Cyber Security Consulting
End-to-end information security consulting for London and UK organisations. Intelligence-led. Board-ready. Operationally proven.
Arthur J Goldman Consultants is a London-based cyber security consultancy with over two decades of experience protecting FTSE 100 corporations, government agencies, financial institutions, and critical national infrastructure operators. Our founder holds advisory positions with the UK Financial Conduct Authority (FCA), National Cyber Security Centre (NCSC), and Lloyds of London — credentials that place us at the intersection of regulatory authority and operational delivery.
Whether you need a one-off penetration test, a comprehensive security transformation programme, or ongoing virtual CISO advisory, Arthur J Goldman provides the depth and breadth of expertise that complex, regulated London businesses demand.
Effective information security begins with understanding what you have, what matters most, and where the risks lie. Our information security management service delivers ISO 27001 gap assessments and implementation support, ISMS design and documentation, security policy and procedure development, Cyber Essentials and Cyber Essentials Plus certification support, and ongoing management system reviews. We work with your teams to embed information security as a business discipline, not just a compliance exercise.
Our penetration testing service provides a realistic, authorised simulation of the attacks your organisation faces from real adversaries. We conduct network and infrastructure penetration testing, web application and API penetration testing, social engineering and phishing simulations, red team exercises for mature security programmes, and cloud security assessments across AWS, Azure, and Google Cloud. All testing is conducted by experienced practitioners and followed by a comprehensive report with prioritised, actionable findings presented at both technical and board level.
When a security incident occurs, the speed and quality of your response determines the outcome. Arthur J Goldman provides retained and on-demand incident response services for London and UK organisations, covering initial containment and triage, digital forensics and evidence preservation, regulatory notification to the ICO, FCA, and other relevant bodies, stakeholder and board communication, and post-incident review and lessons learned. We also develop and test Incident Response Plans and conduct tabletop exercises, so your team is rehearsed and confident before a real event occurs.
UK organisations face an increasingly demanding regulatory landscape. Our compliance consulting practice helps organisations navigate GDPR and UK GDPR data protection obligations, FCA Operational Resilience and SYSC requirements, PRA cyber risk expectations, DORA for financial entities with EU operations, NIS Regulations for operators of essential services and digital service providers, and sector-specific frameworks across healthcare, insurance, and critical national infrastructure. We translate regulatory requirements into practical, proportionate controls that satisfy regulators without impeding business operations.
Security governance is the foundation upon which all effective security programmes are built. We help London organisations establish board-level security governance structures, cyber risk registers and appetite statements aligned to business objectives, security committee terms of reference and reporting frameworks, third-party and supply chain risk management programmes, and security KPIs and metrics dashboards for board and management reporting. Our governance advisory ensures that security decisions are made at the right level, with the right information, at the right time.
Our London location, regulatory relationships, and track record of delivering to the highest standards set us apart. We have held advisory positions at the most senior levels of UK cyber security governance, designed security programmes for FTSE 100 organisations and government agencies, and built a team of practitioners who bring real-world experience to every engagement. We communicate in plain language, work at pace, and deliver outcomes — not just reports.
London-based experts. Response within one business day. Confidential and no obligation.