Company
We audited first. We built second.
Most security products are built by people who have never sat through the audits they claim to fix. CCI took the opposite road — and that road is our story.
Heritage
From practice to platform
2020 — Our auditors begin SWIFT CSP engagements and build RiskQ to run their own practice: contracts, scheduling, evidence, invoicing. Since then — hundreds of audits flow through it. EviGen follows, because evidence collection was eating our clients' weeks; it now returns 3 to 8 of them per engagement. 2025 — Cambridge Cyber International is founded to bring what survived practice to market. What you can buy from us is what we still use ourselves.
The pool
Complementary by design
CCI's consulting pool holds more than eight CISSP-certified practitioners — including architecture-grade certification held by only a handful in Europe — alongside CISM, CISA, CRISC and ISO 27001 Lead Auditor credentials. Their backgrounds were chosen not to overlap: central government and defence, Tier 1 banking, reinsurance, telecoms at national scale, logistics, pharmaceuticals. Whatever your sector, someone in the pool has operated in it — under the regulations you answer to.
We present capabilities rather than faces: our clients' engagements, and our people's privacy, both deserve it.
Regulatory depth
SWIFT CSCF · DORA · NIS 2 · FR/LPM · ISO/IEC 27001 · PCI-DSS · SOC 2 · NIST SP 800 · EBIOS · SecNumCloud — frameworks we audit against, build for, and in several cases helped clients pioneer.