Clients & Projects
Our past and current clients
Manufacturing Infrastructure Security
We helped a large global pharmaceutical client to define, develop and deliver a secure manufacturing infrastructure that includes critical business applications and OT systems. Manufacturing systems architecture was aligned to Purdue model of ICS architecture (ISA-99, ISA-95). This was a multi-year programme (circa $10m) involving vendor selection, POC, testing and delivery of new infrastructure and security technologies.
Network Segmentation - Security Zoning
Our security consultants helped two large global pharmaceutical clients to define and deliver network segmentation and security zoning for on-prem infrastructure, cloud (IaaS) and manufacturing sites. This includes IP address, VLAN and routing domain separation across global offices incl. (branch offices, data centres and manufacturing sites) and appropriate risk-based firewall zoning strategy to control access of users, applications and OT systems.
Railway Cyber Security Assurance Case
We have helped one of our key confidential clients in development & delivery of cyber security assurance case in accordance with railway regulatory standards and Department for Transport (DfT)’s rail cyber security guidance. Project involved risk assessment and design review of signalling systems, networks, IT, OT and IoT systems.
Cyber Security Operation Centre (SOC)
Our security consultants have years of experience helping clients to build 24x7 Cyber SOC capability starting from defining requirements, use case analysis, supplier assessment, SIEM product assessment, supplier selection, SIEM security architecture/design and help building an efficient SOC team.
IT Service Supplier Audit and Assurance
Our lead consultant has helped a large global pharmaceutical client in reviewing IT service suppliers’ contract and technical deliverables. The project involved technical audit and gap assessment and provide recommendations to senior management. Later on, helped the client by governing the supplier’s technical delivery for 10+ core infrastructure security capabilities.
Our lead consultant has helped a large pharmaceutical client in the development of a security programme plan to achieve ISO27001 accreditation for its IT business unit. The plan incorporates assessment of the current state, gap assessment, assessment of existing inflight security projects, roadmap development (future projects), periodisation of projects (building blocks) and how assurance (incl. KPIs) will be achieved throughout the programme. We have also helped many clients in providing end to end ISO27001 accreditation through our trusted partner network.
eCommerce Platform Security
Our lead consultant has helped a large European airlines operator in the definition and development of secure commercial digital platform architecture. Technical stack involved an AWS/on-prem (hybrid) cloud-based multi-channel eCommerce platform. Channels include digital (web, mWeb, Mobile Apps), B2B API gateway, airport kiosks, call centre and their online payment systems. Our consultant led security strategy, technical risk management and development of security solution designs of the architectural components.
Data Centre Security
Our consultant has helped a large financial services client in delivering secure global data centres from scratch. The project involved the following deliverables:
Migration and consolidation of legacy to new data centres. Supported in vendor selection and testing.
Designed Inter data centre DCI connectivity, private MPLS for optimal traffic engineering and failovers.
Design bespoke low latency trading platform environments across multiple colocations and Data Centres in AMERS, LATAM and EMEA regions.
Design and deployment of secure hybrid cloud architecture
Our large pool of CCIE and JNCIE network consultants have successfully delivered many data centre projects across other industries.
Our lead security consultant has helped a confidential mobile operator to design and deliver 4G/LTE end-to-end security architecture, risk management and security solution design. The project involved a thorough risk assessment of the subscriber radio network, IP core, internet links and corporate environment.
Our lead security consultant has helped a confidential client to define and develop cybersecurity strategy and security management plan to support The European Rail Traffic Management System (ERTMS) programme under the supervision of a cross-industry cybersecurity steering group and senior management team. Work involved developing cybersecurity requirement for ETCS onboard system, risk assessment and security design review of railway systems.
Merger & Acquistion (M&A) Security
Our lead security consultant has helped two large confidential clients (mobile operator, pharmaceutical) in security risk management during a large M&A programme. Deliverables include security boundary definition, technical architecture (target state) development, transitional states (artefacts), user access to applications data security management and user/application cutover.
Risk Assessment and Remediation
We have successfully delivered a wide range of projects to conduct risk assessment of the entire IT estate and helped clients in remediation of identified risks. Work involved a combination of qualitative risk assessment and various tools (penetration testing).
Our consultants have experience in delivering a wide range of challenging projects
Major Projects & Deliverables
Our Past and Current Clients
Our consultants have helped clients in delivering a wide range of challenging projects