Xpertex – Who are we?


Formed in 2006, we have grown year-on-year because the working relationships we form are valued and lasting. We have built our company through a reputation for high quality delivery and the right application of deep subject matter expertise.

Xpertex has experience in the physical, human and cyber security domains and we build long term, meaningful relationships in a particularly dynamic sector. At Xpertex we bring together a wealth of experience from the military, defence and intelligence organisations to field a team of leaders in the industry. Our combined experience over a broad range of government and commercial projects allows us to find innovative and cost-effective solutions to your challenges. Xpertex provide Cyber risk management advice to UK Government and private sector clients in complex, sensitive markets.

With our knowledge and experience from public and private sector engagements and global reach, Xpertex are able to help businesses identify, assess, treat and respond to the threat landscape that they face.


We are driven by creating opportunity in human factor cyber security, remaining vendor and technology agnostic and taking clients on a journey to more than just compliance to enable a more efficient, self-aware and competitive organisation.

Learning about the impact and what you can do to make your organisation more resistant is key to safeguarding brand, reputation and customer information. We provide companies with peace of mind that their most critical systems and services are protected, available and operating as they should be at all times.


Information Security & Assurance forms the cornerstone of any Xpertex undertaking. Using international and industry specific standards we help organisations assess, present and treat risk to their assets from sensitive customer data to PCI DSS financial data. We help companies implement robust information risk management controls, document sets and processes to permanently reduce risk and help promote efficient management of sensitive corporate information, highlighting vulnerabilities to ensure they are adequately protected against potential threats. We use threat intelligence led mitigations and modelling to ensure that remediation plans are representative and targeted at protecting our clients from the real and not generic threat.


Threats to our information and security are more prevalent than they ever have been. Systems are regularly under attack, from bulk XML-RPC to targeted web application and infrastructure attacks and denial of service. Most organisations are unaware of the extent of attacks to their system and face a challenge in understanding risks to internal and external systems. Xpertex specialise in understanding risks to systems, people, and process by carrying out detailed vulnerability assessments early on in our engagement with the customer. The product of our vulnerability analysis is used to seamlessly integrate a treatment plan with our customers’ existing risk methodology. With regular vulnerability analysis across the customer’s estate and using our treatment plan we can demonstrate risk reduction in numerical terms which translate directly to cost saving.


Xpertex operate a holistic due diligence service, supporting clients in defence, retail and the financial sector. Complementary to traditional financial due diligence, our services emphasises the individuals behind an organisation, executives and persons with significant control. Xpertex’ services have a global footprint, able to conduct both virtual and ‘on the ground’ due diligence in developed and developing regions. Limiting the unknown in any M&A activity is crucial to invest support. Xpertex investigations can provide the human factor knowledge that can prove decisive.


Our social engineering professionals are highly experienced practitioners in influence campaigns delivered across multiple channels. Experienced in government, military and commercial sectors, our credentials are unrivalled. Xpertex’ approach to addressing the risk of social engineering attack is not just technical, it’s holistic and considers the human vulnerabilities/vectors employed by skilled actors. Business email compromise (BEC) scams cost organizations $676 million in 2017. Engendering a culture of openness whilst empowering employees to employ counter and develop countermeasures will significantly reduce the disruption and loss incurred as the result of a social engineering attack.

OSINT, Incident Management & Response

We provide discreet Open Source Intelligence collection and product for a broad range of uses and in collaboration with on the ground surveillance and collection assets. Providing a response to information breach and supporting clients to deliver effective containment of incidents.


Using the ISO 27000 and 28000 series of standards, as well as guiding clients through Cyber Essentials and Cyber Essentials Plus, Xpertex helps its customers to assess, identify and treat threats to their operations and business. We engage at an executive level with our customers and maintain that education is a key deliverable at every stage of our projects. We turn conventional cyber security on its head and begin assessment of the organisations people primarily then assessing process and finally helping our customers find technology that supports the behaviour, character and process of their business.


Related articles