forebrook
INFORMATION SECURITY
GOVERNANCE, RISK & COMPLIANCE
CLOUD CONSULTING SERVICES
CIO & CISO SERVICES
INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY
STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS
REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS
OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER
FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT
MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE
MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY
DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES
CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION
CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE
SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO
27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS
ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD
SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK
REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN &
ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY
PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT
GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE
OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE
SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT
IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT
PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1
INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION
OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE
NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY
MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT
VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT
SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION
NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE
SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT
ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY
ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY
INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443
WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA
ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES
FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK
INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY
STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS
REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS
OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER
FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT
MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE
MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY
DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES
CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION
CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE
SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO
27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS
ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD
SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK
REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN &
ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY
PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT
GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE
OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE
SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT
IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT
PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1
INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION
OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE
NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY
MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT
VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT
SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION
NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE
SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT
ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY
ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY STRATEGY CLOUD SERVICES STRATEGY
INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS REMEDIATION ROADMAP ISA/IEC 62443
WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS OWASP DUBAI ISR AUDIT NESA
ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER FORENSICS CLOUD ADVISORY SERVICES
FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT MANAGEMENT ITG FRAMEWORK
INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 SERVICE MANAGEMENT ITIL SECURITY
STRATEGY CLOUD SERVICES STRATEGY INFORMATION SECURITY MANAGEMENT SYSTEMS COMPLIANCE PCI DSS V3.1 INFRASTRUCTURE DOCUMENTATION IT GOVERNANCE ISO 20000 AWARENESS ASSET INVENTORY DIAGRAMS INFOGRAPHICS
REMEDIATION ROADMAP ISA/IEC 62443 WIRELESS SECURITY VIRTUALISATION NETWORK SECURITY VIRTUALISATION OPTIMISATION DATACENTRE OPTIMISATION AMAZON/AZURE/GOOGLE CLOUD SERVICES CIO SERVICES CISO SERVICES GAP ANALYSIS
OWASP DUBAI ISR AUDIT NESA ADNIC ISS2 AUDIT SECURITY GOVERNANCE SECURITY OPERATIONS CENTRE NETWORK OPERATIONS CENTRE SECURITY BASELINE SECURITY REVIEW RISK REGISTER RISK PRIORITISATION CLOUD SECURITY CYBER
FORENSICS CLOUD ADVISORY SERVICES FEASIBILITY STUDIES BUSINESS IMPACT ANALYSIS BCP/DR STRATEGY MATURITY ASSESSMENT IMPLEMENTATION ADVICE NETWORK DESIGN & ARCHITECTURE SECURITY ARCHITECTURE SECURITY INCIDENT
MANAGEMENT ITG FRAMEWORK INFRASTRUCTURE ASSESSMENT SECURITY ASSESSMENT RISK ASSESSMENT VULNERABILITY ASSESSMENT PENETRATION TESTS DISASTER RECOVERY PLANNING SECURITY POLICY COBIT ISO 27001:2013 AWARENESS
IT GOVERNANCE
INFORMATION SECURITY
RISK &COMPLIANCE
CIO / CISO SERVICES
CLOUD SERVICES
forebrook
Security assessments should be conducted on a regular basis, and
should be included in the strategy. Major international standards
include third-party assessments as an important requirement.
The goal of assessments is to ensure that necessary and adequate
security controls are implemented to protect information assets
from unauthorised access, use, disclosure, disruption,
modification, recording or destruction.
We, at Forebrook, conduct comprehensive assessments based on
best-practices and international standards. In addition to using
latest tools for vulnerability assessments, we also check, inspect,
observe and analyse information systems in a holistic manner
covering technology, people, policies, processes, procedures. As
an integral part of assessments, we conduct interviews with
individuals and groups in the organisation to understand the
infrastructure, security objectives and strategies, and assess
security controls for effectiveness and adequacy. Additionally,
penetration tests will be conducted for public-facing IPs.
Our Security/Risk Assessments culminate in extensive reports and
recommendations for remediation along with roadmaps to
implement controls.
Security AssessmentsSecurity AssessmentsSecurity AssessmentsSecurity Assessments
Forebrook offers a range of information security, governance, IT systems and infrastructure
related services. We conduct IT infrastructure assessments, security and risk assessments,
vulnerability assessments and penetration tests. We design and implement information
security programmes, review and develop information security architectures, security policies,
business continuity strategies and disaster recovery plans. We assist organisations in preparing
for certification audits such as ISO27001:2013, PCI-DSS, ISO 20000; we conduct compliance
reviews for international and regional standards including ADSIC ISS 2.0 and Dubai Information
Security Regulation (ISR) or the latest NESA standard.
Forebrook is a vendor-independent firm based in Dubai specialising in Information Security and
IT-Governance consulting. Our biggest strength is our team of experienced consultants, who
have worked in large enterprises, banks and government organisations. Our senior consultants
have 20-30 years experience in information technology and hold multiple industry
certifications such as CISSP, CISA, CISM, CRISC, CGEIT, COBIT, ITIL, ISO27001, ISO20000,
TOGAF9, PMP, MCSE, MCITP, MCT.
Security Policies
Data Classification
Risk Management
Topology, Data Flow
Access Control
VPN/Remote Access
Network Access Control
Application Configuration
Database Configuration
Change Control
Patching & Anti-Virus
Logging / SIEM
Intrusion Detection
Physical Security
BCP/DR
Vulnerability Assessment & PTVulnerability Assessment & PTVulnerability Assessment & PTVulnerability Assessment & PTVA/PT is a requirement for compliance with standards such as PCI-DSS, or as a part of risk assessment for ISO
27001; regardless, conducting regular VA/PT is deemed a good practice and is usually included in well-designed
security programmes. VAPT is included in our security assessments, but we also offer a separate service for
specific objectives such as reports for compliance audits. We use VA scanning tools according to the need of the
organisation and analyse reports to extract actionable intelligence. In addition to the summary report, we submit
recommendations for remediation and a prioritised list of remediation activities.
Infrastructure AssessmentsInfrastructure AssessmentsInfrastructure AssessmentsInfrastructure AssessmentsIT infrastructure assessment is required from time to time as an input to decision making - for strategic
investments in technologies or for process improvement and optimisation. Organisations engage external parties
to do health-checks and assessments for an independent opinion. Typical assessments are generally conducted in
the following major phases:
1. Survey and Data Gathering
2. Documentation and Assessment of the Infrastructure
3. Gap Analysis vis-à-vis good practices
4. Recommendations for improvement, configuration changes etc.
5. Presentation of findings, reports; and workshops.
Based on the maturity level, and business requirements
(gathered during interviews), we make
recommendations or highlight areas which require
attention – whether configuration changes, upgrades or
a complete overhaul of the systems in question. These
recommendations will be guided by good practices,
taking into consideration latest technologies and
security enhancements, for the overall improvement of
IT services.
Recommendations will be made in alignment with
enterprise architecture, if a formal definition exists in
the organisation; if not, these recommendations will be
conducive for such a design in the future. In addition to
various documents, we also produce engaging
infographics as a part of deliverables.
ComplianceComplianceComplianceComplianceWe assist organisations in implementing ISMS based on good practices and international standards. Organisations
are required to obtain independent certification of their information security management systems against the
ISO standard. The ISO27000 suite of standards specifies requirements for establishing, implementing, operating,
monitoring, reviewing, maintaining and improving a documented Information Security Management System
(ISMS), using a continual improvement approach. We help organisations prepare for certification by doing risk
assessment, gap-analysis and design an integrated ISMS covering all the domains described in the standard:
ISO 27001:2013
ISO 20000
PCI-DSS 3.1/3.2
COBIT 2019 Review
Dubai-ISR Applicability Review
ADSIC ISS 2.0 Review
NESA Assessment
ISA/IEC 62443
Information Security Policies
Organisation of Information Security
Human Resources Security
Asset Management
Access Control
Cryptography
Physical and Environmental Security
Operations Security
Communications Security
Systems Acquisition, Development, Maintenance
Supplier Relationships
Security Incident Management
Business Continuity
Compliance
Services and Applications
Data Centres / Locations
System Infrastructure
Network and Wireless Infrastructure
Virtualisation Infrastructure
Storage and Backup Infrastructure
Printers and Peripherals
Communication Lines
Access Control and CCTV
Audio/Video Infrastructure
Security Infrastructure
Governance of Enterprise ITGovernance of Enterprise ITGovernance of Enterprise ITGovernance of Enterprise ITWhether you are planning to build an ITG framework or seek to
revise an existing governance model, we can help you review,
revise and update ITG processes, policies and procedures.
We prepare documentation in accordance with standards and
prepare your organisation for audits by performing health-checks
and gap analysis against frameworks such as COBIT 5.
Maturity Assessment
COBIT Health-Check
Build/Review ITG Framework
Document ITG Processes
IT Architecture Review
Business-IT Alignment Review
Resource Review
Benefits Realisation Gap Analysis
Disaster RecoveryDisaster RecoveryDisaster RecoveryDisaster Recovery
We conduct reviews to examine the capability and accuracy of DR plans
and recovery strategies. If you are in the process of building one, we can
help you draft a sound strategy and compile comprehensive plans that
cover infrastructure, applications, data, people, processes, procedures and
policies. We conduct tests to validate plans and prepare the staff to
efficiently respond in case of a disaster.
Virtualisation technologies have simplified the technology aspect of
disaster recovery and also drastically reduced the costs for robust DR
implementations. We explore and recommend latest technologies for
cost-efficient and agile disaster recovery strategies.
Business Impact Analysis
Drafting a DR/BCP Strategy
Draft Disaster Recovery Plan
Review / Update DR Plans
DR Training and Workshops
Failover and Fail-back Testing
Implement DR Technology
Health-check of DRP/BCP
All organisations are vulnerable to disruptions of many kinds: from human error to utilities failure to natural
disasters to terrorist attacks. Even though it is impossible to eliminate risks completely, they can be minimized
to a level acceptable to the organisation. One of the strategies of managing such risks is to have a contingency
plan, in case of a disruption. It is essential for organisations to have a comprehensive contingency plan, which
can be invoked during such a disruptive event. Such a contingency plan should be updated regularly and tested
frequently for readiness and efficacy. Disaster recovery planning is composed of the processes, policies and
procedures related to preparing for recovery or continuation of technology infrastructure critical to an
organisation after a natural or human-induced disaster.
Source: COBIT® 5, figure 2. © 2012 ISACA
® All rights reserved.
So
urc
e:
CO
BIT
® 5
, fi
gu
re 1
2.
© 2
01
2 I
SA
CA
® A
ll r
igh
ts r
ese
rve
d.
IT OptimisationIT OptimisationIT OptimisationIT OptimisationVirtualisation and cloud computing have revolutionised IT; yet, many organisations are not ready to take the
big leap. Sprawling and outdated infrastructures without updated or accurate documentation contribute
greatly to the fear of the unknown.
Feasibility Studies
IT Optimisation Assessment
Virtualisation Implementations
Virtualisation Design and Architecture
CIOs, CTOs and IT planners understand that virtualisation is
not only about optimisation of hardware – but also about the
agility of the organisation in provisioning of services and better
security. We help organisations to examine, explore, review
and upgrade their infrastructures and conduct feasibility
studies to move towards fully virtualised infrastructures.
DocumentationDocumentationDocumentationDocumentationWe believe that we are among the very few, if not the only
service provider in the region offering documentation as a
separate service. The importance of documentation and the
associated risk in absence of documentation for critical
systems is well-known and commonly acknowledged. IT
documentation is incomplete or outdated for a variety of
reasons. We can assist your in documentation of applications,
infrastructures, processes and procedures. We prepare
manuals, detailed diagrams, user-guides and SOPs.
Systems Documentation
Network Documentation
Process Documentation
Procedures / SOPs
Systems/Process Diagrams
Manuals / User-Guides
Cloud Consulting ServicesCloud Consulting ServicesCloud Consulting ServicesCloud Consulting Services
CIO / CISO ServicesCIO / CISO ServicesCIO / CISO ServicesCIO / CISO Services
Cloud computing is revolutionising enterprise IT. Deployment of cutting-edge technologies has become faster and
easier than traditional on-premise systems - at a fraction of the cost. Whether you plan to deploy production
systems, or just offload test and development systems to the cloud, you need to analyse your requirements and
plan accordingly. A sound cloud strategy is not just numbers that show savings; rather, it should be modelled on
business objectives and consideration of overall risk. Business benefits are many: operational optimisations and
ease of provisioning increases agility and cost efficiencies.
Forebrook will assist you in your cloud computing strategy, by
doing assessments, identifying areas which can leverage cloud
platforms, identifying potential risks, undertaking feasibility
studies and computing total costs including hidden costs -
providing intelligence to decide on private, public or hybrid
clouds.
Whether you wish to use SaaS solutions or PaaS/IaaS for
optimising datacentres, our comprehensive assessments and
studies can help you make an informed choice. If you wish, we can
also help you deploy and maintain your public cloud
infrastructure or train your staff to manage those resources.
Feasibility Studies
Cloud Strategy
Cloud Design and Architecture
Deployment & Management of SaaS
Deployment & Management of PaaS/IaaS
Cloud Solutions in a DR Strategy
Cloud Computing for Testing & Development
Cloud Security
Feature/Capability Comparison
IT Strategy & Roadmap
IT Portfolio Review
Due Diligence
Feasibility Analysis
IT Project Management
Change Management
Office Automation
Optimising IT / Cost Optimisation
IT Infrastructure Optimisation
IT Financial Management / Budgeting
Procurement / Vendor Management
IT Policies and Procedures
Recruitment, Interviews
Performance Management
Managing IT Outsourcing
Cloud Technologies/Services
Business – IT Alignment
Enterprise Architecture
IT Governance & Compliance
IT Risk Management
Information Security Review
Business Continuity / Disaster Recovery
Many organisations may not require a full-time CIO/CISO - and
even those organisations with CIO/CISO may need to offload
certain tasks from time to time. Forebrook can assist your
organisation by performing some or all CIO/CISO tasks by drawing
from a pool of experienced professionals. Apart from hiring the
right resource, retaining highly-competent and experienced
professionals is a major challenge. With Forebrook, you can avail
the services of senior consultants for a fraction of the cost of
hiring such resources.
� Define systems architecture to support strategy.
� Define security architecture .
� Produce blueprints network and security infrastructure.
� Align business goals and IT infrastructure.
� Align technology objectives to business goals.
� Ensure quality and security through the System Life Cycle.
� Document reference architectures, patterns, roadmaps related to IT.
� Communicate architecture to stakeholders.
� Advocate and justify investment to support infrastructure.
� Perform requirement analysis and planning.
� Subject Matter Expertise on all IT related matters.
� Work with senior management to propose improvements to the
business infrastructure and report progress on various projects.
� Conduct research on emerging technologies, and recommend
technologies that will provide right-sized security posture, operational
efficiency, infrastructure flexibility and operational stability.
FOREBROOK IT INFRASTRUCTURE L.L.C.Suite 502, Nawras Tower, Al Qusais First, Dubai, United Arab Emirates
Tel: +971 4 2965448 | PO Box 235240 | forebrook.com | secreck.com
forebrook