Total Business Coverage

Harness your existing security infrastructure into a single, integrated, web based, multi-agent cyber protection system.

GDPR architecture

Unified Risk Framework
Overlay software that elevates your existing security systems

Audit anything, unify your security systems, report on anything & match risk to business outcomes

GDPR framework

This shows the various modules that can be deployed and what Proteus®GRCyber™ addresses

Implement and test your controls

Compliance & Policy

Clients can choose from many international standard templates or author their own. Audits can be internal or external, ensuring that you, your suppliers and your vendors comply with best international practice.

Risk Assessment

Assessing risk is a key part of any security program. Uniquely, Proteus®GRCyber™ can assess threats by their operational, financial or regulatory impact and assign countermeasures to mitigate these threats. Likewise you can assess Confidentially, Integrity and Availability values.

Business Impact

By modelling your business processes, you understand how they relate to each other and interact with the underlying infrastructure and regulatory controls. With this approach you can better understand the financial, regulatory and operational impact of threats that arise within your business.

Security Awareness Training

Good security can only be achieved by creating a security culture within your staff. According to Gartner 70% of breaches can be traced back to bad practice. Proteus®GRCyber™ integrates online security courses to provide focussed security training where and when it’s needed.

Business Continuity

For every business process critical to your business you need an effective continuity plan. Proteus®GRCyber™ provides a simple process that can assess the effectiveness of your failover plans.


Visualising how a threat or breach affects the business is key to reacting in a timely fashion and may reduce fines and reputational damage. Riskview2™ allows you to view these relationships clearly and quickly, empowering you to make faster, better decisions.

  • Proteus®GRCyber™ addresses:
  • Overlooked basic security vulnerabilities
  • 3rd party exposures
  • Insider breaches
  • Poor threat prioritisation
  • Planned DDoS attacks
  • Not understanding impact
  • Granting unauthorised network access
  • Poor business decisions
  • Security-unaware staff
  • Espionage
  • Zero-day attacks
  • Badly configured networks
  • Inappropriate file transfers
  • Rule breach detection
  • Encrypted links
  • Out of hours logins
  • Poor password implementation
  • and more
Look for the unexpected

Staff Profiling

Some staff may not be suited to the positions they hold. Staff profiling helps avoid these pitfalls up front, reducing the likelihood of malicious behaviour.

Intelligence-Led Risk Management

Proteus®Analytics™ actively searches the Dark Web, Threat Intelligence feeds as well as news and social media to monitor for chatter about impending attacks. ‘Forewarned is forearmed’ allowing you to prepare better for an anticipated attack.

Network Traffic Surveillance System

NTSS collects every IP record your network produces and reconstructs them back into application logic independently of the applications that created them. This traffic can be monitored for unexpected behaviours and network activity (eg unauthorised devices).

Penetration & Vulnerability Testing

Securing the business as best you can on the inside is important, as is rigorously testing this security. Employing the best white hackers and products ensures you’re first to know about a security weakness or vulnerability and can fix it before anyone else finds it.

Log and Patch Management

A large percentage of breaches are due to poor patch management and could have been detected by examining the SIEM logs. Proteus®GRCyber™ collects, searches and alerts on these logs and scopes the impact before the breach occurs.

Incident, Project, Tasks, Email

When an incident occurs, a quick and effective response is essential. With Proteus®GRCyber™ you can quickly track incidents, create projects and teams, allocate tasks and attach critical information (eg. emails and documents) in order to neutralise the threat.

*NTSS requires hardware sizing based on the clients requirements for retention period and performance

Discover great features

Properly implemented, Proteus®GRCyber™ can protect you from 99% of the cyber threats you may face


Perfectly designed

Proteus-Cyber conceived the iGRC concept and secured major UK Government funding to extend their Proteus®GRCyber™ enterprise governance, risk and compliance application into a single, integrated, web based, multi-agent cyber protection system.

CSO's can now secure their assets via this single, real time cyber protection system that takes the best of all the many innovative, cutting edge network agents and sensors, and harnesses them to counter the myriad of opportunities that cyber criminals now have at their disposal.

Proteus-Cyber's products and services can help you:

  • Perform enterprise wide online audits against any international standard and author your own questionnaires for internal and external audit
  • Define a test for every control you implement
  • Use your existing security systems to improve your Situational Awareness
  • Audit your external suppliers against the standards or best practice you expect of your own business
  • Perform focussed Security Awareness Training and create a security culture within your business
  • Create extensive security reports for the Board
  • Alert to emerging risks in real time, using dashboards
  • Actively monitor your network for abnormal behaviour by performing “Deep Packet Inspections” and support forensic investigations of malicious activity
  • Perform Network Discovery against your known inventory. Identify and neutralise unmanaged assets
  • Model your Business Processes and quantify their regulatory and financial impact to the business
  • Perform Risk Assessments on all assets and facilities key to your business’s future success
  • Supports real time Business Continuity planning
Request a demo
GDPR dashboard 1
GDPR dashboard 2
GDPR dashboard 3

Over 40+ international standards
with full authoring capability

ISO 27001:2013, PCI DSS v3, Cobit V5, BS2599, Cyber Essentials, ITIL, ISO 20000, ISO 22301, Data Protection, HIPPA, plus many others

Fast implementation

Proteus®GRCyber™ can be installed in a matter of days. Training is typically 5 days and clients can perform their first compliance audits within weeks.

Dashboard and Reporting

We provide all the reports your auditor would expect as standard. In addition we deliver the Proteus®GRCyber™ report and dashboard designer, which allows clients to create their own reports with an easy to use drag and drop interface.

GDPR dashboard perspective

Fully scalable

Proteus®GRCyber™ is enterprise scalable, for example one of our customers implemented over 1,000 sites across 170 countries. Another has 57,000 staff spread across 25 countries.

Security Awareness Training

A recent PWC report states "70% of security breaches can be traced back to staff with a poor understanding of security policies. Proteus®GRCyber' integrated eLearning package can educate your staff with focussed security awareness training.

More and more extra great features

Proteus®GRCyber™ is the most comprehensive integrated Governance, Risk and Compliance product on the market.

Connect to anything

Integrated GRC

Proteus®GRCyber™ allows you to integrate your existing cyber security systems into a single, integrated, web based, multi-agent cyber protection system. With this capability you can systematically and regularly test each and every control applicable to your business.

What you have

Network Discovery

We collect every IP packet your network produces. With this information we can build a network chart of your infrastructure and highlight insecure or unmanaged assets. Additionally, you can use our relationship browser to view the modelling of business processes to assets, controls, documentation and incidents.

Delegation and Workflow

Enterprise Compliance

In the multi-user versions of our product you can link to your active directory and delegate controls around the organisation so that each control is answered by the person responsible for it. This process is more time efficient and accurate in collecting responses, policies and procedures.

Local Standards

Authoring your own standards

You can author your own standards into our compliance engine. These can be bespoke standards or your implementation of an international standard. Furthermore, you can model the relationships between your controls and your ISMS.