top of page

Our Services

CyberSecurity Risk Management

As a result of these real-world engagements, we are experienced in the area of cyber risk quantification and the real-world implementation of the FAIR model at an enterprise level.

​

  • Strategic Risk Analysis Support

    • ​We help you see the big picture like never before – in less time than you ever dreamed possible. We offer a variety of Enablement Services focused on areas of strategic concern for the organization.

    • These engagements typically range from a few weeks to a few short months.

    • Risk reporting – Enterprise risk assessment

    • Board reporting – Analysis of top risks (5 to 10)

    • Budgeting – Analysis of top projects

​

​

  • Tactical Risk Analysis

    • Finding value from your RiskLens Platform deployment happens in a matter of days to a few short weeks. We offer a number of Enablement Services designed to show you how to run tactical risk analyses that can help you drive better day to day decision making.

    • Examples include:

    • Risk assessment – audit findings

    • Risk assessment – policy exceptions

    • Risk assessment – migration of systems to cloud

    • Risk assessment – Web app attacks, patching

    • Risk assessment – Effect of act of terror, sabotage

    • Cost-benefit analysis – Improved application patching

    • Cost-benefit analysis – DLP improvements

    • Cost-benefit analysis – Data encryption

    • Comparative analysis – Ransomware / malware events

    • Comparative analysis – Improved/additional controls

    • Comparative analysis – Anti-phishing controls efficacy

Security Consulting

Connecting innovation, transformation, and leadership

If you’re ready to innovate and transform your business,

We can help you imagine, deliver, and run your future, wherever you compete, using the latest technologies, from strategy development through implementation. Because impact isn’t created alone. Together we can make history.

​

  • Assist your organization with a role as Virtual Chief Information Security Officer as a services (VCISO)​

  • Cyber Incident Planning and Response advice and preparation.

  • Organization Cyber Security maturity evaluation

  • Enterprise Risk Management

  • Compliance management (GDPR, ISO 27001, NIST-CSF, PCI)

  • Security Architecture review

  • Security Solution Design reviews

  • Threat Modelling 

  • Blockchain and cryptocurrency security assessments

  • Hyperledger Sovereign Identity blockchain solutions (FireFly)

  • Developing Blockchain-Based Identity Applications

  • Cloud Security review and key critical processes (Azure, AWS, Kubernetes deployments, DLT)

  • Holistic Hardening

  • Secure Code review (Java, Python, javascript, typescript, GOLang, .NET) 

  • Penetration testing (Infra, Web, API, Mobile, dApp)

  • Solutions design are always part of change and innovation in any business. We support FOSS and want to help you find fit for purpose solutions (even if it is closed source as a commercial solution COTS). 

  • Identity Access Management review​

  • Single Sign-on: Configure SSO on any web portal that support CAS, SAML or OPENID Connect for federated identity. â€‹

  • Strong Authentication: FIDO U2F tokens, one-time passcode (OTP), mobile authentication options.

Auditing and Assurance

Audit & Assurance is about much more than just the numbers. It’s about attesting to accomplishments and challenges, and helping to assure strong foundations for future aspirations. We illuminates the what, how, and why of change so you’re always ready to act ahead. Assistance with ISO 27001 and CryptoCurrency Security Standard (CCSS) implementation and audits

​

The CCSS covers controls that increase the security of the cryptocurrency portion of an information system, however it does not cover common standards and practices for increasing the cybersecurity of an information system.

This includes (but is not limited to): 

  • Cryptocurrency Exchanges (i.e. Information Systems that allow its users to exchange cryptocurrencies for other forms of money) 

  • Cryptocurrency Marketplaces (i.e. Information Systems that allow its users to exchange cryptocurrencies for other goods and services) 

  • Cryptocurrency Games (i.e. Information Systems that allow users to gamble their cryptocurrencies for a chance at winning more) 

  • Cryptocurrency Processors (i.e. Information Systems that automate the acceptance of cryptocurrencies for payment) 

  • Cryptocurrency Storage (i.e. Information Systems that facilitate the receipt and transmission of cryptocurrencies amongst other actors) 

  • Any Information System that handles cryptocurrencies as part of its business logic.

​

Key Aspects in CCSS:

Key / Seed Generation

Wallet Creation

Key Storage

Key Usage

Key Compromise Policy

Keyholder Grant / Revoke Policies & Procedures

Third-Party Security Audits & Procedures

Data Sanitization Policy

Proof of Reserve

Audit Logs

​

For more related information please visit

C4  (CryptoCurrency Certificate Consortium)

Open Repository for the  CryptoCurrency Security Standard 

from CryptoConsortium

Advise on how to track, trace and monitor cryptocurrency transactions and/or crypto crimes.

Identify and investigate illicit activities involving cryptocurrency.

CryptoCurrency Assurance

If you need to assurance with your smart contracts, contact us. 

We audit and trace blockchain/cryptocurrencies and scan smart contract.

 

From cryptocurrency security efforts, compliance risk and forensics.

We are in partnership with the best in the industry!

 

Implement ideas on NFT and identity and security management.

In a work group of the DIF (Decentralised Identity Foundation) creating new protocols related to Zkdid and zkdns (or decentralised DNS). 

​

​

​

​

bottom of page