Enhancing Cybersecurity Consultancy

Spartacus is a Digital Marmalade owned platform aimed at cybersecurity consultancies and large organisations. The platform offers a suite of complimentary tools to help consultants establish a comprehensive understanding of their clients’ security needs, whilst enabling them to identify opportunities and drive sales.

  • Capability Assessment

    Customisable Maturity Analysis

  • Drivers & Attributes

    Stakeholder Interviews

  • Discovery Assessment

    Services & Solutions Analysis

  • ISO 27001 Assessment

    Standards & Frameworks 2013 & 2022

  • NIST CSF Assessment

    Standards & Frameworks 1.1 & 2.0

  • CIS Top 18 Assessment

    Standards & Frameworks

  • PCI DSS 4.0

    SAQ Gap Analysis

  • Controls Assessment

    Protection & Cost Analysis

  • Risk Assessment

    Quantitative Risk Analysis

Spartacus – Capability Assessment – CMMI Maturity Evaluation

Capability Assessment

The Capability Assessment equips consultants with a versatile toolkit to tailor CMMI capability maturity evaluations to specific client needs, such as baseline, cloud, or network security. This comprehensive assessment identifies weaknesses in a client's security posture and outlines its targeted maturity progression, enabling consultants to subsequently translate these into prioritised, scheduled projects. The platform offers a streamlined process for compiling key findings and recommendations that automatically populate comprehensive PDF reports. Furthermore, it facilitates the association of evidence, policies, and supporting documents with each security control.

Cybersecurity Compliance Standards

Spartacus comes pre-configured with several internationally recognised cybersecurity frameworks such as NIST CSF, CIS Top 18 and ISO 27001, as well as PCI DSS 4.0 for payment card security compliance. This enables consultants to provide a tailored approach to evaluating a client’s security requirements through security capability maturity, gap analysis, policy reviews and trend analysis. These insights ensure informed recommendations and effective actionable plans can be devised to improve compliance and deliver maximum cybersecurity defences.

  • ISO 27001:2013

  • NIST CSF 1.1

  • ISO 27001:2022

  • NIST CSF 2.0

  • PCI DSS 4.0

  • CIS Top 18

Features & Benefits

  • Improve Compliance

    Improve compliance and coverage to ensure maximum security while aligning with updating industry regulations.

  • Client Access

    Provide clients with read-only access to interactive assessment analysis and findings, trends and benchmarking.

  • Single Client View

    All client assessments across the 9 core assessment types are available under a single client view for reference and trend analysis.

  • Bespoke Integration

    Option to integrate data with your existing sales and opportunity management systems and other data sources.

  • Speed to Market

    All 9 core assessment types are ready to go. Content managed frameworks allow you to create bespoke maturity assessments aligned to your existing frameworks.

  • Development Framework

    Option to develop new custom assessment types within the platform. Reducing both development costs and speed to market.

  • Flexible License Model

    Flexible licensing options from pay as you go for individual assessments to unlimited usage across all 9 core assessment types.

Spartacus – Assessment Features

Assessment Features

  • Tailor client approach using customised capability assessment

  • Prepackaged Cybersecurity frameworks:

    • NIST
    • ISO 27001
    • CIS Top 18
  • Prepacked Payment Card PCI DSS 4.0 Compliance

  • Evaluate security control and safeguard maturity, highlight key findings & provide recommendations

  • Upload evidence, policies, and supporting documentation

  • Generate interactive heatmap dashboards for the framework, controls and selected modules

  • Analyse security capabilities using charts & benchmark data to identify vulnerabilities

  • Prioritise and timeline projects that map directly to control maturity improvements

  • Output comprehensive PDF reports, collating all data, charts & recommendations

  • Peer review assessments for consultant training, collaboration and quality control

  • Provide client access to interactive analysis tools and assessment reports

  • Aggregate and compare periodical assessments to visualise improved security posture

Spartacus – Assessment Features – PCI DSS 4.0 SAQ Analysis
PCI DSS 4.0 Analysis
Spartacus – Assessment Features – CIS Top 18 Document Library
Policy & Evidence Management
Spartacus – Assessment Features – ISO 27001:2022 Projects
Strategy & Project Management
Spartacus – Assessment Features – NIST CSF 1.1 Trend analysis
Trend Analysis

Cybersecurity Stats

In 2024, The Europe Cybersecurity Market size is expected to reach£28.5bn

34% of all cyber-attacks were launched as Business Email Compromise (BEC) attacks in 2023

On average, 50,000 websites are hacked daily

The average annual cost of cybercrime for businesses is estimated at £15,300 per victim

75% of security professionals observed an increase in cyberattacks over the past year

48% of UK businesses consider a catastrophic cyber-attack as the top risk scenario

26% of medium businesses experienced cybercrime in the last year

Only 21% of medium businesses experienced cybercrime in the last year

Only 9% of businesses report adhering to ISO 27001

Spartacus – Quantitative Risk Analysis – Monte Carlo Model

Quantitative Risk Analysis


This standard quantitative risk analysis assessment is based on the industry-standard FAIR cybersecurity risk model. Consultants create a list of potential risk scenarios for the client's assets and run the analysis for each. The FAIR model allows consultants to adjust and fine-tune the weightings of risk factors for each threat scenario, providing a comprehensive understanding of potential financial loss and reputation exposure to the business. This risk analysis helps identify the highest risk security weaknesses to be addressed.

Each risk scenario is available as a PDF report, providing a clear and detailed overview of the potential risks and their impact on the business.


This Monte Carlo model builds upon the standard FAIR risk model by incorporating large-scale synthetic simulations of potential outcomes. This model uses statistical probability through modified PERT distributions and histograms that feed into Monte Carlo simulations to provide a more accurate assessment of potential losses. The model enables organisations to model minimum, most likely, and maximum risk outcomes in terms of financial impact and the frequency of an event.

This information allows organisations to make informed decisions about budgets, work-streams, and priorities to reduce risk. Each risk scenario is available as a PDF report, providing a clear and detailed overview of the potential risks and their impact on the business.

Spartacus – Controls Assessment

Controls Assessment

This assessment focuses on identifying the assets that a client is protecting, the risks that those assets may face, and the security controls that are in place to protect them. The risk of each asset is calculated using the FAIR model, which provides quantitative risk ranges and maps them against the client's loss capacity level (e.g. severe, moderate) for each identified risk scenario. The assessment also identifies the security controls that are deployed across the client's organisation, including the cost of each control (human, software, hardware).

The platform then provides both the risk range and protection cost for each asset, allowing C-level executives to make informed decisions about investing in cybersecurity. Once the assessment is completed, the application allows consultants to recommend additional security controls and calculates the additional spend and protection for each asset. The data from the assessment is displayed in a report that can be used to document key findings and make recommendations.

Spartacus – Discovery Assessment

Engaging Clients with the Discovery Assessment

The Discovery Assessment is designed to kickstart the cybersecurity dialogue. With up to 12 topics and 10 questions per topic, this tool adapts to different client representative roles, offering a strategic and operational exploration of cyberse

The Discovery Assessment is designed to kickstart the cybersecurity dialogue. With up to 12 topics and 10 questions per topic, this tool adapts to different client representative roles, offering a strategic and operational exploration of cyberse

What can Spartacus do for you?

  • Increase Client Engagement

    A suite of well-designed, cybersecurity focused assessments to help understand a client’s security posture. In depth reports and interactive client access to analysis.

  • Trends & Benchmark

    Benchmark client outcomes against industry, country and region averages. Aggregate and compare client scores across multiple assessments (periodic and location trends) for each assessment type.

  • Generate Leads & Opportunities

    Generate leads and opportunities from focused assessments, link them to Salesforce and track progress and performance through periodical assessments.

  • Effective Consultancy

    Reduce both the consultancy effort and consultancy training in producing consistent quality and informative assessment reports, findings & recommendations.

For a complete overview of the Spartacus Platform and its transformative impact on cybersecurity consultancy contact us for a demo.


Case Studies

Discover how our expertise in software development has successfully addressed various challenges, delivering effective solutions and exceeding client expectations.

Previous Next View all case studies
The Telegraph Revolutionising Digital Puzzle Platforms
View case study
Sport Passport Multi-Sport Learning Platform
View case study
Fusion Lifestyle Leisure Provider Management Platform
View case study