Behind the work.

Hello! I am Aisha, founder of Cyphral and the one behind the work. My professional path started in Bangalore, the IT hub of India. I worked as a software engineer there for 5+ years, mastering Python, DevOps, CI/CD pipelines, infrastructure scripting, and the things that quietly keep modern businesses running. What my time in Bangalore taught me was the gap between security as a feature on a roadmap and security as something that actually changes a system's behaviour.

I moved to the UK for my MSc in Network and Information Security at Kingston University. My dissertation focused on migrating OpenSSH to post-quantum cryptography for enterprise use, and benchmarking its performance. Working on this project taught me how much of modern cyber security has become a specialism that people rely on without really understanding the foundation.

The pivot from research into Cyphral branched from a simple observation. UK small businesses sit in a strange middle ground. They are too small to have an in-house security team, but too important to their supply chains to be ignored. They get pulled into compliance schemes like Cyber Essentials through customer pressure, with no clear path through. Most consultancies serving them either wait until something goes wrong, or sell a certificate without changing the underlying posture. The methodical, practical middle ground is harder to package and easier to skip. Cyphral is there to help with the middle ground.

A few things I commit to with every engagement, written down here so they are visible.

Small and focused. Engagements have a clear scope and a clear ending. The aim is not to keep you signed up indefinitely. If we agreed on two weeks of readiness work, two weeks is what you get.

Plain language. No security jargon unless it is necessary, and if it is necessary I will explain it. SME owners should not need a glossary to understand what is being done to their business and why.

Honest scope. Cyphral prepares businesses for Cyber Essentials; we do not certify. IASME and accredited Certification Bodies do that. The distinction matters because pretending otherwise would set wrong expectations and would also compromise my independence as your reviewer.

Halal-compliant. Cyphral does not offer interest-bearing financing or take on services that contradict Islamic ethical commitments. This shapes both how the business is structured and the kinds of engagements I accept.

Privacy by default. The website you are reading uses no tracking scripts, no cookies, no behavioural analytics. The same restraint applies to client engagements: Cyphral collects what is needed to do the work, no more.

When the job is done, the engagement ends. If you need something later, the door stays open. But Cyphral will not invent reasons to stay.

If you have read this far, you are probably the kind of business that thinks carefully about who you let near your systems. That is a good instinct. If you would like to talk about whether we might be a good fit, the easiest way is just to email.