Your competitive edge lives in CAD geometry, CFD runs, performance maps, and the telemetry from the last race weekend. It usually sits on one server in the corner of the office, and the primes you supply now want proof that it is defended. We run, secure, build, and prove the technology behind a technical engineering business, so a tender is never lost on a control nobody owned and a year of aero data is never one failed drive away from gone. UK based, near Motorsport Valley, and fluent in the tools your engineers actually use.
The primes you supply, the teams and the OEMs, are pushing Cyber Essentials down the supply chain as a baseline, and a tier-2 supplier handling CFD or geometry data is increasingly asked to attest before the work is awarded. At the same time, cyber and D&O insurers want the same controls evidenced, and any investor running diligence on the business will ask about the cyber posture. None of it is abstract. It decides whether you stay on an approved supplier list, and what your IP is worth on a balance sheet. We build the posture and the evidence that answers all three, and we get you certified directly.
A profitable engineering SME with visible IP is now asked to demonstrate, not assert, that its technology is in order. The trigger usually comes from outside the business: a tender, a renewal, a diligence pack. Knowing which of these is driving the conversation is the difference between a clean answer and a scramble. The four below are the ones we are most often called about.
Not scare stories. The specific, recurring problems we are brought in to fix in 20 to 200 person engineering firms, and why each one matters commercially as well as technically.
Years of geometry, CFD output, and performance maps on one box in the corner, with no proper off-site backup. A drive failure, a flood, or ransomware and it is gone. It is the first thing we secure, and the first thing a Cyber Essentials assessor or an insurer asks about.
Local or domain admin handed to the workstations "because the engineers complained", which is a clean Cyber Essentials failure and a real exposure. We remediate it without breaking the SolidWorks, CATIA, or NX workflow the work depends on, so the fix does not cost you a day of design time.
A bespoke job-tracking, MRP, or costing system built fifteen years ago by someone who has since left, now too fragile to touch and too central to drop. We have replaced exactly this kind of system with a modern, supported core, on terms that keep the business running through the change.
We do not sell engineering a different product. We point the same four disciplines at the things that actually bite in a technical business, and link you to the service that does the work. One partner, no gaps between suppliers for a failure to hide in.
UK based support that understands engineering workstations and the storage behind them, with MDR included as standard. We get the CAD and CFD archive off a single NAS and onto a backup and recovery setup that actually survives a bad day, because that data is the business.
We are an appointed Cyber Essentials certification body, so we know exactly what the standard requires and take you cleanly through Plus, the baseline your primes and insurers now expect. This is the strongest lever a tier-2 or tier-3 supplier under prime pressure has, and the route runs through one team.
When a fifteen year old line-of-business system is holding the business back, we rebuild it on a modern, supported core, by the same team that runs and secures it. We have replaced an unsupported legacy engineering system with a current platform before, so the modernisation is a real capability, not a promise.
We build and maintain the policies, controls, and evidence that a prime's supplier questionnaire, a cyber insurer, or an investor's diligence pack asks for, mapped to a recognised framework. Accurate, evidenced answers that stand up when someone checks, not a folder reconstructed under pressure.
We are based in Reading, a short run from the Northamptonshire, Oxfordshire, and Buckinghamshire corridor: Silverstone, Brackley, Enstone, Banbury, and the supplier cluster around them, plus the Cambridge deep-tech and Oxford spinout scenes and the automotive engineering around Coventry. We know the stack a technical business runs, M365 and Defender, SolidWorks and CATIA and NX, ANSYS and Abaqus, a NAS full of projects, and an MRP nobody wants to touch, and we speak to it without a translation layer.
Start by reading exactly what they have asked for, because base Cyber Essentials and Cyber Essentials Plus are different levels and supply chain questionnaires often name one specifically. We can confirm which tier your buyer wants before you commit to anything. From there, because we are an appointed certification body, a short readiness review tells you what needs fixing first, and we take you through to certification without a third-party handover. For a tier-2 or tier-3 supplier under prime pressure, it is the single strongest thing you can do.
It is usually the most commercially relevant thing we find. A single NAS holding years of geometry, simulation output, and performance maps, with no proper off-site backup, is both a Cyber Essentials weakness and a business-ending risk in one. A failed drive, a flood, or a ransomware event and the work of years is gone, and that loss is generally uninsurable without proof that controls were in place. We get that archive onto a backup and recovery setup that genuinely survives the bad day, which is also what an assessor and an insurer want to see.
Yes, and doing it without breaking the workflow is the whole point. Engineers often end up with local or domain admin because a tool complained at some stage, which is a clean Cyber Essentials failure. We remediate it carefully, working out what SolidWorks, CATIA, NX, or your simulation tools actually need, and granting that rather than blanket administrator rights. The result passes the standard and does not cost the team a day of lost design time, which is what tends to go wrong when it is done bluntly.
This is a capability we have delivered, not a promise. We have taken an unsupported legacy engineering line-of-business system and rebuilt it on a modern, supported core, replacing a fragile fifteen year old tool with a current platform. We do it in stages, on terms that keep the business running through the change rather than asking you to switch everything off one weekend, and the same team that builds it runs and secures it afterwards. If your costing, MRP, or job-tracking tool is held together by one person who has left, that is exactly the problem we solve.
Increasingly, a fair amount. Cyber and IT-governance review is now a standard part of VC and PE diligence, and an unprepared engineering business can lose ground on valuation over a posture it could have tidied up beforehand. The questions tend to cover how your IP is protected and backed up, whether you hold recognised certifications such as Cyber Essentials or ISO 27001, and whether the controls are evidenced rather than asserted. We can get the posture and the evidence pack in order ahead of the round, so it reads as a strength rather than a deduction.
Send us the supplier questionnaire from your prime, the email from your insurer, or just tell us where the data sits today. We will tell you plainly where you stand and what it takes to close the gap. We reply within one working day, and you will speak to an engineer, not a salesperson.
Hello, I am Ainsley, the assistant here at Dead Simple Computing. I built nothing today, but I am one of the governed AI assistants we build for clients. Ask me about managed IT, cyber security, software and AI, or governance and audit.
Ainsley is an assistant and can be wrong. For anything that matters you will speak to an engineer.
