespective of the systems and applications on which it resides. Many organisations find that this is a major challenge in their desire to become GDPR compliant and are considering modifying their applications or introducing another data warehouse. Proteus®GDPReady+™ is a more effective and almost certainly much more cost effective solution.

Total Business Coverage

Harness your existing security infrastructure into a single, integrated, web based, multi-agent cyber protection system.

GDPR architecture

Unified Risk Framework
Overlay software that elevates your existing security systems

Audit anything, unify your security systems, report on anything & match risk to business outcomes

GDPR framework

This shows the various modules that can be deployed and what Proteus®GRCyber™ addresses

Implement and test your controls

Compliance & Policy

Clients can choose from many international standard templates or author their own. Audits can be internal or external, ensuring that you, your suppliers and your vendors comply with best international practice.

Risk Assessment

Assessing risk is a key part of any security program. Uniquely, Proteus®GRCyber™ can assess threats by their operational, financial or regulatory impact and assign countermeasures to mitigate these threats. Likewise you can assess Confidentially, Integrity and Availability values.

Business Impact

By modelling your business processes, you understand how they relate to each other and interact with the underlying infrastructure and regulatory controls. With this approach you can better understand the financial, regulatory and operational impact of threats that arise within your business.

Security Awareness Training

Good security can only be achieved by creating a security culture within your staff. According to Gartner 70% of breaches can be traced back to bad practice. Proteus®GRCyber™ integrates online security courses to provide focussed security training where and when it’s needed.

Business Continuity

For every business process critical to your business you need an effective continuity plan. Proteus®GRCyber™ provides a simple process that can assess the effectiveness of your failover plans.


Visualising how a threat or breach affects the business is key to reacting in a timely fashion and may reduce fines and reputational damage. Riskview2™ allows you to view these relationships clearly and quickly, empowering you to make faster, better decisions.

  • Proteus®GRCyber™ addresses:
  • Overlooked basic security vulnerabilities
  • 3rd party exposures
  • Insider breaches
  • Poor threat prioritisation
  • Planned DDoS attacks
  • Not understanding impact
  • Granting unauthorised network access
  • Poor business decisions
  • Security-unaware staff
  • Espionage
  • Zero-day attacks
  • Badly configured networks
  • Inappropriate file transfers
  • Rule breach detection
  • Encrypted links
  • Out of hours logins
  • Poor password implementation
  • and more
Look for the unexpected

Staff Profiling

Some staff may not be suited to the positions they hold. Staff profiling helps avoid these pitfalls up front, reducing the likelihood of malicious behaviour.

Intelligence-Led Risk Management

Proteus®Analytics™ actively searches the Dark Web, Threat Intelligence feeds as well as news and social media to monitor for chatter about impending attacks. ‘Forewarned is forearmed’ allowing you to prepare better for an anticipated attack.

Network Traffic Surveillance System

NTSS collects every IP record your network produces and reconstructs them back into application logic independently of the applications that created them. This traffic can be monitored for unexpected behaviours and network activity (eg unauthorised devices).

Penetration & Vulnerability Testing

Securing the business as best you can on the inside is important, as is rigorously testing this security. Employing the best white hackers and products ensures you’re first to know about a security weakness or vulnerability and can fix it before anyone else finds it.

Log and Patch Management

A large percentage of breaches are due to poor patch management and could have been detected by examining the SIEM logs. Proteus®GRCyber™ collects, searches and alerts on these logs and scopes the impact before the breach occurs.

Incident, Project, Tasks, Email

When an incident occurs, a quick and effective response is essential. With Proteus®GRCyber™ you can quickly track incidents, create projects and teams, allocate tasks and attach critical information (eg. emails and documents) in order to neutralise the threat.

*NTSS requires hardware sizing based on the clients requirements for retention period and performance

Discover great features

Properly implemented, Proteus®GRCyber™ can protect you from 99% of the cyber threats you may face


Perfectly designed

Proteus-Cyber conceived the iGRC concept and secured major UK Government funding to extend their Proteus®GRCyber™ enterprise governance, risk and compliance application into a single, integrated, web based, multi-agent cyber protection system.

CSO's can now secure their assets via this single, real time cyber protection system that takes the best of all the many innovative, cutting edge network agents and sensors, and harnesses them to counter the myriad of opportunities that cyber criminals now have at their disposal.

Proteus-Cyber's products and services can help you:

  • Perform enterprise wide online audits against any international standard and author your own questionnaires for internal and external audit
  • Define a test for every control you implement
  • Use your existing security systems to improve your Situational Awareness
  • Audit your external suppliers against the standards or best practice you expect of your own business
  • Perform focussed Security Awareness Training and create a security culture within your business
  • Create extensive security reports for the Board
  • Alert to emerging risks in real time, using dashboards
  • Actively monitor your network for abnormal behaviour by performing “Deep Packet Inspections” and support forensic investigations of malicious activity
  • Perform Network Discovery against your known inventory. Identify and neutralise unmanaged assets
  • Model your Business Processes and quantify their regulatory and financial impact to the business
  • Perform Risk Assessments on all assets and facilities key to your business’s future success
  • Supports real time Business Continuity planning
Request a demo
GDPR dashboard 1
GDPR dashboard 2
GDPR dashboard 3

Over 40+ international standards
with full authoring capability

ISO 27001:2013, PCI DSS v3, Cobit V5, BS2599, Cyber Essentials, ITIL, ISO 20000, ISO 22301, Data Protection, HIPPA, plus many others

Fast implementation

Proteus®GRCyber™ can be installed in a matter of days. Training is typically 5 days and clients can perform their first compliance audits within weeks.

Dashboard and Reporting

We provide all the reports your auditor would expect as standard. In addition we deliver the Proteus®GRCyber™ report and dashboard designer, which allows clients to create their own reports with an easy to use drag and drop interface.

GDPR dashboard perspective

Fully scalable

Proteus®GRCyber™ is enterprise scalable, for example one of our customers implemented over 1,000 sites across 170 countries. Another has 57,000 staff spread across 25 countries.

Security Awareness Training

A recent PWC report states "70% of security breaches can be traced back to staff with a poor understanding of security policies. Proteus®GRCyber' integrated eLearning package can educate your staff with focussed security awareness training.

Latest Security News

Here's the latest security news from around the internet

Retweeted Graham Cluley (@gcluley): Ex-Equifax exec charged with insider trading after selling $1 million worth of stock before data breach disclosure

2018-03-16 19:10

#CBR Online #GDPR checklist: New survey shows 3/4 of respondents say government explanations inadequate. @Proteus_Cyber we can get you #GDPReady quickly and efficiently. Contact us now for a demo and more info.

2018-03-14 16:37

Public sector organisations are ill prepared for #GDPR, taking significantly longer than stipulated by the #GDPR to respond to requests from individuals about the information held about them. Get #GDPReady now with @Proteus_Cyber

2018-03-14 13:11

The Investigatory Powers Tribunal has claimed the Government unlawfully delegated powers to GCHQ to order phone and internet companies to hand over sensitive data on the public. #datasecurity #infosec

2018-03-14 12:48

The UK is leading global improvements in #security maturity

2018-03-14 12:41

#Yahoo agrees $80mn securities class action settlement relating to #databreaches affeting 3 billion customers

2018-03-14 12:37

Healthcare #cyberattacks have doubled in the last year as #cybercriminals are becoming more clever with attacks. #cybersecurity #datasecurity #healthcare #security

2018-03-14 11:49

#ICO has launched a new #GDPR awareness campaign aimed at micro-businesses. Get #GDPReady now with @Proteus_Cyber #datasecurity #GDPRcompliance

2018-03-14 11:25

LinkedIn has updated its terms of service and will become #compliant with the #GDPR in May. Contact @Proteus_Cyber now to get your business #GDPR compliant. Our comprehensive s/w tool with personal data listener will get your business #GDPReady quickly

2018-03-14 11:14

Over 350,000 Florida Virtual School students have been hit by an almost 2 year #databreach, with over 2,000 teachers also affected. The information leaked could be used for identity theft as well as follow-on #phishing and other social engineering attacks.

2018-03-14 11:05

#AppleMac computers are traditionally considered to be less vulnerable to cyber attacks, but malware targeting their operating systems is on the rise, with attacks more than doubling in 2017. #cybersecurity #datasecurity

2018-03-14 10:55

A recent survey suggests most IT decision makers are critical of the Government for failing to educate organisations about #GDPR and its implications. Contact us now to get your business #GDPReady with our comprehensive s/w tool @Proteus_Cyber

2018-03-14 10:17

Latest Press Releases

Proteus-Cyber Launches First comprehensive software toolkit for GDPR

Proteus-Cyber Ltd, specialists in Integrated Risk Management software, are excited to release Proteus®GDPReady™. They believe this to be the first GDPR software toolkit on the market that fully supports the GDPR process and helps DPOs to get and keep their organisations GDPR compliant.

Link to article

More and more extra great features

Proteus®GRCyber™ is the most comprehensive integrated Governance, Risk and Compliance product on the market.

Connect to anything

Integrated GRC

Proteus®GRCyber™ allows you to integrate your existing cyber security systems into a single, integrated, web based, multi-agent cyber protection system. With this capability you can systematically and regularly test each and every control applicable to your business.

What you have

Network Discovery

We collect every IP packet your network produces. With this information we can build a network chart of your infrastructure and highlight insecure or unmanaged assets. Additionally, you can use our relationship browser to view the modelling of business processes to assets, controls, documentation and incidents.

Delegation and Workflow

Enterprise Compliance

In the multi-user versions of our product you can link to your active directory and delegate controls around the organisation so that each control is answered by the person responsible for it. This process is more time efficient and accurate in collecting responses, policies and procedures.

Local Standards

Authoring your own standards

You can author your own standards into our compliance engine. These can be bespoke standards or your implementation of an international standard. Furthermore, you can model the relationships between your controls and your ISMS.


Please contact one of our country partners to find out more about or to purchase Proteus®GRCyber™

Our Team

With many years of experience in the business, our team knows how to support our customers

GDPR executive Chris Greenslade

Chris Greenslade

Chris is the Sales Director, founding partner and owner of Proteus-Cyber Ltd. Passionate about customer satisfaction, Chris would like to discuss with you how Proteus®GRCyber™ could help your business become secure and more profitable.

GDPR executive John Clelland

John Clelland

John is the Managing Director, founding partner and owner of Proteus-Cyber Ltd. He is an expert in encryption and security systems with over 25 years’ experience architecting specialist IT systems.

GDPR executive Craig Mason

Craig Mason

Craig is the Proteus®GRCyber™ software architect, founding partner and owner. His knowledge of cross-platform architectures and large scale web-based applications has particular relevance to the Proteus®GRCyber™ development program he has led.

Contact Us

If you would like to know more about Proteus-Cyber and our services please feel free to contact us:
Proteus-Cyber Ltd.
Registered in the UK and Wales 07239733.
VAT registered GB 991 1452 13
20-22 Wenlock Road
N1 7GU
United Kingdom
P: +44 (0)208 123 7708
© 2017 Proteus-Cyber Limited
‘Proteus’ is a registered trademark. All rights reserved.

Proteus-Cyber is passionate about helping companies use their existing infrastructure in conjunction with Proteus®GRCyber™ to create a single, integrated, web based, multi-agent cyber protection system to secure their businesses in the current climate of insecurity. or follow us on social platform

GDPR zoomcharts

© 2017 Proteus-Cyber Ltd.