Our software fully supports the GDPR process with Regulation (EU) 2016/679 articles built in, providing the DPO with a ready-made suite of tools to model business processes, define what sensitive data exists and where it is, and perform multi-phase Data Privacy Impact Assessments. Click here to read more


Proteus®GRCyber™ helps organisations protect against cyber threats. It prepares you from inside, verifies from outside and discovers attacks. It speaks your language at all levels, from lowly network up to board level, giving you both confidence and risk information aligned to your business objectives.


  • Integrated REGULATION (EU) 2016/679
  • EU-US. Privacy Shield
  • Binding Corporate Rules (BCR)
  • Automatic 'Article 30' reports
  • Internal GDPR audits
  • Vendor GDPR audits
  • Automated data listener
  • Full Subject Access Request handling
  • Integrates with Clients website branding
  • Privacy Impact Assessments
  • GDPR staff awareness training built-in
  • Full Breach notification workflow
  • Flexible reports
  • Data mapping and modeling

Get ready for General Data Protection Regulation (GDPR) with the No.1 software toolkit

    Comprehensive view of where Personal Identifiable Data resides in your organisation - Scored readiness evaluation and graphical illustration of compliance gaps - Roadmap for compliance with recommendations for immediate action - Insights to start building a robust data protection framework and inform your future technology choices - Helps meet the regulation requirements at a reduced cost, and potentially huge fines mitigated, not to mention reputational damage averted - Snapshot of legal landscape and your potential exposure - Easy, fast breach reporting - Vendor risk management for audits

Simple & comprehensive GDPR management

What is the fuss about?

Are you ready for it? The regulation comes into force in May 2018 and it’s going to be huge to borrow a trumped up term. The Regulation will increase the complexity of cyber security greatly. It’s a European Regulation, therefore legally binding, and will apply to most organisations worldwide that hold any personal data on any EU citizen. Brexit doesn’t change anything – we already know that the UK Government will implement the regulation. If you control or process data that includes the personal information of any EU citizen, then the regulation is likely to apply to your organisation. The exceptions are where organisations have an exemption – these apply in state security scenarios rather than for business size or purpose reasons. Outsourcing a process does not absolve you of responsibility for data you control.

Is GDPR the same as the Data Protection Act?

No. This is a considerable step up. The DPA was introduced before we had social media or digital business, and at a time when hacking was a computer geek’s hobby rather than a cyber criminal’s occupation. The term ‘identity theft’ didn’t exist and we didn’t live our lives online. GDPR goes well beyond data protection controls. It places data protection obligations on organisations supported by severe fines for failure (up to the greater of €20m or 4% of turnover) and mandatory data breach reporting. It gives consumers greater control over their data, including the right to correct it, to have it deleted or to withdraw consents previously given, all within relatively short timescales.

Will it be a problem for me?

This is quite possibly the biggest legislative change in any of our careers. Therefore, we would urge you to begin this process now. Most organisations with 250+ staff will need to appoint a Data Protection Officer. In order to meet the timelines of the regulation we would suggest early appointment of your DPO is critical so they can coordinate the overall plan of action.

The larger and more diverse the organisation, the more complex and challenging this activity becomes. And because risk is at the heart of the regulation (the standard mentions risk some 75 times) we believe that it is best managed by your risk management system. Proteus®GDPReady™ helps organisations become and remain compliant with the regulations, providing a roadmap for compliance with recommendations for immediate action.

Proteus-Cyber's Proteus®GDPReady™ software can help you:
  • Perform enterprise wide online audits against the
  • Integrated project plan to guide you through the process
  • Maintain a list of assets, what data is on them and levels of data protection
  • Model your business processes
  • Perform data privacy impact assessments (PIA)
  • Perform risk assessments against business processes with pre defined threats and vulnerabilities
  • Cross reference your documents and controls against your business processes
  • Draw your data flow diagrams for each business process
  • Report your levels of compliance against the regulation
  • Identify non compliances and manage them with project plans
  • Audit your outsourced functions and make sure those suppliers are protecting your data properly
  • Educate your staff with online privacy Awareness Training and create a security culture within your business
  • Vendor risk management for audits
GDPR dashboard perspective 1 GDPR dashboard perspective 2 GDPR dashboard perspective 3
What do I need to do? GDPR what to do

GDPR timeline GDPR timeline

Product Versions

Proteus®GDPReady™ software is hosted in the Cloud and provided on a SaaS (Software As A Service) basis. Proteus®GRCyber™ can be hosted in the Cloud or installed on the client's site, as required. Proteus®GDPReady™ is a subset of the Proteus®GRCyber™ application and is limited to the GDPR standard only. For a multi-standard system (ie GDPR and other standards, eg ISO27001, PCI, etc) please buy Proteus®GRCyber™. Proteus®GDPReady™ is ‘upward’ upgradable.

  • Proteus®GDPReady™ Enterprise
  • GDPR audit for unlimited sites and suppliers. Unlimited PIA's and dataflows.

  • POA / year
    All inclusive SaaS price
  • 5 GDPR admin users
  • Unlimited GDPR audit users
  • Unlimited BPs
  • Unlimited sites
  • unlimited online audits against the
  • Integrated project plan to guide you through the process
  • Privacy Impact Assessments (PIAs)
  • Privacy Data definition
  • Business process modelling
  • Data Privacy Risk assessment
  • Reporting
  • Project and task planning
  • Breach reporting
  • Privacy data flow diagramming
  • GDPR awareness training built in
  • Multilingual, including RTL, Arabic, Chinese, Japanese and all non-latin character sets.
  • Request a demo
  • Proteus®GRCyber™ Enterprise
  • For the Enterprise users and unlimited sites and usage.
  • Enterprise subscription
  • This version includes all the Proteus®GDPReady™ functionality with unlimited usage.
  • Unlimited admin users
  • Unlimited audit users
  • Unlimited sites
  • Unlimited audit templates, with over 40+ international standards to choose from, 27001:2013 included as standard
  • Unified risk framework included
  • Document policy templates included
  • Business process modelling
  • Risk assessment
  • Asset management
  • Business continuity
  • Works with your existing DRM applications
  • Automated control testing and real time risk alerts
  • Unlimited and customisable reporting and dashboarding
  • RiskView 2 - Graphical board level risk presentation
  • Project-task and incident management
  • Real time threat feeds
  • Vendor risk management
  • Customisable alerting and workflow
  • Easy setup and import functions
  • Unlimited customisable security awareness training included
  • Request a demo

Total Business Coverage
Digital Security Risk Management

Harness your existing security infrastructure into a single, integrated, web based, multi-agent cyber protection system.

GDPR architecture

Unified Risk Framework
Overlay software that elevates your existing security systems

Audit anything, unify your security systems, report on anything & match risk to business outcomes

GDPR framework

This shows the various modules that can be deployed and what Proteus®GRCyber™ addresses

Implement and test your controls

Compliance & Policy

Clients can choose from many international standard templates or author their own. Audits can be internal or external, ensuring that you, your suppliers and your vendors comply with best international practice.

Risk Assessment

Assessing risk is a key part of any security program. Uniquely, Proteus®GRCyber™ can assess threats by their operational, financial or regulatory impact and assign countermeasures to mitigate these threats. Likewise you can assess Confidentially, Integrity and Availability values.

Business Impact

By modelling your business processes, you understand how they relate to each other and interact with the underlying infrastructure and regulatory controls. With this approach you can better understand the financial, regulatory and operational impact of threats that arise within your business.

Security Awareness Training

Good security can only be achieved by creating a security culture within your staff. According to Gartner 70% of breaches can be traced back to bad practice. Proteus®GRCyber™ integrates online security courses to provide focussed security training where and when it’s needed.

Business Continuity

For every business process critical to your business you need an effective continuity plan. Proteus®GRCyber™ provides a simple process that can assess the effectiveness of your failover plans.


Visualising how a threat or breach affects the business is key to reacting in a timely fashion and may reduce fines and reputational damage. Riskview2™ allows you to view these relationships clearly and quickly, empowering you to make faster, better decisions.

  • Proteus®GRCyber™ addresses:
  • Overlooked basic security vulnerabilities
  • 3rd party exposures
  • Insider breaches
  • Poor threat prioritisation
  • Planned DDoS attacks
  • Not understanding impact
  • Granting unauthorised network access
  • Poor business decisions
  • Security-unaware staff
  • Espionage
  • Zero-day attacks
  • Badly configured networks
  • Inappropriate file transfers
  • Rule breach detection
  • Encrypted links
  • Out of hours logins
  • Poor password implementation
  • and more
Look for the unexpected

Staff Profiling

Some staff may not be suited to the positions they hold. Staff profiling helps avoid these pitfalls up front, reducing the likelihood of malicious behaviour.

Intelligence-Led Risk Management

Proteus®Analytics™ actively searches the Dark Web, Threat Intelligence feeds as well as news and social media to monitor for chatter about impending attacks. ‘Forewarned is forearmed’ allowing you to prepare better for an anticipated attack.

Network Traffic Surveillance System

NTSS collects every IP record your network produces and reconstructs them back into application logic independently of the applications that created them. This traffic can be monitored for unexpected behaviours and network activity (eg unauthorised devices).

Penetration & Vulnerability Testing

Securing the business as best you can on the inside is important, as is rigorously testing this security. Employing the best white hackers and products ensures you’re first to know about a security weakness or vulnerability and can fix it before anyone else finds it.

Log and Patch Management

A large percentage of breaches are due to poor patch management and could have been detected by examining the SIEM logs. Proteus®GRCyber™ collects, searches and alerts on these logs and scopes the impact before the breach occurs.

Incident, Project, Tasks, Email

When an incident occurs, a quick and effective response is essential. With Proteus®GRCyber™ you can quickly track incidents, create projects and teams, allocate tasks and attach critical information (eg. emails and documents) in order to neutralise the threat.

*NTSS requires hardware sizing based on the clients requirements for retention period and performance

Discover great features

Properly implemented, Proteus®GRCyber™ can protect you from 99% of the cyber threats you may face


Perfectly designed

Proteus-Cyber conceived the iGRC concept and secured major UK Government funding to extend their Proteus®GRCyber™ enterprise governance, risk and compliance application into a single, integrated, web based, multi-agent cyber protection system.

CSO's can now secure their assets via this single, real time cyber protection system that takes the best of all the many innovative, cutting edge network agents and sensors, and harnesses them to counter the myriad of opportunities that cyber criminals now have at their disposal.

Proteus-Cyber's products and services can help you:

  • Perform enterprise wide online audits against any international standard and author your own questionnaires for internal and external audit
  • Define a test for every control you implement
  • Use your existing security systems to improve your Situational Awareness
  • Audit your external suppliers against the standards or best practice you expect of your own business
  • Perform focussed Security Awareness Training and create a security culture within your business
  • Create extensive security reports for the Board
  • Alert to emerging risks in real time, using dashboards
  • Actively monitor your network for abnormal behaviour by performing “Deep Packet Inspections” and support forensic investigations of malicious activity
  • Perform Network Discovery against your known inventory. Identify and neutralise unmanaged assets
  • Model your Business Processes and quantify their regulatory and financial impact to the business
  • Perform Risk Assessments on all assets and facilities key to your business’s future success
  • Supports real time Business Continuity planning
Request a demo
GDPR dashboard 1
GDPR dashboard 2
GDPR dashboard 3

Over 40+ international standards
with full authoring capability

ISO 27001:2013, PCI DSS v3, Cobit V5, BS2599, Cyber Essentials, ITIL, ISO 20000, ISO 22301, Data Protection, HIPPA, plus many others

Fast implementation

Proteus®GRCyber™ can be installed in a matter of days. Training is typically 5 days and clients can perform their first compliance audits within weeks.

Dashboard and Reporting

We provide all the reports your auditor would expect as standard. In addition we deliver the Proteus®GRCyber™ report and dashboard designer, which allows clients to create their own reports with an easy to use drag and drop interface.

GDPR dashboard perspective

Fully scalable

Proteus®GRCyber™ is enterprise scalable, for example one of our customers implemented over 1,000 sites across 170 countries. Another has 57,000 staff spread across 25 countries.

Security Awareness Training

A recent PWC report states "70% of security breaches can be traced back to staff with a poor understanding of security policies. Proteus®GRCyber' integrated eLearning package can educate your staff with focussed security awareness training.

Latest Security News

Here's the latest security news from around the internet

Retweeted SC Media (@SCMagazine): HBO hacked again, this time on Facebook, Twitter

2017-08-20 12:59

TalkTalk scam victims move closer to class-action lawsuit

2017-08-20 12:56

#GDPR, rather an evolution than revolution. Proteus #GDPReady can help manage your #GDPR process @Proteus_Cyber

2017-08-20 12:54

Why you should appreciate #GDPR for the #cybersecurity opportunity it is. Get #GDPReady now with Proteus-Cyber Ltd

2017-08-20 12:52

UK businesses entirely unprepared for #cyber shock. #cybersecurity #datasecurity

2017-08-20 12:51

TalkTalk are fined £100k because it didn't have technical or organisational measures in place to keep personal data secure.

2017-08-18 19:32

Caution is advised with information #security surveys. The answers can be misleading, due to lack of honesty, leading to industry confusion.

2017-08-18 19:31

#Hackers have mounted a “brute force” cyber-attack on the Scottish parliament’s computer systems. #cyberattack

2017-08-18 19:29

The number of UK retailers experiencing #databreaches has doubled over the last year. #cybersecurity #datasecurity

2017-08-18 19:28

Gartner says #GDPR and market boom has sent IT security spending soaring. Get #GDPReady now with Proteus-Cyber Ltd

2017-08-18 19:28

BEWARE Is that email from your solicitor? Or is a fraudster after a deposit you won't get back?

2017-08-18 19:26

5 essential steps to #GDPR survival. Proteus GDPReady can help right now by managing this process from end to end.

2017-08-18 19:24

Latest Press Releases

Proteus-Cyber Launches First comprehensive software toolkit for GDPR

Proteus-Cyber Ltd, specialists in Integrated Risk Management software, are excited to release Proteus®GDPReady™. They believe this to be the first GDPR software toolkit on the market that fully supports the GDPR process and helps DPOs to get and keep their organisations GDPR compliant.

Link to article

More and more extra great features

Proteus®GRCyber™ is the most comprehensive integrated Governance, Risk and Compliance product on the market.

Connect to anything

Integrated GRC

Proteus®GRCyber™ allows you to integrate your existing cyber security systems into a single, integrated, web based, multi-agent cyber protection system. With this capability you can systematically and regularly test each and every control applicable to your business.

What you have

Network Discovery

We collect every IP packet your network produces. With this information we can build a network chart of your infrastructure and highlight insecure or unmanaged assets. Additionally, you can use our relationship browser to view the modelling of business processes to assets, controls, documentation and incidents.

Delegation and Workflow

Enterprise Compliance

In the multi-user versions of our product you can link to your active directory and delegate controls around the organisation so that each control is answered by the person responsible for it. This process is more time efficient and accurate in collecting responses, policies and procedures.

Local Standards

Authoring your own standards

You can author your own standards into our compliance engine. These can be bespoke standards or your implementation of an international standard. Furthermore, you can model the relationships between your controls and your ISMS.


Please contact one of our country partners to find out more about or to purchase Proteus®GRCyber™

Our Team

With many years of experience in the business, our team knows how to support our customers

GDPR executive Chris Greenslade

Chris Greenslade

Chris is the Sales Director, founding partner and owner of Proteus-Cyber Ltd. Passionate about customer satisfaction, Chris would like to discuss with you how Proteus®GRCyber™ could help your business become secure and more profitable.

GDPR executive John Clelland

John Clelland

John is the Managing Director, founding partner and owner of Proteus-Cyber Ltd. He is an expert in encryption and security systems with over 25 years’ experience architecting specialist IT systems.

GDPR executive Craig Mason

Craig Mason

Craig is the Proteus®GRCyber™ software architect, founding partner and owner. His knowledge of cross-platform architectures and large scale web-based applications has particular relevance to the Proteus®GRCyber™ development program he has led.

Contact Us

If you would like to know more about Proteus-Cyber and our services please feel free to contact us:
Proteus-Cyber Ltd.
Registered in the UK and Wales 07239733.
VAT registered GB 991 1452 13
20-22 Wenlock Road
N1 7GU
United Kingdom
P: +44 (0)208 123 7708
© 2017 Proteus-Cyber Limited
‘Proteus’ is a registered trademark. All rights reserved.

Proteus-Cyber is passionate about helping companies use their existing infrastructure in conjunction with Proteus®GRCyber™ to create a single, integrated, web based, multi-agent cyber protection system to secure their businesses in the current climate of insecurity. or follow us on social platform

GDPR zoomcharts

© 2017 Proteus-Cyber Ltd.