About Secrutiny

Secrutiny was founded by an experienced team that has built and sold numerous IT and security practises over the past 25 years. Each successive venture has been targeted with doing something progressive in a continuously changing environment.

As such, we became fascinated by the industry ‘threat-mania’ that has driven huge cycles of product development and enterprise adoption in the hunt for ‘perfect’ protection. It quickly became obvious that the hype of annual additions to the layers of the security onion was not sustainable.

The waves of publicised, high-profile breaches demonstrated that organisations cannot spend their way out of trouble or risk; even those with heavy cyber investment in protection and detection technologies fall foul to breaches on a daily basis.

To truly secure an organisation, visibility is essential; it enables recognition of anomalies and the potential risk the anomalies may pose. Visibility will inevitably reduce risk, whether it’s a case of noncompliance, bad practice, malware, misuse/insider or commodity/targeted attack.

On further investigation, it emerged that current buying behaviour is based on perceived threat, rather than actual business risk. If we could develop a technology, process and approach to determining risk, organisations could move spend to a fact-based model.

So, we developed a range of professional and managed services to help organisations focus cyber security efforts and resource on quantified, factual information rather than the wider ‘threat-mania’ industry view.

What we do

Cyber Risk Audit

Provides valuable insight into the IT operational risks relevant to the specific organisation. Learn More.

Patrol Managed Services

Provides protection, detection & control capabilities for both operational and technical cyber risks. Learn More.

Incident Response

By understanding the root cause of breaches, Secrutiny’s Incident Handlers focus Forensic Investigation on Hosts of Interest, providing quicker, more effective Incident Response results. Learn More.


Sometimes a risk cannot be mitigated with hygiene and good practice alone. When augmentation with product is required, the 5DIMENSIONS process helps businesses select solutions that provide the best fit functionally, operationally and commercially. Learn More.

Management Team

Simon Crumplin - Secrutiny Founder & CEO

Simon Crumplin
Founder & CEO

Simon has over 20 years’ experience in the cyber-security marketplace; having previously built, and successfully sold, two managed service security companies.

Just over two years ago, Simon launched Secrutiny. An organisation that is focused on becoming customers ‘Trusted Advisor’ by introducing helping organisations focus cyber security efforts and resource on quantified, factual information rather than the wider industry view.

Connect with Simon Crumplin

Ian Morris - Founder & Board Member

Ian Morris
Founder & Board Member

Ian is widely recognised as a specialist in ‘what next’ in cyber, with extensive knowledge of Silicon Valley and Tel Aviv startup communities.

His businesses have pioneered next-generational approaches and as such, have been the UK launch pad and channel for vendors such as 3Com, Ascend, Juniper, Netscreen, Neoteris, Fortinet, Juniper, Palo Alto, and FireEye. Ian’s third startup, VADition, now represents the largest global division of Exclusive Networks.

Connect with Ian Morris

Shane Shook - Principal Advisor to Secrutiny Board

Shane Shook
Principal Advisor to the Board

Shane has more than 30 years of information technology and risk management experience, including expert witness testimony information security, information management, and breach investigation forensics.

For more than 15 years, he served global Fortune 500 customers as a trusted advisor. This work has included industry-use technology, outsource IT advisory negotiation and dispute analysis, as well as data security, privacy and modelling.

Connect with Shane Shook 

What our customers say


Traditional Audits are based on paper exercises that give a generic view of risk based on the policy, process and controls in place. Secrutiny on the other hand, have been able to show exactly what is going on in my estate by developing a Cyber Audit that gives a comprehensive view of data loss and sabotage, network and user anomalies and comprehensive insights to installed software and hardware build and configuration.

Over nearly 30 years in Information Security, Secrutiny’s Cyber Risk Audit has given the most meaningful results by far.

Head of Information Security, Leading UK Construction Group



In 2017, we undertook Secrutiny’s Cyber Risk Audit to inform compliance issues, policy violation by privilege users, misuse of services, policy and system administration violations.

The results have provided insight into risks that we were not aware of and will be used to make informed decisions that embed security by design according to IT operations.

Information Security Manager, Prominent Investment Management Firm


Secrutiny Blog

Secrutiny Advisory: New Scams Alert

The text message, under the alias Tesco, is targeting victims by using their name and car registration plates to ultimately cause damage and steal confidential information.

Microsoft Exchange Vulnerability Could Allow for Privilege Escalation

Thanks to a Microsoft Exchange vulnerability anyone with access to your mailbox could raise their rights and become a Domain Administrator.

Free Security Tool: Has Your Account Been Compromised? Ask, Have I Been Pwned?

Nearly 800 million email adressesses and passwords have been stolen from a series of breaches from websites around the internet.

Making Staff An Effective Part of Your Cyber Defence

Get your hands on a free CybSafe Demo and discover how its intelligent software can help your organisation improve employees’ cyber security behaviour.

Cyber Insurance Perhaps Isn’t the Answer

Mondelez is suing Zurich for $100 million after the insurance company rejected claim following 2017 NotPetya ransomware attack citing an exclusion clause. We take a look at what this signals for the cyber insurance market.

Microsoft Exchange Server Vulnerable to Exploit from a Simple Email

Microsoft announces two particularly dangerous vulnerabilities, which could allow attackers to take control of your Exchange server.