
ASSESS. INVEST. PROTECT.™
Navigating Hidden Cyber Risk
Expertise
Third Party Cyber Security (TPCS) are experts in protecting your internal rate of return from hidden cyber risks. We are your cyber growth partners.
We help our clients uncover the hidden cyber risks and associated remediation costs for Mergers and Acquisitions, Non Operated Joint Ventures, Private Capital and Family Offices investments. We ensure that you can invest, partner or acquire, safe in the knowledge that your financial and business interests are protected from cyber risk.
How do we achieve this? Assess. Invest. Protect.
Protect.
Protect your internal rate of return (IRR) 365 days a year from cyber attack and for the duration of your investment. Ensure no costly exit fees.
Invest.
Invest and negotiate with confidence. Knowing that appropriate cyber clauses are in place across Shareholder Agreements and Sales and Purchase Agreements.
Assess.
We carry out rigorous cyber security pre deal due diligence to identify and assess cyber risks in portfolio companies, NOJV operators and acquisitions.
INFORM
Cyber Security
Due Diligence
Find out how we help identify, assess and manage cyber risks in your portfolio companies.
NOJV Cybersecurity
Hear how we ensure NOJV’s don’t slip through the net and allow cyber risks to impact your investment.
Cyber Security in Mergers and Acquisitions (M&A)
Find out how to manage cyber across the lifecycle of an M&A transaction.

results
Experience is everything.
We work with Private Capital firms to manage cyber risk that could degrade your initial investment, affect your internal rate of return, affect your business interests and make a successful exit costly.
$M’s
in Saved Cyber REmediation Costs
100%
Success Rate in identifying unknown cyber Risk
Who we are
Meet the team behind TPCS
Paul Boyce
CISM, ISO 27001 Lead Implementor, EU GCPR P
For the last 10 years Paul has worked extensively in the UK Financial Services market providing cyber security expertise to numerous clients and suppliers on cyber best practice. Paul specialises in third party supplier security assessments and risk.
When not helping clients, Paul enjoys spending time with his family, training in the gym and cooking healthy meals.
Kenny Boyce
CISSP, ISO 27001 Lead Auditor
With over 20 years in the industry Kenny has a wide cyber skill set gained working with some of the UK’s biggest organisations, covering sectors such as Government, Financial Services, Retail, Energy, Oil & Gas and Defence.
When not working you can find Kenny spending time with his family and participating in a variety of pastimes such as cycling and cross country running.
Graham Eida
MIET, CISSP, ISO 27001 Lead Auditor
Graham has over 30 years’ experience in cyber security and assurance. Graham is a leading industry expert in the UK Energy space and has worked across multiple clients. Graham has also provided cyber expertise to a wide range of UK government and commercial customers.
When not working Graham is keen on home improvements and automation using his electronics background. When time permits he is keen to build his own smart home from foundations to roof!
Services
What we offer
Cyber for Private Capital
We offer cyber security pre deal assurance to uncover hidden cyber risks in your target before you investment.
Cyber as a Service (CaaS)
Our cyber as a service provides a range of cyber services to protect you and your portfolio companies 365 days a year.
vCISO
Our Virtual Chief Information Security Officer service allows our clients to lean on almost 50 years of cyber security expertise, either as an ongoing service or an ad-hoc basis.
Personal Cyber Intelligence Report (PCIR)
C-Suite members, Executives and VIP’s are now seen as highly prized cyber targets. Senior leaders in any business hold significant influence and have access to highly confidential business information.
Certifications
ISO Certifications
We are currently certified to ISO 27001 (Information Security) and ISO 9001 (Quality).
Questions + Answers
FAQ
The common questions about cyber security - answered!
Because we’re experts in cyber security, people from all sectors of business ask us questions. We’ve assembled those we get asked most frequently below and answered them. If they don’t cover what you’re looking for, please do not hesitate to get in touch.
-
All organisations carrying out capital investments and mergers and acquisitions need to understand the cyber risk that the deal presents to their interests. Cyber risk can manifest in many forms. Unrecognised exposure can lead to a cyber security incident in the target thereby reducing the value of your investment, or it can lead to cyber risks spreading into your organisation from a recent acquisition. It's key that these risks are understood at the appropriate stage of the deal lifecycle.
-
Here at TPCS we understand that investment opportunities can present themselves quickly, with informed business decisions needed at pace. Our service can be stood up within hours of being notified. This responsiveness allows internal employees involved in cybersecurity BAU activities, to remain focused on protecting the organisation, safe in the knowledge that industry cyber experts are managing new business risks.
-
One of the first and most important activities is to understand the deal being proposed and the implications for our clients. Once we understand the deal, TPCS carry out some of the following activities, OSINT reviews, contractual language reviews, baseline cyber questionnaires, dynamic cyber questions arising from target meetings and workshops, digital profiling of the target, dark web reports, perimeter vulnerability assessments, digital reconnaissance and industry level cyber gap analysis.
-
TPCS are industry leaders in the identification, assessment and management of cyber security risks within M&A activities. This level of expertise has been gained whilst working with one of the world's biggest oil and gas companies where TPCS members of staff were fully embedded into the client to build a world class centre of excellence for cyber security risk management in new business.
-
This service can flex to our client's needs. TPCS can either be leveraged as an additional on demand resource when clients need us, or we can embed staff into our clients on a contract basis. Embedding staff enables us to provide cyber guidance and expertise across all areas of new business as our clients invest, divest, acquire and partner.

Contact