Ransomware targeting Welsh SMEs up 34% YoY | 91% of UK breaches start with phishing email | Average UK SME breach cost: £3,230 (NCSC 2024) | Cyber Essentials reduces breach risk by 80% | Dark web credentials for sale from Welsh businesses detected weekly | ICO fines for GDPR breaches increasing — average £120k in 2024 | Ransomware targeting Welsh SMEs up 34% YoY | 91% of UK breaches start with phishing email | Average UK SME breach cost: £3,230 (NCSC 2024) | Cyber Essentials reduces breach risk by 80% | Dark web credentials for sale from Welsh businesses detected weekly | ICO fines for GDPR breaches increasing — average £120k in 2024 |
Home Cybersecurity
Cybersecurity Services

Threats Are
Real. So Is
Our Response.

Amddiffyn eich busnes — Protecting your business

Welsh businesses are being targeted every day. Ransomware, phishing, credential theft, and supply chain attacks don't discriminate by size. OrenTech delivers enterprise-grade cybersecurity — powered by Cynet XDR and a 24/7 SOC — built specifically for South Wales businesses who can't afford a breach.

Get a Free Security Assessment See How It Works ↓
312+
Threats Blocked This Month
24/7
SOC Monitoring
<15m
Threat Response Time
ORENTECH SOC · LIVE FEED
--:--:--
09:42:11 Phishing email — credential harvest attempt Cardiff Blocked
09:38:55 Suspicious login — anomalous geo-location Swansea Contained
09:31:02 Outbound C2 beacon — malware activity Newport Blocked
09:28:44 Dark web credential match detected Bridgend Remediated
09:17:30 Ransomware signature — endpoint isolated Cardiff Isolated
09:12:08 Brute force — RDP exposed port attempt Valleys Blocked
247
Blocked (30d)
0
Active Incidents
98%
Patch Compliance
SOC Status: ● ACTIVE Powered by Cynet XDR
Powered by Cynet XDR

AI Threat Detection
That Thinks Faster
Than Attackers.

Cynet XDR correlates signals from across your entire environment — endpoints, users, networks, and cloud — to detect threats that traditional antivirus and EDR tools simply cannot see. Most tools alert. Cynet stops.

Unlike point solutions, XDR sees the full attack chain. A suspicious login, followed by lateral movement, followed by data staging — individually these look benign. Together, Cynet's AI recognises the pattern and responds automatically before the breach completes.

Endpoint Detection & Response (EDR)
Next-gen antivirus plus behavioural AI on every device. Detects fileless attacks, living-off-the-land techniques, and zero-day exploits that signatures miss. Automatic isolation of compromised endpoints.
User & Entity Behaviour Analytics (UEBA)
Machine learning baseline of normal user behaviour. Instantly flags anomalies — impossible travel, off-hours access, unusual data movement — before account takeover completes.
Network Traffic Analysis (NTA)
Deep packet inspection and east-west traffic monitoring. Detects command-and-control beaconing, lateral movement, and data exfiltration across your internal network — including encrypted traffic analysis.
Automated Response & Remediation
Cynet's response playbooks act in seconds — isolating hosts, killing processes, blocking IPs, and resetting credentials automatically. Our SOC team validates and escalates. Speed is the difference between a close call and a breach.
Cynet XDR · Signal Correlation Engine
INGESTING FROM
Endpoints
Users
Network
Cloud
▼ correlating signals ▼
Cynet AI Correlation Engine
THREAT INTELLIGENCE · ML MODELS · BEHAVIOURAL ANALYTICS
▼ automated response ▼
Isolate
Block
Alert SOC
RECENT CORRELATIONS
✓ Phishing → Credential use → Lateral movement — BLOCKED
✓ Anomalous login → Data staging → Exfil attempt — BLOCKED
⚡ Ransomware signature detected → Host isolated — 4s
Our Security Operations Centre is
24/7
Active · Monitoring · Responding
00:00 ←————————————————————— 23:59
<15m
Alert Triage
100%
Alert Coverage
0
False Neg. SLA
24/7 SOC & MDR

We Don't Just
Monitor. We Act.

Most managed security services alert you when something bad happens. Our SOC team — backed by Cynet's Managed Detection and Response (MDR) — actively responds. Threats are contained before you've had your first coffee.

Our SOC analysts triage every alert, investigate the attack chain, and execute response actions on your behalf. You get a notification telling you what happened and what we did — not a midnight call asking what you'd like to do about it.

01
Alert Triage & Investigation
Every alert is reviewed by a human analyst within 15 minutes. We investigate the full attack chain — not just the triggering event — to understand scope before responding.
02
Active Threat Containment
SOC analysts execute containment actions directly — isolating hosts, revoking credentials, blocking IPs, and killing malicious processes — without waiting for your approval on routine responses.
03
Incident Reporting & Root Cause
After every meaningful incident, you receive a plain-English report: what happened, how it got in, what we did, and what changes we recommend. No jargon, no excuses.
04
Cyber Incident Response (Included)
Full incident response is included in Business Secure and Compliance Elite plans. If a breach occurs, we manage the investigation, remediation, and — where applicable — ICO notification. No emergency day rates.
Complete Protection

Every Attack Vector.
Covered.

Cyberattacks don't come from one direction. Our layered security approach protects every surface your business exposes to threat.

Email Security & Anti-Phishing
Over 91% of UK cyberattacks begin with a phishing email. We deploy advanced email filtering, link rewriting, attachment sandboxing, and anti-spoofing controls — then train your staff to be the last line of defence.
  • Advanced threat protection (ATP) filtering
  • Malicious link scanning & URL rewriting
  • Attachment sandboxing & detonation
  • DMARC, DKIM & SPF configuration
  • Anti-spoofing & impersonation protection
  • Simulated phishing campaigns (staff training)
  • Security awareness training programme
M365 Defender · Cynet Mail
Dark Web Monitoring
Criminal forums, paste sites, and breach databases are scanned continuously for your company's email addresses, credentials, and sensitive data. When we find a match, we act before attackers can — resetting accounts and hardening access immediately.
  • 24/7 dark web & criminal forum scanning
  • Corporate email & credential monitoring
  • Breach database correlation
  • Immediate alert & forced password reset
  • Executive & VIP identity monitoring
  • Monthly dark web exposure report
  • Integration with M365 identity controls
Cynet Intelligence · Breach DB
Endpoint Protection (NGAV + EDR)
Next-generation antivirus and endpoint detection on every device your business uses — laptops, desktops, servers. Behavioural AI detects attacks in real time, even those that don't match any known signature. Automatic response stops threats before they spread.
  • Cynet NGAV — AI-powered malware prevention
  • Behavioural EDR — fileless & zero-day detection
  • Ransomware rollback capability
  • Automatic host isolation on compromise
  • Device health & vulnerability assessment
  • Windows, macOS & server coverage
  • Silent background deployment
Cynet NGAV · EDR · MDR
Identity & Access Security
Identity is the new perimeter. Stolen credentials are the number one entry point for attackers. We lock down your M365 identities, enforce MFA everywhere, and monitor for suspicious access patterns that signal account takeover — before the damage is done.
  • Multi-factor authentication (MFA) enforcement
  • Conditional access policies (Entra ID)
  • Privileged identity management
  • Impossible travel & anomalous login detection
  • Legacy authentication blocking
  • Regular access reviews & orphaned account cleanup
  • Zero-trust access progression roadmap
Entra ID · Cynet UEBA · M365
Dark Web Intelligence

Your Credentials
May Already Be
For Sale.

Over 15 billion stolen credentials are available for purchase on dark web marketplaces right now. Welsh businesses are not immune — we regularly detect credentials from South Wales organisations on criminal forums. Most businesses have no idea until it's too late.

We monitor continuously so you find out first — and we act immediately, forcing password resets and hardening the affected accounts before any attacker can exploit the exposure.

15B+
Credentials on Dark Web
287
Days avg. breach dwell time
£3,230
Avg UK SME Breach Cost
24/7
OrenTech Monitoring
ORENTECH DARK WEB MONITOR — LIVE SCAN
oren@soc:~$ run darkweb-scan --domain orentech.co.uk Initiating scan across 47 criminal marketplaces... Checking breach databases: HaveIBeenPwned, DeHashed, RaidForums... Scanning paste sites: Pastebin, RaidForums, BreachForums... Correlating against dark web credential dumps...
oren@soc:~$ results --summary ✓ Domain: orentech.co.uk — No new exposures found ✓ Executive emails — Clear ✓ Corporate credentials — Clear ✓ API keys / tokens — Clear
oren@soc:~$ history --last 30d ⚠ 2026-05-14: 1 credential match detected — forced reset triggered ✓ 2026-05-14: Account secured, incident logged, client notified ⚡ 2026-04-28: Phishing kit targeting Welsh solicitors detected ✓ 2026-04-28: IOCs distributed, email rules updated
oren@soc:~$ status ● Monitoring active — next scan in 00:14:22
Compliance & Governance

Security That
Satisfies Auditors
Too.

For Welsh businesses in regulated sectors — GP surgeries, dental practices, solicitors, accountants, financial services — cybersecurity isn't optional. It's a legal requirement. We align your security posture to the frameworks that matter and give you the documentation to prove it.

Cyber Essentials certification is increasingly required for NHS supply chain and Welsh Government contracts. We prepare and support you through the accreditation process.

UK GDPR
Full data protection controls, breach response procedures, and ICO notification support. We manage your GDPR posture so you're audit-ready at all times.
ICO READY
Cyber Essentials
The UK Government standard. Required for NHS and public sector contracts. We assess, remediate gaps, and support your certification application.
NCSC SCHEME
Cyber Essentials+
The higher-assurance version includes hands-on technical verification. We manage the full process and remediate any failures before submission.
VERIFIED
NHS DSP Toolkit
Mandatory for organisations handling NHS patient data. We support GP surgeries, dental practices, and health sector suppliers through annual submission.
DSPT READY

Our Compliance Process

We take you from gap to certified — with zero jargon.

01
Gap Assessment
We audit your current security controls against the target framework and produce a plain-English gap report with risk ratings and a prioritised remediation plan.
02
Remediation
We fix the gaps — technical controls, policy documentation, staff training, and process changes — before submitting for any certification. No surprises at audit.
03
Certification Support
We manage the application process with the certifying body, provide all required evidence, and answer assessor questions on your behalf.
04
Ongoing Compliance
Compliance isn't a one-time event. We maintain your posture through continuous monitoring, policy reviews, annual reassessments, and regulatory change management.

Cyber Essentials Ready

We help South Wales businesses achieve Cyber Essentials and Cyber Essentials+ — the NCSC-backed certifications required for NHS supply chain, Welsh Government contracts, and an increasing number of enterprise procurement frameworks.

UK GDPR
Cyber Essentials
Cyber Essentials+
NCSC Guidance
NHS DSPT
ICO Registered
The Threat Landscape

Why Welsh Businesses
Can't Afford to Wait.

The numbers behind why cybersecurity is no longer optional for South Wales SMEs.

39%
of UK businesses reported a cyberattack in the last 12 months
Source: DCMS Cyber Security Breaches Survey 2024
£3.2k
average cost of a breach for a UK SME
Excluding reputational damage, lost contracts & regulatory fines
82%
of breaches involved the human element — phishing, stolen creds, error
Source: Verizon DBIR 2024 — technology alone isn't enough
287d
average time attackers dwell in a network before detection
Without MDR, attackers have months to cause damage undetected
A note on Welsh businesses specifically: South Wales organisations — particularly those in professional services, healthcare, and manufacturing — are actively targeted by threat actors who see regional firms as less-defended than London counterparts. The NCSC's Active Cyber Defence programme has flagged Welsh SMEs as disproportionately impacted by commodity ransomware campaigns. OrenTech's local presence means faster response and sector-specific threat intelligence for businesses in Cardiff, Swansea, Newport, and the Valleys.
Get Protected

Find Out What's
Exposed. For Free.

Diogelwch eich dyfodol — Secure your future

Book a free 30-minute security assessment. We'll scan your dark web exposure, review your M365 security posture, and show you exactly where your risks are — with no obligation and no jargon.

Book Free Security Assessment Call: 01443 551935
South Wales · orentech.co.uk · hello@orentech.co.uk · Powered by Cynet XDR