Cyber Security
Investigations
Capacity Building
Insights
About
Digital Threat Digest Insights Careers Let's talk

Physical security assessments

Smart security starts with the front door

Talk to an expert
Double circle designs11

Bridge the gap in your physical security

Looking to strengthen your physical security without the complexity and cost of full-scale physical penetration testing? Our Physical Control Assessments (PCA) and Physical Assessments (PA) offer effective and accessible options to evaluate and improve your organisation’s physical security posture.

Effective risk management means addressing both digital and physical threats. Many organisations invest in penetration testing of their IT environment to identify vulnerabilities, and forget the physical aspect, leaving critical gaps in security. On-site vulnerabilities such as weak access control, insecure storage or lack of staff training can lead to serious security incidents such as data breaches, reputational damage or financial loss.

Our physical security assessments help you to identify vulnerabilities before someone else does.
Window

Our services

We provide two flexible services based on your organisation’s maturity and individual business needs. Our PCA and PA services are targeted and collaborative to give you clear, actionable insights to improve your physical security.

Physical Control Assessment (PCA)

An evaluation of specific areas of concern in your physical security setup. This could include access points, credential systems, restricted areas, staff awareness, and more.

Physical Assessment (PA)

A black-box assessment designed for organisations with mature security practices looking for a deeper insight into their risk exposure and to challenge their existing defences.

Get a quote

Physical Control Assessment (PCA)

In this approach, you tell us where you want the spotlight. We test your existing security controls that you want evaluated, work with you to determine how effective they are at protecting critical areas, and help you close any gaps. 

Our evaluation can include assessing perimeter defences, assessing how onsite personnel respond to unauthorised activity, assessing awareness of staff and stakeholders, and attempting to bypass physical or electronic locking mechanisms.

Benefits of our PCA service:

  • Targeted evaluation of your existing physical security controls
  • Cost-effective alternative to full-scope penetration testing (black teaming)
  • An ideal first step in identifying weaknesses and strengthening physical security
Talk to our team
Going forward

Physical Assessment (PA)

This service is ideal for mature organisations who are seeking a true, unbiased evaluation of their physical security posture.

Using a black-box approach, we use Open-Source Intelligence (OSINT) to gather information externally, then attempt to physically access the environment without any prior knowledge of your systems or processes - just like a real attacker would.

Our approach

Open-source intelligence (OSINT) gathering

On-site engagement and testing of security controls

Simulated attempts to access areas with critical assets or information

Use of social engineering to test detection and response controls

Our approach combines remote intelligence gathering and on-site testing to identify real-world vulnerabilities- all delivered with the same professionalism and discretion as a full-scope black team engagement but scaled for accessibility and tailored to your individual business needs.

Benefits of our PA service:

  • Comprehensive black-box assessment
  • Simulates a real-world attack scenario
  • Vulnerability reporting based on no prior knowledge
  • Deeper insight into your actual risk exposure and security posture
  • Cost-effective alternative to full-scope penetration testing (black teaming)
Talk to us

Our physical security assessments are designed for organisations that:

  • Want a comprehensive understanding of both cyber and physical security risks
  • Are unsure about the strength of their current physical security measures
  • Operate in shared or externally managed environments
  • Store or handle high value assets, sensitive data, or confidential materials onsite

Why choose PGI?

Human-led approach

We study how real attackers think, behave and manipulate people to effectively simulate real-world scenarios, rather than just checking boxes.

Holistic insight

Our services consider a wide range of behaviours, through our knowledge and expertise, giving you a more comprehensive overview of your organisational risk.

In-depth expertise

With experience in understanding threat actor methodologies, we provide nuanced and actionable recommendations that go beyond surface-level analysis.

Get started

Other ways we can help:

Practical measures for defending your organisation against digital threats

Cyber incident preparedness and response

Cyber incident preparedness and response

Reduce the impact of a cyber attack or data breach with the expertise of our Incident Response team.

Cyber security breaches are inevitable. How your organisation plans for and handles a breach is what matters. Our Incident Response and cyber security experts can help your organisation prepare for, handle, and recover from cyber incidents.

Learn more