Open and close mobile menu


Cyber Security

Let's make our world safer, smarter, better

Our cyber experts work with our clients to develop their cyber resilience. That is, we help them understand the threats to their organisation, put appropriate and proportionate protection in place, and ensure that operations continue, and services can still be delivered in the event of an incident.

We already provide cyber resilience expertise to the critical national infrastructure, government, national security, and Defence sectors. To protect people and an organisations' assets, the journey towards resilience must start with strategy, and then consider the steps that need to be taken to build up defences and maintain resilience. We also ensure clients have a sound understanding of how they can reduce the risks to their supply chains and work with partners to minimise threats.

Unlock the power of cyber security

Our cyber practice is engineering better at the heart of an increasingly digital world. The challenges? HUGE! But as one team member says, the 'mind-breakers' are why we love getting up for work every morning. Watch our video and find out more.

Unlock the power of cyber security

Making a difference


Digital technology has transformed the way we work, making us more efficient, open and agile. But it’s also put our most important assets and infrastructure at risk. Our engineering and cyber security experts help clients maximise the benefits of greater connectivity without compromising their operations.

We help develop cyber resilience.

Our services


Understand business impact and operational risk to identify an effective organisation structure and a pragmatic level of cyber security investment.

Design security into a project from inception or ensure vulnerabilities within existing infrastructure are assessed and addressed.

Identify and measure level of compliance against globally recognised security standards and regulatory requirements.

Ensure that clients have confidence in their approach to security and the processes embedded within their business and supply chain.

Our key markets

team sitting around lunch table


We help clients protect their people, assets and mission, whether they’re on land, at sea or in the air. Our engineering, design and cyber security specialists work with clients to understand the scale and nature of the threats to their operation and prioritise investment in areas that impact on success. We’re one of the largest providers of engineering and technical cyber vulnerability investigation services to the UK defence sector.


Recent cyber-attacks have highlighted the risk to our critical national infrastructure and what needs to be done to protect it. We help safeguard these essential services and minimise the impact of a security breach. We have extensive experience in the design and delivery of vital infrastructure projects, combined with industry-leading cyber security capability.

team sitting around lunch table


Our engineering and cyber experts help client seize the opportunities created by cutting-edge technologies, while ensuring their aircraft and operations remain secure. For decades, we have been helping world leaders in the aerospace sector solve some of their most complex engineering challenges. That means we’re uniquely placed to help you navigate the new and ever-changing digital environment.


Technology is helping transport operators meet passengers demand for frequent, punctual and reliable services but it also presents a significant challenge — ensuring these vital networks and systems are secure. Our team understands the real-world implications of a cyber security breach when clients are working within the confines of an operational railway, or a busy motorway, or in mission-critical environments.

"As technology becomes ever more pervasive in our daily lives at AtkinsRéalis we strive to protect the boundaries between the digital and physical domains. Our engineers have successfully managed emerging technology risks for over 100 years, and cyber security is simply the latest engineering challenge our trusted team of experts excel at solving.”

Matthew Simpson

Global Practice Director

Why join us?

Shape future with us

Our global trusted team of experts offer unrivalled insight into an organisation’s vulnerabilities. They have designed and delivered complex infrastructure projects for a century, which means they understand the operating environment and the challenges organizations face. Our team is trusted by government and industry leaders.

We have extensive experience of operating in secure and mission critical environments and are experts in operational technology. Our comprehensive approach stems from our belief that cyber security is everyone’s responsibility. We consider the risk to, and from, your people, processes, and technology.

Now, you can be a part of our global trusted team of experts and join us to engineer a better future for our planet and it’s people.

Read more

Our projects

We care about the big issues facing the planet and are committed to engineering a better future for its people. A career with us offers unparalleled opportunity to work on some of the most exciting projects around the world. You can have a significant impact on projects that make people’s lives better.

Know more about some of our Cyber Security projects from across the world.


We were engaged to develop an Operational Technology (OT) honeypot with the objective to use real OT hardware and software to make it more realistic than honeypots based on virtualised systems and to understand the Tools, Techniques and Procedures used by attackers. Further, to provide a basis for a honeypot platform to be deployed in Critical National Infrastructure (CNI) OT and to evaluate the usefulness of network traffic analysis and situational awareness tools for OT security To achieve these objectives, the honeypot was constructed and connected to the Internet and monitored remotely. Steps were taken to ensure that the system could not be traced to us easily.

AtkinsRéalis designed and implemented a programme of work to address the gaps between the client’s cyber security posture and the requirements of NIS-R based on the Competent Authority’s sector specific profile. The profile prioritises a number of the Contributing Outcomes (COs), as defined in the NCSC Cyber Assessment Framework (CAF). NIS-R applies to all systems which are critical to the delivery of the essential service, including IT systems and their supporting infrastructure (data centres, networks and communications) and many Operational Technology (OT) systems. The OT systems are located at process plants, of which there are several hundred, so the project includes the automation of several processes, including automatic asset discovery.

Our client, a major water company, has engaged AtkinsRéalis to help them implement the requirements of the Network and Information Systems Regulations (NIS-R). A key part of this work is to have a detailed and up to date picture of the assets on operational sites, to be able to detect changes to those assets and to detect cyber-attacks on these assets, including attacks which exploit vulnerabilities which are specific to the Operational Technology (OT) used for water treatment.

Our client engaged us to assist in the development of the Security Case for a New-Build Nuclear Reactor during a Generic Design Assessment (GDA): the initial high-level assessment conducted by the Office for Nuclear Regulation (ONR) on nuclear reactor designs that have not previously been built in the United Kingdom. This reactor design had been developed outside of the UK. We aided in the development of the cyber-security risk assessment and associated methodology, the security architecture and security infrastructure, and the cyber-security design requirements for the nuclear island Instrumentation and Control (I&C) systems. We also provided cyber-security support and subject-matter expertise to the client.


As one of the world’s leading energy companies, our client is an obvious target for people looking to attack critical national infrastructure. They are therefore committed to improving their security, particularly their Industrial Control Systems (ICS) and the associated safety systems which ensure that the plant operates safely and can be shut down in an emergency. Whilst our client had their own proprietary security standard for ICS and had taken steps to protect its systems in line with that standard, they recognised that without appropriate cross-organisation behavioural change the protection offered was limited. They, therefore, identified the need for a bespoke company-wide training course to address this, based on the client’s own security standards.

We were engaged by a UK water company to help them understand their gaps against the NIS Regulations. The NIS Regulations require operators of essential services (such as energy, water, transport, healthcare etc…) to manage their cyber security risks and put in place the processes to notify Competent Authorities of any cyber breach that impacts on an essential service. For the water industry, the NIS Regulations are concerned with interruption to the supply of drinking water; however, the scope of this project included all operational sites critical to the client’s business including sewage treatment.

A major UK airport engaged AtkinsRéalis to conduct a cyber vulnerability assessment of its Air Ground Lighting (AGL) system. The client wanted to understand the full range of vulnerabilities the system was exposed to and how well the organisation was set up to understand and mitigate these vulnerabilities. Equally important, the client wanted the final assessment report to include recommendations for improving the security of the system. The project was also intended to act as a blueprint and trailblazer for the assessment of other critical systems at the airport.

Our work with automotive and technology sector leaders has moved us a step closer to the safe and secure roll-out of Connected and Autonomous Vehicles (CAVs) in the UK. We were appointed as cyber security lead for the HumanDrive project, a Nissan-led collaboration, that successfully developed an autonomous vehicle capable of travelling more than 200 miles, including through country lanes. complex junctions and on motorways. If we’re going to take our hands off the wheel, our cars need to be gathering, processing and sharing vast quantities of data. But this connectivity, which enables the safe and secure operation of an autonomous vehicle, also puts us at risk. As part of the three-year Human Drive project, a cross-industry collaboration led by Nissan Technical Centre Europe, we identified and assessed potential threats to the cyber security of CAVs and put a framework in place that could help the entire CAV ecosystem develop safer and more secure technology.

Cyber Academy

Our mission is to increase cyber capability through facilitation of a structured path to up-skill our graduates and apprentices and cross-skill existing Engineers into Cyber Security practitioners. AtkinsRéalis Cyber Academy is domain-led and has been designed to leverage our DNA in creating the next level of defence: Cyber Engineers – those that understand the technical aspects of cyber security as well as the strategic impact of risk. At present, it is based in United Kingdom and will soon be available globally via virtual mode.