FAQs

We build lasting relationships through exceptional service and trusted expertise. Our high customer retention rate reflects our commitment to helping and supporting our clients every step of the way. We deliver managed services through our own vSOC Connect Console, combining our managed services with technical excellence to provide outstanding value, visibility, and long-term partnership.

The vSOC Connect Console is your central hub for managing all cyber security activity in one place. It allows you to oversee projects, allocate tasks, and track progress across every service. The platform brings together internal performance data and third-party metrics, such as penetration testing results, to give stakeholders a clear, real-time view of where you stand and what actions are needed next.

We work with organisations that want to better understand their current security position and gain external verification of their defences. Many have capable IT teams but lack dedicated security specialists. In a landscape where threats are constantly evolving, we help them make the most of what they have, close critical gaps, and gain the reassurance that their “doors and windows” are properly secured.

Absolutely. While we prioritise our clients’ privacy and security, we’re happy to arrange a direct conversation between you and one of our existing customers. Just get in touch to set up a call.

Our team is made up of subject matter experts with extensive hands-on experience and a wide range of industry-recognised certifications. Unlike IT-focused providers, everything we do is centred on security. We’re not a compliance organisation - we bridge the gap between technical detail and practical security, ensuring every decision supports a stronger, more resilient posture.

The vSOC Connect Console is our centralised cyber security platform that provides full visibility, control, and actionable insights across all your managed services. It acts as your organisation's cyber security command centre.

Access is provided as part of your managed services with Data Connect. To get started, book a demo or speak to one of our experts to explore how the platform console can support your organisation.

You can access the full suite of vSOC managed services via the console, including: vSOC Assure (Cyber Risk Management) vSOC CERT (Cyber Essentials Review Toolkit) vSOC Recon (Vulnerability Management) vSOC Manage (Managed Firewall) vSOC Alert (Managed Detection & Response) vSOC Aware (Security Awareness Training)

The console provides interactive tools such as heatmaps, Gantt charts, maturity matrices, and risk dashboards to help you track and manage your cyber risk. You can allocate tasks, contact support, and see exactly what needs to be done and when. As actions are completed, progress and maturity are reflected visually with a traffic light system while our technical team reviews and adjusts scores to ensure ongoing accuracy and improvement.

Yes. The console is designed with all stakeholders in mind, offering an intuitive, user-friendly interface and clear reporting dashboards ideal for both technical and executive-level users.

The vSOC Connect Console empowers boards with clear, visual insight into cyber maturity, progress, and investment impact. Through benchmarking, heatmaps, and Gantt charts, it shows exactly where resources are being directed and what progress is being made. Executives can access board-ready reports at any time, while all users have ongoing support available directly through the portal.

Absolutely. You can tailor your dashboard view to focus on the metrics that matter most to you, enabling more efficient prioritisation and quicker access to key insights.

The vSOC Connect Console is your central hub for managing all cyber security activity in one place. It allows you to oversee projects, allocate tasks, and track progress across every service. The platform brings together internal performance data and third-party metrics, such as penetration testing results, to give stakeholders a clear, real-time view of where you stand and what actions are needed next.

vSOC Assure is our structured cyber risk management service that helps identify, assess, and reduce your organisation’s risk exposure through strategic planning, expert technical support, and actionable insights via the vSOC Connect Console.

Both. vSOC Assure bridges the gap between C-Suite and IT, offering executive-level assurance and operational tools to ensure strategic alignment and measurable risk reduction across the organisation.

vSOC Assure aligns primarily with the globally recognised cyber security framework, CIS Critical Security Controls, providing a structured guide to ensure the right questions are asked and the right risks are identified. vSOC Assure also maps to several other well recognised frameworks. We then translate these frameworks to real-world actions, helping you understand, prioritise, and address cyber risk in a way that’s standards-based, scalable, and tailored to your industry.

The console provides interactive tools such as heatmaps, Gantt charts, maturity matrices, and risk dashboards to help you track and manage your cyber risk. You can allocate tasks, contact support, and see exactly what needs to be done and when. As actions are completed, progress and maturity are reflected visually with a traffic light system while our technical team reviews and adjusts scores to ensure ongoing accuracy and improvement.

Your roadmap includes SMART objectives, prioritised remediation steps, and clearly defined milestones - all mapped to your organisation’s risk profile and reviewed within the vSOC Connect Console.

You gain access to Data Connect's certified security professionals and subject matter experts, including a dedicated vCISO who acts as a conduit between your board and IT teams, translating technical risks into business language and strategic action. You’ll also receive support from our technical team, who provide clear guidance on when, where, and how to make improvements to your security posture.

We incorporate industry data to show how your cyber maturity stacks up against industry peers, helping contextualise your risk profile and highlight opportunities for competitive resilience.

Yes because Cyber Essentials is an internationally recognised standard. We have helped many international organisations achieve Cyber Essentials. In many cases, these businesses want certification to increase credibility within the UK market.

You can quickly and easily find the information through the Cyber Essentials Certificate Search if you’d like to check a Cyber Essentials or Cyber Essentials Plus certification. This useful tool can be found on the IASME website and can tell you your certification numbers, what’s included in scope and the date of certification because for many businesses they'll have two dates, one for Cyber Essentials and another for Cyber Essentials Plus. Better yet, you can use this tool to check on other organisations you may be working with right now or who you’re thinking about working with in the future, this will allow you to determine if the business has solid technical controls in place.

Time frames vary, but with tools like vSOC CERT, most organisations can achieve certification within a very short time, depending on the scope. The main reason for failing to achieve certification are vulnerabilities and the inability to identify and fix them. CERT has a tool to help with this, and ongoing monitoring ensures you stay compliant year-round.

Cyber Essentials and Cyber Essentials Plus certifications are valid for 12 months. Reassessment is required annually to maintain compliance. If aiming for Plus, it is mandated that you get this within 3 months of certifying for Cyber Essentials.

The five core controls are: Boundary Firewalls & Internet Gateways | Secure Configurations | Access Controls | Malware Protection | Security Updates However, due to the complexity and ever-evolving nature of the threat landscape, not all of the Cyber Essentials requirements fit neatly into these five controls. The reason for this is the scheme's aim being to keep organisations protected against the most common cyber attacks, which can only be achieved if the NCSC and IASME regularly revise the criteria as a defence against emerging threats.

The Cyber Essentials Plus audit is an independent verification of the controls to which you will attest to within the Cyber Essentials questionnaire. The auditor will run technical tests on a sample set of devices and the end users for these devices must be present. So long as the Cyber Essentials questionnaire has been answered correctly, your organisation should be able to pass the Cyber Essentials Plus standard.

A Cyber Advisor is a specialist who offers advice and assistance to organisations aiming for the Cyber Essentials certification. They assist organisations in understanding the certification process, evaluating their existing security protocols, and establishing the required safeguards to fulfil the certification criteria. To become a Cyber Advisor, a person needs to meet a strict criteria themselves and pass tests proving their expertise. Plus, they have to work for a company who is accredited as an Assured Service Provider. Due to the rigorous testing, the advisors have thorough knowledge of cyber security best practices and can customise their advice to address the unique needs and challenges of each organisation. Advisors collaborate closely with organisations to pinpoint vulnerabilities, formulate a plan to achieve the certification and work with you throughout the implementation stage to ensure your business is meeting the Cyber Essentials framework. Data Connect are proud to be an Assured Service Provider and have Cyber Advisors on hand to help organisations with the certification process.

Yes. The vSOC Connect Console provides compliance-focused dashboards and reporting for standards like Cyber Essentials, ISO 27001 and PCI DSS. It also highlights high-risk vulnerabilities that could result in compliance failure, helping you address them before audits or assessments.

Absolutely. Our agent-based technology allows continuous monitoring of devices even when they’re off-network. This is essential for hybrid and remote workforces, ensuring that no device falls outside your security perimeter.

Many tools just report vulnerabilities based on CVSS scores; vSOC Recon also considers exploitability, asset criticality and business impact to prioritise remediation efforts. vSOC Recon combines real-world threat intelligence, SOC analyst support, and strategic guidance to turn results into meaningful actions.

Point-in-time scanning (e.g. monthly or quarterly) can leave you exposed between scans. vSOC Recon delivers real-time scanning and reporting, helping you reduce exposure windows and stay ahead of evolving threats.

Unlike generic awareness tools, vSOC Aware is a fully managed service delivered by experienced cyber security professionals. We tailor each programme to your organisation’s risk profile, incorporate real-world simulations, and provide campaign insights that drive measurable behaviour change.

We recommend running training throughout the year, reinforced with regular phishing simulations and relevant content. Our team helps you define a sustainable cadence that aligns with your risk profile and organisational culture.

A strong security awareness programme needs to teach you how to spot threats like phishing and social engineering. It builds awareness, safe habits, and empowers you to act as a human firewall, protecting both company and personal data. As a minimum, training should include password security, GDPR, clean desk policies, oversharing of personal information, information security and computer accessibility.

Our simulations reflect real-world attack vectors - including credential harvesting, malicious attachments, QR code scams, and spear phishing. These exercises are designed to mimic modern threats, helping your team identify and report suspicious activity with confidence.

We use a wide range of formats - including videos, quizzes, games, posters, and newsletters - to keep content fresh and accessible. Training is gamified and aligned to current threats to ensure ongoing engagement and long-term knowledge retention.

Yes. The vSOC Connect Console provides data on user engagement and performance. You can identify which users are excelling, who needs further training, and where to focus remediation for maximum impact.

What can happen if your organisation is targeted by a cyber attack? Cyber attacks can result in a wide range of consequences, including: Malware and ransomware infections - Data breaches and loss of personal or customer information - Supply chain compromises - System sabotage or operational disruption - Theft of intellectual property or funds - Reputational damage and loss of customer trust. Training staff to recognise early warning signs helps prevent these outcomes and builds a proactive line of defence.

CREST accreditation ensures our testers operate to the highest standards of skill, ethics, and methodology, giving you confidence in the reliability of findings and compliance with audit, regulatory, and supply chain requirements.

By addressing basic security controls first, you reduce easy wins and allow testers to focus on deeper, more complex vulnerabilities—unlocking the greatest insight and strengthening your overall security posture.

Our approach goes further than finding flaws. Combined with vSOC Assure, it provides strategic actionable insights, strengthens processes, and guides ongoing improvements across your IT environment.

Yes. We assess networks, applications, cloud infrastructure, APIs, physical premises, and staff awareness through red teaming, social engineering, and advanced breach simulations—providing a complete view of your attack surface.

Yes. You can optionally add vSOC Alert, our MDR service powered by Google SecOps, directly into your firewall management plan. This delivers deeper threat detection across your network.

Our team provides regular monitoring, we detect problems proactively and respond swiftly to minimise risk and downtime. We are proud to have an average response time for support requests of under 25 minutes via the vSOC Connect Console.

In a co‑managed model, you retain some in-house control over your firewall, while we provide expert oversight, updates, and support. Our team of experts delegates everything; configuration, patching, monitoring, and incident response to our certified team, providing a turnkey solution.

We integrate with 600+ connectors including Google Cloud, AWS, Azure, Microsoft 365, Azure, Okta, CrowdStrike, Palo Alto Networks and Cisco.

Our SOC is based in the UK, where it's closest to our customers.

Initial setup is quick and Data Connect will help support customers in onboarding log sources, rule tuning typically then takes 2–4 weeks.

Typically a physical or virtual forwarder will be deployed onsite to collect and forward logs into SecOps. Cloud-to-cloud API pulls are also widely available for various cloud applications. SecOps provides flexible, secure paths to get every event into the platform without opening inbound firewall ports or deploying heavy agents.

They are retained for a standard period of 12 months in fully searchable hot storage, ensuring fast access and immediate availability for queries, audits, or operational needs throughout that time.

New rules can be run against all data within the platform, enabling searches for newly identified IOCs across retained data (up to 12 months).