INFORMATION SECURITY GOVERNANCE, RISK & COMPLIANCE CLOUD CONSULTING SERVICES CIO & CISO SERVICES. forebrook

Similar documents
"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

Position Description IT Auditor

locuz.com SOC Services

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Data Sheet The PCI DSS

Manchester Metropolitan University Information Security Strategy

Certified Information Security Manager (CISM) Course Overview

Information Technology General Control Review

FDIC InTREx What Documentation Are You Expected to Have?

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

t a Foresight Consulting, GPO Box 116, Canberra ACT 2601, AUSTRALIA e foresightconsulting.com.

New Zealand Government IBM Infrastructure as a Service

Sirius Security Overview

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Security In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.

Securing the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA

Les joies et les peines de la transformation numérique

Enhance Your Cyber Risk Awareness and Readiness. Singtel Business

CCISO Blueprint v1. EC-Council

BHConsulting. Your trusted cybersecurity partner

IoT & SCADA Cyber Security Services

CYBER RESILIENCE & INCIDENT RESPONSE

IT Consulting and Implementation Services

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Protecting your data. EY s approach to data privacy and information security

Val-EdTM. Valiant Technologies Education & Training Services. Workshop for CISM aspirants. All Trademarks and Copyrights recognized.

AT FIRST VIEW C U R R I C U L U M V I T A E. Diplom-Betriebswirt (FH) Peter Konrad. Executive Partner Senior Consultant

The Experience of Generali Group in Implementing COBIT 5. Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

falanx Cyber ISO 27001: How and why your organisation should get certified

REPORT 2015/149 INTERNAL AUDIT DIVISION

Information Security Architecture Gap Assessment and Prioritization

Information Technology Disaster Recovery Planning Audit Redacted Public Report

IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)

HCL GRC IT AUDIT & ASSURANCE SERVICES

Optimisation drives digital transformation

Information Security Controls Policy

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

THE ISACA CURACAO CHAPTER IS ORGANIZING FOLLOWING INFORMATION SECURITY AND TECHNOLOGY SESSIONS ON MAY 15-MAY :

*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***

IT123: SABSA Foundation Training

Canada Life Cyber Security Statement 2018

BHConsulting. Your trusted cybersecurity partner

Certified Information Systems Auditor (CISA)

ROLE DESCRIPTION IT SPECIALIST

ASD CERTIFICATION REPORT

Cyber Resilience. Think18. Felicity March IBM Corporation

Run the business. Not the risks.

NEN The Education Network

IaaS Buyer s Checklist.

IT risks and controls

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

IT Information Security Manager Job Description

Reinvent Your 2013 Security Management Strategy

Ingram Micro Cyber Security Portfolio

Dell helps you simplify IT

Automating the Top 20 CIS Critical Security Controls

Healthcare Security Success Story

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Suma Soft s IT Risk & Security Management Solutions for Global Enterprises

Sage Data Security Services Directory

The Common Controls Framework BY ADOBE

Security by Default: Enabling Transformation Through Cyber Resilience

SOLUTION BRIEF Virtual CISO

Assurance through the ISO27002 Standard and the US NIST Cybersecurity Framework. Keith Price Principal Consultant

Cyber Security Incident Response Fighting Fire with Fire

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

IT-CNP, Inc. Capability Statement

REQUEST FOR EXPRESSIONS OF INTEREST

Cybersecurity Session IIA Conference 2018

NEXT GENERATION SECURITY OPERATIONS CENTER

Three Key Challenges Facing ISPs and Their Enterprise Clients

SALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually

Your Trusted Partner in Europe European Business Reliance Centre

Appendix 3 Disaster Recovery Plan

Application for Certification

New Zealand Government IbM Infrastructure as a service

ISO/ IEC (ITSM) Certification Roadmap

Risk Advisory Academy Training Brochure

External Supplier Control Obligations. Cyber Security

Version 1/2018. GDPR Processor Security Controls

Vulnerability Assessments and Penetration Testing

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx

CYBER SECURITY AIR TRANSPORT IT SUMMIT

April Appendix 3. IA System Security. Sida 1 (8)

Gatekeeper Public Key Infrastructure Framework. Information Security Registered Assessors Program Guide

Background FAST FACTS

INFORMATION SECURITY. One line heading. > One line subheading. A briefing on the information security controls at Computershare

UK Permanent Salary Index November 2013 Based on registered vacancies and actual placements

Securing Your Digital Transformation

CYBER SECURITY WORKSHOP NOVEMBER 2, Anurag Sharma [CISA, CISSP, CRISC] Principal Cyber & Information Security Services

Best Practices in Securing a Multicloud World

Guidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17

Ian Speller CISM PCIP MBCS. Head of Corporate Security at Sopra Steria

Security Awareness Training Courses

Mohammad Shahadat Hossain

Transcription:

INFORMATION SECURITY GOVERNANCE, RISK & COMPLIANCE CLOUD CONSULTING SERVICES CIO & CISO SERVICES forebrook

INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT IT GOVERNANCE PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK INFORMATION SECURITY CLOUD CONSULTING RISK COMPLIANCE CIO / CISO SERVICES REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE forebrook OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 AWARENESS

Forebrook offers a range of information security, governance, IT systems and infrastructure related services. We conduct IT infrastructure assessments, security and risk assessments, vulnerability assessments and penetration tests. We design and implement information security programmes, review and develop information security architectures, security policies, business continuity strategies and disaster recovery plans. We assist organisations in preparing for certification audits such as ISO27001:2013, PCI-DSS, ISO 20000; we conduct compliance reviews for international and regional standards including ADSIC ISS 2.0 and Dubai Information Security Regulation (ISR) or the latest NESA standard. Forebrook is a vendor-independent firm based in Dubai specialising in Information Security and IT-Governance consulting. Our biggest strength is our team of experienced consultants, who have worked in large enterprises, banks and government organisations. Our senior consultants have 20-30 years experience in information technology and hold multiple industry certifications such as CISSP, CISA, CISM, CRISC, CGEIT, COBIT, ITIL, ISO27001, ISO20000, TOGAF9, PMP, MCSE, MCITP, MCT. Security Assessments Security assessments should be conducted on a regular basis, and should be included in the strategy. Major international standards include third-party assessments as an important requirement. The goal of assessments is to ensure that necessary and adequate security controls are implemented to protect information assets from unauthorised access, use, disclosure, disruption, modification, recording or destruction. We, at Forebrook, conduct comprehensive assessments based on best-practices and international standards. In addition to using latest tools for vulnerability assessments, we also check, inspect, observe and analyse information systems in a holistic manner covering technology, people, policies, processes, procedures. As an integral part of assessments, we conduct interviews with individuals and groups in the organisation to understand the infrastructure, security objectives and strategies, and assess security controls for effectiveness and adequacy. Additionally, penetration tests will be conducted for public-facing IPs. Our Security/Risk Assessments culminate in extensive reports and recommendations for remediation along with roadmaps to implement controls. Security Policies Data Classification Risk Management Topology, Data Flow Access Control VPN/Remote Access Network Access Control Application Configuration Database Configuration Change Control Patching & Anti-Virus Logging / SIEM Intrusion Detection Physical Security BCP/DR Vulnerability Assessment & PT VA/PT is a requirement for compliance with standards such as PCI-DSS, or as a part of risk assessment for ISO 27001; regardless, conducting regular VA/PT is deemed a good practice and is usually included in well-designed security programmes. VAPT is included in our security assessments, but we also offer a separate service for specific objectives such as reports for compliance audits. We use VA scanning tools according to the need of the organisation and analyse reports to extract actionable intelligence. In addition to the summary report, we submit recommendations for remediation and a prioritised list of remediation activities.

Compliance We assist organisations in implementing ISMS based on good practices and international standards. Organisations are required to obtain independent certification of their information security management systems against the ISO standard. The ISO27000 suite of standards specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS), using a continual improvement approach. We help organisations prepare for certification by doing risk assessment, gap-analysis and design an integrated ISMS covering all the domains described in the standard: Information Security Policies Organisation of Information Security Human Resources Security Asset Management Access Control Cryptography Physical and Environmental Security Operations Security Communications Security Systems Acquisition, Development, Maintenance Supplier Relationships Security Incident Management Business Continuity Compliance ISO 27001:2013 ISO 20000 PCI-DSS 3.1/3.2 COBIT 5 Review and Implementation Dubai-ISR Applicability Review ADSIC ISS 2.0 Review NESA Assessment ISA/IEC 62443 Infrastructure Assessments IT infrastructure assessment is required from time to time as an input to decision making - for strategic investments in technologies or for process improvement and optimisation. Organisations engage external parties to do health-checks and assessments for an independent opinion. Typical assessments are generally conducted in the following major phases: 1. Survey and Data Gathering 2. Documentation and Assessment of the Infrastructure 3. Gap Analysis vis-à-vis good practices 4. Recommendations for improvement, configuration changes etc. 5. Presentation of findings, reports; and workshops. Based on the maturity level, and business requirements (gathered during interviews), we make recommendations or highlight areas which require attention whether configuration changes, upgrades or a complete overhaul of the systems in question. These recommendations will be guided by good practices, taking into consideration latest technologies and security enhancements, for the overall improvement of IT services. Services and Applications Data Centres / Locations System Infrastructure Network and Wireless Infrastructure Virtualisation Infrastructure Storage and Backup Infrastructure Printers and Peripherals Communication Lines Access Control and CCTV Audio/Video Infrastructure Security Infrastructure Recommendations will be made in alignment with enterprise architecture, if a formal definition exists in the organisation; if not, these recommendations will be conducive for such a design in the future. In addition to various documents, we also produce engaging infographics as a part of deliverables.

Governance of Enterprise IT Whether you are planning to build an ITG framework or seek to revise an existing governance model, we can help you review, revise and update ITG processes, policies and procedures. We prepare documentation in accordance with standards and prepare your organisation for audits by performing health-checks and gap analysis against frameworks such as COBIT 5. Source: COBIT 5, figure 2. 2012 ISACA All rights reserved. Source: COBIT 5, figure 12. 2012 ISACA All rights reserved. Maturity Assessment COBIT Health-Check Build/Review ITG Framework Document ITG Processes IT Architecture Review Business-IT Alignment Review Resource Review Benefits Realisation Gap Analysis Disaster Recovery All organisations are vulnerable to disruptions of many kinds: from human error to utilities failure to natural disasters to terrorist attacks. Even though it is impossible to eliminate risks completely, they can be minimized to a level acceptable to the organisation. One of the strategies of managing such risks is to have a contingency plan, in case of a disruption. It is essential for organisations to have a comprehensive contingency plan, which can be invoked during such a disruptive event. Such a contingency plan should be updated regularly and tested frequently for readiness and efficacy. Disaster recovery planning is composed of the processes, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organisation after a natural or human-induced disaster. We conduct reviews to examine the capability and accuracy of DR plans and recovery strategies. If you are in the process of building one, we can help you draft a sound strategy and compile comprehensive plans that cover infrastructure, applications, data, people, processes, procedures and policies. We conduct tests to validate plans and prepare the staff to efficiently respond in case of a disaster. Virtualisation technologies have simplified the technology aspect of disaster recovery and also drastically reduced the costs for robust DR implementations. We explore and recommend latest technologies for cost-efficient and agile disaster recovery strategies. Business Impact Analysis Drafting a DR/BCP Strategy Draft Disaster Recovery Plan Review / Update DR Plans DR Training and Workshops Failover and Fail-back Testing Implement DR Technology Health-check of DRP/BCP

IT Optimisation Virtualisation and cloud computing have revolutionised IT; yet, many organisations are not ready to take the big leap. Sprawling and outdated infrastructures without updated or accurate documentation contribute greatly to the fear of the unknown. CIOs, CTOs and IT planners understand that virtualisation is not only about optimisation of hardware but also about the agility of the organisation in provisioning of services and better Feasibility Studies IT Optimisation Assessment security. We help organisations to examine, explore, review Virtualisation Implementations and upgrade their infrastructures and conduct feasibility Virtualisation Design and Architecture studies to move towards fully virtualised infrastructures. Documentation We believe that we are among the very few, if not the only service provider in the region offering documentation as a Systems Documentation separate service. The importance of documentation and the Network Documentation associated risk in absence of documentation for critical systems is well-known and commonly acknowledged. IT documentation is incomplete or outdated for a variety of Process Documentation Procedures / SOPs reasons. We can assist your in documentation of applications, Systems/Process Diagrams infrastructures, Manuals / User-Guides processes and procedures. We manuals, detailed diagrams, user-guides and SOPs. prepare

Cloud Consulting Services Cloud computing is revolutionising enterprise IT. Deployment of cutting-edge technologies has become faster and easier than traditional on-premise systems - at a fraction of the cost. Whether you plan to deploy production systems, or just offload test and development systems to the cloud, you need to analyse your requirements and plan accordingly. A sound cloud strategy is not just numbers that show savings; rather, it should be modelled on business objectives and consideration of overall risk. Business benefits are many: operational optimisations and ease of provisioning increases agility and cost efficiencies. Forebrook will assist you in your cloud computing strategy, by doing assessments, identifying areas which can leverage cloud platforms, identifying potential risks, undertaking feasibility studies and computing total costs including hidden costs - providing intelligence to decide on private, public or hybrid clouds. Whether you wish to use SaaS solutions or PaaS/IaaS for optimising datacentres, our comprehensive assessments and studies can help you make an informed choice. If you wish, we can also help you deploy and maintain your public cloud infrastructure or train your staff to manage those resources. Feasibility Studies Cloud Strategy Cloud Design and Architecture Deployment & Management of SaaS Deployment & Management of PaaS/IaaS Cloud Solutions in a DR Strategy Cloud Computing for Testing & Development Cloud Security Feature/Capability Comparison CIO / CISO Services Many organisations may not require a full-time CIO/CISO - and even those organisations with CIO/CISO may need to offload certain tasks from time to time. Forebrook can assist your organisation by performing some or all CIO/CISO tasks by drawing from a pool of experienced professionals. Apart from hiring the right resource, retaining highly-competent and experienced professionals is a major challenge. With Forebrook, you can avail the services of senior consultants for a fraction of the cost of hiring such resources. Define systems architecture to support strategy. Define security architecture. Produce blueprints network and security infrastructure. Align business goals and IT infrastructure. Align technology objectives to business goals. Ensure quality and security through the System Life Cycle. Document reference architectures, patterns, roadmaps related to IT. Communicate architecture to stakeholders. Advocate and justify investment to support infrastructure. Perform requirement analysis and planning. Subject Matter Expertise on all IT related matters. Work with senior management to propose improvements to the business infrastructure and report progress on various projects. Conduct research on emerging technologies, and recommend technologies that will provide right-sized security posture, operational efficiency, infrastructure flexibility and operational stability. IT Strategy & Roadmap IT Portfolio Review Due Diligence Feasibility Analysis IT Project Management Change Management Office Automation Optimising IT / Cost Optimisation IT Infrastructure Optimisation IT Financial Management / Budgeting Procurement / Vendor Management IT Policies and Procedures Recruitment, Interviews Performance Management Managing IT Outsourcing Cloud Technologies/Services Business IT Alignment Enterprise Architecture IT Governance & Compliance IT Risk Management Information Security Review Business Continuity / Disaster Recovery

forebrook FOREBROOK CONSULTING Office M-02, Mezzanine Floor, Sunshine Building, Garhoud, Dubai, United Arab Emirates Tel: +971 4 2945384 Fax: +971 4 2945385 PO Box 235240 forebrook.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback