GOVERNANCE SERVICES
Fortis can help your company to develop, improve or create an effective information security strategy that is aligned to your business requirements. We are experienced with large and small companies and always align with frequently used international security standards.
We can help you with:
Alignment to or implement information security frameworks (NIST CSF, ISO/IEC 27001, CIS Controls)
Authoring or updating security policies, standards & guidelines
Risk assessments (full environment
including cloud)
Auditing services in which we are highly experienced. From government to enterprise, our services an be tailored to your compliance needs
Security transformation programmes
Data Privacy and GDPR services, Data Privacy Impact Assessments (DPIA), Data Protection Officer as a Service
Full ISO/IEC 27001 implementation, from gap assessment to certification. We have assisted a number of companies in successfully gaining certification. Our consultants will build an information security management system that will fit with your business operations and deliver to the certification body requirements
Information Security Officer as a Service
TECHNICAL SERVICES
We provide a number of security services which will help an organisation to deploy and manage technical security controls. Our team has experience across many industries and technology stacks including cloud. We hold relevant qualifications and are experienced with large enterprise SABSA and TOGAF frameworks.
We can help you with:
Security architecture, design and implementation of technical and administrative controls
Configuration management - policy, process, hardening and templates
Technical control project based design & implementation
Staff augmentation - information security engineer to architect
ENTERPRISE INFORMATION SECURITY LEARNING & DEVELOPMENT
After extensive research in this area, Fortis took the decision that we would be offering a better service to our clients if we partnered with a company which has a laser focus on addressing the human aspects of cyber security. This takes the form of learning and development to providing simulated phishing scenarios.
We can help you with:
​
An award-winning cloud-based Unified Cyber Awareness Platform that helps businesses to improve their cyber security behaviour, and reduce cyber risk
GCHQ approved content
A multi-faceted approach with award winning cloud based platform, to client branded posters, intranet blogs to after dinner talks from leaders in the Cyber Security industry
The Law Society endorsed
Mobile, BYOD and desktop delivery
Machine learning based reporting which offers an insightful risk assessment of human based risk
SECURITY RISK ASSESSMENT SERVICES
Fortis provides many services which can help organisations to identify where their risks lie. This can be from a technology standpoint to identifying the minute points where illicit access could be made. These are also compliant to audit frameworks which regulatory bodies require. Our consultants are experienced, certified (CREST, OSCP & Tigerscheme) and test in accordance with industry best practices such as CREST, CHECK and PCI-DSS. On completion you will receive a comprehensive report detailing risk and recommendations to reduce that risk.
We can help you with:
Penetration testing - all types but typically internal, external, web application, WiFI, Cloud & VoIP platforms
Simulated ethical hacking - Red teaming
Vulnerability scanning services
Product security evaluation
Technical surveillance counter-measures (TSCM) or more commonly known as bug sweeping