Six pillars, one European practice.
MACC works with SMEs and large enterprises on cyber and AI — from strategic scoping to delivery, all the way to incident response. Every pillar is led directly by a senior consultant, no layers in between.
- 01 FOUNDATION
Cyber risk & compliance
Map risk, structure compliance, prioritise what matters — without drowning teams in audit work.
- Cyber maturity assessment (NIST CSF, CIS, ISO 27001)
- NIS2 · DORA · AI Act readiness
- Risk analysis (EBIOS RM or proprietary)
- 02 PROOF
Offensive security
Test your defences the way an attacker would — clear methodology, clear scope, deliverable your team can actually act on.
- Application pentest (web, mobile, API)
- Internal / external infrastructure pentest
- Cloud pentest (AWS · GCP · Azure)
- 03 EXECUTION
Cloud & infra security
Secure existing cloud and infrastructure without blocking product delivery — Zero-Trust design, pragmatic hardening, access governance.
- Cloud security posture (AWS · GCP · Azure)
- Zero-Trust architecture
- Secure DevOps / DevSecOps integration
- 04 DIFFERENTIATOR
AI Security
Two sides of the same craft: securing your AI models, and using AI to strengthen your security. The MACC specialty.
- Security for AI: model red-team, prompt injection, jailbreak
- Security for AI: LLM governance, AI Act readiness
- Security for AI: data leakage, model exfiltration
- 05 RECURRING
Awareness & training
Equip teams to become an asset, not a risk — short formats, concrete content, exercises grounded in your business.
- Executive cyber briefing (90 min, leadership format)
- Tabletop exercises (cyber crisis simulation)
- Phishing simulation programme
- 06 CRISIS
CSIRT
Prepare, detect, contain, eradicate, recover. Incident response capability available to you — before, during, after.
- Custom Incident Response Plan (IRP)
- Per-scenario playbooks: ransomware, exfiltration, BEC, supply chain
- DFIR retainer: 24/7 availability on incident