Services

Information Security and Cyber Security

Our Information Security services enable our customer's digital business opportunities by providing optimized leading-edge security services, protecting your information assets, products, and services. No matter what values we put in the word digitalization, whether it is about efficiency, innovation, utilizing new technologies, opportunities, or something completely different, security has never been more central. Conscious organizations now a days consider information security and cyber security their core business.

Human risk
It is difficult to avoid reading about various forms of targeted attacks that take place against companies and authorities these days. The current threat landscape to our society, at large, has become increasingly critical and tangible. It places higher demands on security awareness of the individual, the citizen, and the employee. Organizations need to strengthen their resilience against an attack.

To reach out to more people and thus contribute to raising awareness on a broader scale, we have made a film that touches on the topic of human risk. Especially in the context of information and cyber security, where the techniques used is referred to as “Social Engineering“. Our colleagues show how difficult it is to protect yourself from attacks where our human weaknesses are exploited. With this video, we want to highlight an attacker’s methods of accessing classified information, how individuals and organizations can more easily identify a potential attack, and how best to protect against it. We, as part of the society, need to be constantly up to date as the playing field of cyber is constantly changing. We hope that this will give you a good insight into how well your organization is equipped to reduce the human risks that often can be used to improperly access your information assets. In this way, this film can be a contributing factor in strengthening your awareness and our overall resilience.

Background
Security is about companies and organizations’ ability to achieve their goals. Understanding and controlling our risks has been done by a few industries for a long time, some of them have the help of regulations and legislation while others do not have the same industry standards, controls, and follow-up in place. IT Governance and security are areas where we in the EU will lack sufficient capacity and expertise for many years to come, so we as suppliers, authorities, and organizations, both private and public, need to work together to protect and secure our society.

In a world of constant change, improvement and sometimes deterioration, the need for security has never been greater. For a company to achieve its overall goals of development, efficiency, and innovation, we must not only manage a security debt, but we must also cost-effectively take on a journey of change that creates sustainable organizations.

How can we help
Transcendent Group has for the past 20+ years worked with global and local organizations within IT, information security, and which today is often referred to as cyber security. We are extremely grateful and proud for the trust our customers have placed in us for many years. We have solid experience of taking on roles such as Chief Information Security Officer; management, governance, and strategy is our cornerstone. We are experts in change management in security and IT governance where we have helped several of the largest companies in our markets in program and project management roles.

We enable digital business opportunities for your company. We do this by providing leading-edge and tailored services within information and cyber security. By understanding your security risks, we enable and optimize your organization’s resilience to threats. This accelerates digital transformation and futureproofing deliveries.

One area where we gain great confidence is in security architecture, where the assignments are often complex, developing and very fun. There we often get the opportunity to support from a broad technical perspective.

In terms of technological development, we are also very proud of our cyber security community which today is more than 20 consultants with extensive experience in technical assessments, penetration testing, application security, managed security services (incident response and SIEM) to name a few. As part of our red team, we offer the combination of technical security assessments and social engineering. Social engineering is about human risk, and it is an area that our customers are more and more interested in.

Having the world as we know it today in mind, our experts withing Business Continuity Management (BCM) and IT Disaster Recovery (ITDR) are often asked to help secure organizations for future events we do not yet know about.

Services provided
Two decades back, Transcendent Group started providing the Cyber Security services to support the Information Security offering and has grown the team of professionals in this field since. Today we have matured a set of expertise in a wide range of Cyber Security services including but not limited to the following:

  • Security strategy, risk and governance
  • Digital, Cyber and Enterprise security
  • IT security review (vulnerability assessment, penetration testing, IT audit, risk assessment)
  • Infrastructure penetration testing (cloud and network)
  • Application penetration testing (web, desktop and mobile)
  • Assessments (Red team, Compromise assessment, Denial of Service testing)
  • Operational resilience (Continuity Management, BIA, Crisis Management)
  • Threat modelling, cyber threat hunting and assessment
  • Social engineering (Phishing, Vishing, Smishing, physical, etc.)
  • Code review (static and dynamic analysis)
  • Security architecture, Identity and access management (IAM)
  • Training and awareness
  • SWIFT CSP attestations, ISO27000, NIST, PCI DSS

We also offer our professional assistance for incident response, cyber security audit, security verification, vendor assessments etc.

All our consultants are qualified and have years of cyber security experience, thus most of the technologies are covered.  To deliver the best services, we use the edge technologies and commercial grade products. We cover most of technologies, including but not limited to IoT (Internet of Things), Edge computing, Automation, AI (Artificial Intelligence), Mobile and Blockchain.

Track record
Penetration testing framework agreement   
The client needed to keep their systems secure against various cyber risks that could lead to information leakage resulting in theft or fraud. We helped the client by performing several penetration tests each year targeting different business systems, including an annual API test . APIs of consumer and business mobile applications were tested, as well as various web applications including company internal and client-facing service portals. Other deliveries include technical verification against OWASP top 10 and preparations for red-team testing and agile testing in agile development settings.

Implementing Managed Security Service   
Our client needed better control over cyber security in the organization in order to detect and respond to incidents. We assisted the client with developing new cyber security capabilities by implementing a Managed Security Service. This included building companywide capabilities in the organization including monitoring, vulnerability management and incident response. We also assisted with building and operationalizing a new unit within the company  as a Centre of Excellence for cyber security. Our consultants took part in relevant procurement processes and assisted with change- and project management.

Cyber security in a modernization program   
The client is modernizing its technical platform in a complex organization and needed assistance with an overview of security across different projects. We assist different project managers by advising on the development of secure solutions for their next technology platform and services, and coordination of security within the different projects. This involves establishing security requirements both across the company and for its vendors. We advise on security architecture and perform security approvals and change management. We do inspections of adherence to internal requirements and CIS-controls. Our main deliveries are in the areas of cloud- and mobile security, establishing a secure platform for managing IT operations, and setting security criteria  for the migration of company-wide applications to the new environment.

Not sure where to start? Contact us and we are happy to help you define the needs of your organization. We can customize an offering to best meet the needs for your organization.

Global and local contact

Do you want to know more? Get in contact with the global contact person, or reach out to your local contact.

Related material

Let's connect

We want to know more about you and your organizations challenge! Get in contact with your local office to find out more about our culture and services.

Contact us