About us

Leaders in Risk, Cyber and Security Consulting

CornerStone is a multi-award-winning, independent risk, cyber and security consulting firm providing a broad range of advisory, risk management, security design and implementation services.

We help organisations protect their assets - including people, premises, and intellectual property - and their profits, by identifying how risk ratings can be reduced, and levels of protection and resilience increased.

CornerStone has pioneered the development of contemporary security risk management practices over many years. Our Unified Security Risk Management® model provides a truly joined-up and inclusive way of addressing some of the trickiest security challenges. We have a deep understanding of security risk and how its identification, quantification and mitigation can be utilised to improve an organisation’s security posture.

Our clients include some of the largest and most successful companies in the world as well as organisations from every area of commerce. We provide them with expert guidance, unbiased advice and support across our range of specialist activities.

Award Winning Risk, Cyber and Security Consulting

Our history

From humble beginnings in 2007, CornerStone has grown to become one of the largest, dedicated, independent, Risk, Cyber and Security Consulting firms in the UK.  From our headquarters in the City of London, we provide a wide range of security consulting services to public and private sector organisations all over the world.

Our initial proposition offered a totally independent, Risk & Security Consultancy service that utilised a “risk and requirements” based approach to security design. From our roots in physical security, other areas of expertise have been developed over the years and these now form the basis of today's unique “holistic” proposition.


CornerStone has never forgotten the importance of its role as an independent advisor to its clients.  By placing our clients interests and requirements first, we have thrived in a modern business environment that requires strong corporate governance and absolute integrity.

Our people

We have always considered our 'people' to be the lifeblood of the business and we’ve become rather good at finding and developing the best in the business. Our recruitment is handled in-house to ensure alignment with our values and culture and we place education and personal development at the top of our 'people-orientated' agenda.

In 2018 we formed our dedicated Training Academy and now offer CornerStone staff a comprehensive training and development programme which is underpinned through a partnership with the Institute of Leadership and Management and the Security Institute.

The future

Our history is one of innovation, achievement and growth but our future is even more exciting. We never take our market-leading position for granted and are always striving for continual improvement. Our leadership team are focused on innovation and quality and our consulting team includes subject matter experts covering the full security spectrum.

As CornerStone goes from strength-to-strength we will continue to shape the future and define how security is delivered, not only in the UK but throughout the world.  

Why you should work with us

We deliver outstanding solutions to world-class clients

Customer service is embedded in everything we do. When your client list includes many of the world’s leading companies your standards must be high. The ongoing investment we make in our unique delivery process and our commitment to professional development is all about providing excellence at every stage and ensuring that we deliver outstanding results.

We have a holistic approach

Our unique, holistic approach has been developed to align with the modern business environment we operate within. It recognises the need for joined-up, inclusive solutions that are not limited to a particular security silo. We have the expertise and experience to deliver exceptional results across the full spectrum of risk and security consulting services. 

We deliver value

Our clients recognise that above all else we deliver value for their investment. That is why 92% of our client engagements over the last 10 years have led to us providing them with additional services. It is the value we deliver that keeps our ‘approval rating’ so high: whether finding creative solutions to tough challenges, working with stakeholders to understand cultural context, or offering advice and support whilst delivering other projects. 

We are independent

We are completely independent of any product manufacturer, system installer or other types of security company. We do not supply equipment, install products, or provide installation or commissioning services. When you speak to us it is safe in the knowledge that you will receive unbiased, expert advice that is not influenced by a relationship with a particular manufacturer or installer. Our solutions are based on your requirements – we have no other agenda.

We make our clients more resilient

Improving a client’s risk profile starts with a comprehensive analysis of their current situation. Once we know the threats they may be exposed to and what vulnerabilities exist, we use our joined-up, holistic approach to address even the most complex of requirements. Through a comprehensive mitigation programme we will reduce levels of risk and increase business resilience allowing them to focus on their primary business objectives. 

We are totally client-focused

Our unique delivery process helps us maintain the quality of our service and retain our client-focused approach. We understand that without our clients we cannot continue to thrive, so client relationships are top of our agenda. Our consultants have been carefully selected to ensure that our desire to delight our clients is embedded throughout every engagement.


Our service offering has significantly expanded over the years and now includes many other specialist areas of practice. As part of our “holistic proposition” we have developed the Unified Security Risk Management® model and can incorporate Risk, Cyber and many specialist services as part of a comprehensive package of solutions. We are licensed by the Building Research Establishment to undertake SABRE Security Assessments and are certified by the UK Police Service as a Digital Security Provider, delivering a range of cyber risk services.


We support our clients to develop appropriate security strategy and produce security master plans that define aspirations and direction. We can establish and produce policy and procedures and offer an extensive range of assessment services that establish context and identify risks, threats and vulnerabilities. Our implementation specialists are able to devise comprehensive project delivery plans and we can lay the foundations for SABRE certification as well as many other cyber and security governance frameworks.


Our design solutions can focus on the mitigation of risks, threats and vulnerabilities identified during the "Plan" phase and can encompass Cyber, Physical, Technical and Operational security measures. We often help clients develop Security Standards and can help our clients evaluate a range of products or systems to pinpoint the right option for their environment. We deliver RIBA Stage 2, 3 and 4 designs in support of construction projects and manage tender processes in advance of implementation.


The implementation phase of a project can be a critical ingredient of delivering a Security Master Plan or Strategy. CornerStone have invested heavily over many years on the development of a comprehensive Implementation service. We utilise a cloud based planning and monitoring tool to build end-to-end project programs that we use to monitor and report progress. Our approach supports any size of project from single discipline activities to multi-faceted, long term programmes. Our experience and systems provide the assurance of a successful outcome every time.


Good security is often built on reliable intelligence. Gathering that intelligence requires expertise and know-how. Our threat and security monitoring and analysis service provides the context and insight for risk assessment, mitigation and design planning. Our physical penetration testing is focussed on highlighting gaps in operational, technical and physical security measures and our dynamic risk rating service enables organisations to respond appropriately to evolving threats.


Clients are able to access CornerStone's expertise in many ways. Advising on alternative operating models, providing an objective comparison of technology options or simply helping to define how change can be introduced are just some examples of how CornerStone can release value and support improvement.


We can develop bespoke training programs to cover subjects across our areas of activity or even design a full syllabus. We have developed our own Learning Support Platform which enables us to deliver training face-to-face in a class room environment as well as on-line at a pace chosen by the recipient.

Let's connect

If you’re looking for risk and security consulting services and are interested in finding out more about our values and capabilities, please get in touch. Whether the need is small but important to you or a large-scale solution affecting a multi-national enterprise, we’re here to help.