Security that proves itself.
Malwise is an independent UK cyber security consultancy and licensed Cyber Essentials Certification Body. We test, certify, and advise. For businesses that need the real thing, not the appearance of it.
Michael Raisbeck
Cyber security consultant. Licensed Cyber Essentials assessor. Cyber Scheme Certified Tester.
Michael began his career in the British Army, serving in technical and leadership roles across a range of operational environments. After leaving the Army he worked for two private defence companies: first in a technical capacity, then as a manager responsible for cyber security, operational technology, information security, and governance.
That background covers the full span of what security actually involves in practice: hands-on technical work, operational delivery, and the governance and accountability layer that sits above it. It's a different starting point from most cyber security consultants, and it shapes how Malwise approaches engagements.
Malwise exists because that experience made certain things difficult to ignore: businesses sold compliance they didn't need, tools that replaced thinking, and junior delivery dressed up as senior expertise. The work here is done properly, for businesses that have genuine risk and would benefit from someone straightforwardly on their side.
Talk to Michael directly


Three things we hold to.
Security is operational, not theatrical.
A clean dashboard and a wall of green ticks are not the same thing as being secure. We test the things attackers test, find what they would find, and tell you in plain English what to do about it. The measure is whether the business is actually harder to breach, not whether the report looks impressive.
Compliance is a floor, not a ceiling.
Cyber Essentials is a genuinely useful baseline standard. It is not a security programme. We certify efficiently and honestly, then help you understand what comes next for your specific risk profile. The certificate should reflect what's actually in place, not just what you'd like to be true.
The person you meet does the work.
No bait-and-switch. The consultant you talk to in the scoping call is the consultant who does the assessment, the testing, and the report. This is a structural choice that limits growth rate. It's worth it. The alternative is work that suffers, and clients who notice.
UK businesses with real risk and real obligations.
Typically no dedicated in-house security function. Often under supply-chain or contractual pressure to get certified. Usually frustrated with advice shaped by someone else's interests.
Growing businesses facing compliance pressure
Supply-chain requirements, government contract pre-qualifications, cyber insurance renewals. Cyber Essentials is frequently the trigger. We handle certification directly and help build from there.
Microsoft 365 users who aren't sure if they're secure
Most UK businesses live in Microsoft 365. Most Microsoft 365 tenants have configuration gaps. We audit, harden, and verify, with no stake in the tools you're already running.
Businesses with IT support but no independent security input
Your IT provider is excellent at keeping things running. That's a different skill set from security testing. An independent audit tells you what the managed service provider can't tell you about themselves.
Scale-ups that have grown faster than their security posture
Fast growth tends to outpace security controls. The setup that worked at twelve people doesn't work at sixty. We do the gap analysis and remediation planning to close that distance before something goes wrong.
Independent. Fixed-price. Senior-led.
Every engagement is scoped up-front with a clear deliverable and a fixed price. No hourly billing, no scope creep, no surprises. Most work runs remotely. On-site is available where it adds real value, which is sometimes but not always.
We don't resell products. We don't have vendor relationships that shape what we recommend. If your existing tools are doing the job, we'll tell you. If they're not, we'll tell you that too, and point at the smallest change that fixes the biggest problem.
We're based in Salisbury, work regularly in London, and take on engagements across the UK. If location matters for your engagement, it's worth a conversation.