Meet the team

Bhupen Mistry Technical Adviser

With over 20 years of design and hands-on experience, Bhupen has delivered bespoke cutting-edge technology solutions across many large and complex enterprises. Industries of proficiency include Financial Services, Healthcare, Utilities, Public Sector (Federal) to FinTech and AdTech start-ups.

Using a strategic collaborative approach working across many different levels of stakeholders, Bhupen has a track record transitioning infrastructure to a secure multi-cloud architecture. Working closely with business objectives, the team at FortNet offer clients longevity and value, specialising in highly complex, security and networking environments, including multi-vendor private cloud and public cloud deployments.

Knowledge is key to empowering teams; hence, Bhupen delivers technical courses, instructor-led in-class and online training.

Meet the team

Simon Clark Co-founder

Simon has worked in the IT industry for over 25 years. Introducing ethernet to the market in the eighties, switching in the nineties and solid-state firewalls in 2000.

Since then, as the Cyber landscape has rapidly evolved, Simon has been involved with protecting his customers from emerging attacks both inside and outside the network. Increasingly the focus has moved towards cloud and SaaS based tools to offer faster, better levels of security that can be managed more simply and cost effectively. Simon has worked for both blue chip and start-ups over the years including Cisco and Brocade. During that time Simon has developed a unique understanding of the cyber technologies that are ever evolving and where they fit within enterprise company’s security strategies.

Co-founding FortNet was a natural progression to doing what he loves and being able to offer independent advice to his customers. Bridging the gap between the customer’s core business and the confusing array of security solutions that need to be implemented.

“I believe most companies need help navigating the plethora of cyber vendors . Our aim is to take the legwork out and help our customers make better decisions.”

What We Offer

FortNet UK is committed to helping Mid-Sized Enterprises become Cyber Resilient. Losing confidential information can scare away customers, lose their trust and make you vulnerable to breaching GDPR legislation. By adopting a zero-trust cybersecurity mindset, your business is at much less risk of experiencing a supply chain breach.

How do you do this?

It all starts with a FortNet IT and Risk Health Check. IT professionals need to have visibility of their entire network and an understanding of it’s health before reviewing strategy, complete an audit or particular cyber project.

What’s your area of interest?

Cyber Health Check and Consulting

After a short exploratory discussion (normally 1.5 hr) we can offer several recommendations to further improve your security, supporting you in delivering your prioritised projects. You are under no obligation to work with us or take any of our recommendations, but you may be pleasantly surprised at our innovative approaches.

Staff Awareness Training

The weakest link in any secure environment are the employees. 91% of successful data breaches start with a spear phishing attack and 30% are repeat offenders. Even with the best IT security in place, users need to be trained and reminded against falling for the constantly evolving lure of the sophisticated phishing emails.

FortAware has structured its training to make sure employees make better daily decisions.

Dark Web Monitoring

67% of breaches can be traced or linked to phishing attacks and credential theft.

If your current or ex-employees details including usernames and passwords are available in the Dark Web you are potentially vulnerable to unauthorised access to some of your critical systems.

Being alerted as soon as details are discovered allows you to ensure they either change their passwords urgently or are removed from your systems completely, thus providing another layer of security.

What are you looking to achieve?

Anti-Virus

Over a quarter of organisations which fall victim to ransomware attacks opt to pay the ransom as they feel as if they have no other option than to give into the demands of cyber criminals – and the average ransom amount is now over $1 million.

The top three challenges named by enterprise IT security teams were an increased volume of threats and security incidents, insufficient remote access / virtual private network (VPN) capacity, and increased risks due to unmanaged devices.

With such a shortage of qualified Cyber specialists it is essential for organisations to have a clear plan in the event of a ransomware attack.

FortNet work closely with our customers to ensure they have the most appropriate end point protection whether it be straightforward anti-virus or more comprehensive endpoint protection with sophisticated tools and services.

Data Loss Protection (DLP)

DLP can protect against all kinds of adversaries, malicious or not. 61% of companies have suffered an insider attack in the past year. 22% have had six incidents.

Since 2007 there have been thousands of data breaches and many more security incidents.

Billions of records have been lost in giant data breaches such as: the database misconfiguration that leaked nearly 200 million US voter records in 2015, the Equifax data breach that kept getting bigger, BA having 5000 credit cards skimmed and the Yahoo breach that affected 3 billion users.

These are only a few of the many headliners that emphasise the need to protect your organisation’s data.

FortNet UK advises our customers with respect to the most suitable products and services for their organisation and strategic priorities

Insider Threat

An insider threat is the risk posed by employees or contractors regarding the theft of sensitive data, misuse of their access privileges, or fraudulent activity that puts the organisation’s reputation and brand at risk. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn can amplify the impact to the organisation resulting in monetary and reputational loss.

80% of employees tend to take data with them, 2 weeks to 2 months prior to their termination date.

The main insider threats to UK organisations include: the theft of confidential company data from employees planning to or moving on.

Employees failing to follow corporate guidelines can be assisted with Staff Awareness Training

Remote Access

Do you need a VPN, biometrics, two factor authentication, or employee education?

Remote access is here to stay. Whether you are working from home, a hotel, or WIFI hotspot you will need to secure access to your data.

FortNet UK Ltd specialise in providing our customers with guidance to ensure you have the appropriate security in place to secure your staff and data wherever they might be.

Email Security

After anti-virus your staff are the next line of defence. By implementing Staff Awareness Training you can reduce the threat of malicious emails. Adding EDR (Endpoint Detection and Response) will help to detect day zero attacks and spot when a member of staff has opened a malicious email. This should all be supported by 24/7 monitoring which can be covered by an Outsourced SOC, if required. To reduce the threat of email attacks further it becomes necessary to deploy anti-spoofing tools and domain impersonation.

What are you looking to achieve?

Secure Back-up

Backing up in the cloud is the new normal. Cloud back up scales with your business leaving the responsibility of the infrastructure to companies who provide exceptional reliability. It is essential to have a backup strategy that includes your M365 environments encompassing each endpoint, OneDrive, SharePoint and Teams. Regular scanning for ransomware avoids backing up already infected files.

A secure backup strategy will protect your organisation against hardware failure, employee negligence, power outage and natural disasters.

FortNet can provide highly cost effective backup with unlimited restores, security, automation and granular search and recovery.

GRC - Governance, Regulation & Compliance

GRC tools are emerging. These tools provide essential reporting information to the board. Accelerate audit delivery and reduce man-hours. The need for regulatory compliance and audit trails in the event of a breach have never been more necessary.

FortNet works with their customers to provide software tools to streamline GRC and expertise to ensure the appropriate GRC rules are in place for your industry sector.

Data Loss Protection (DLP)

DLP can protect against all kinds of adversaries, malicious or not. 61% of companies have suffered an insider attack in the past year. 22% have had six incidents.

Since 2007 there have been thousands of data breaches and many more security incidents.

Billions of records have been lost in giant data breaches such as: the database misconfiguration that leaked nearly 200 million US voter records in 2015, the Equifax data breach that kept getting bigger, BA having 5000 credit cards skimmed and the Yahoo breach that affected 3 billion users.

These are only a few of the many headliners that emphasise the need to protect your organisation’s data.

FortNet UK advises our customers with respect to the most suitable products and services for their organisation and strategic priorities.

Insider Threat

An insider threat is the risk posed by employees or contractors regarding the theft of sensitive data, misuse of their access privileges, or fraudulent activity that puts the organisation’s reputation and brand at risk. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn can amplify the impact to the organisation resulting in monetary and reputational loss.

80% of employees tend to take data with them, 2 weeks to 2 months prior to their termination date.

The main insider threats to UK organisations include: the theft of confidential company data from employees planning to or moving on.

Employees failing to follow corporate guidelines can be assisted with Staff Awareness Training

What are you looking to achieve?

eCommerce

BA’s breach and subsequent fine of £180M brought Magecart’s clever card skimming capability to the fore. Just a few lines of Javascript led to 5,000 current credit cards being stolen. Thousands of websites have been infected by similar attacks.

Magecart has evolved to focus on personal information theft too. FortNet can help you determine if you have been infected and show you cost effective ways to prevent the malicious code from working.

Cloud Security

99% of all misconfigurations in the cloud go unreported. ‘Your data is safe in the Cloud’ is a common misconception whether even if in AWS or Microsoft.

FortNet can help you with visibility, misconfigured servers, human error and the compliance issues that can also cause. We can help you add a layer of security to your cloud infrastructure.

Cloud Management

FortNet can help you add a layer of security to your cloud management adding visibility, assist with Identity & Access Management (IAM) and finding misconfigured servers caused by human error. Non-compliance to GDPR can lead to regulatory fines. FortNet can scan for GDPR compliance - see IT & Risk Healthcheck

Outsourced SoC

As the number of attempts to attack your organisation grow, an overwhelming number of alerts and events can swamp your IT team. Outsourced security operation centre (SOC) will typically provide 30% cost saving versus doing it internally. Outsourced SOC’s will investigate 100% of alerts, take away the headache of staff retention, keep up to date with the latest emerging threats and Intel and ensure the best tools have been invested in.

What are you looking to achieve?

Patching

NCSC states “Patching remains the single most important thing you can do to secure your technology. This is why applying patches is often described as doing the basics.”Starting with a comprehensive but affordable IT and Risk Assessment, FortNet can provide you with visibility of your entire infrastructure, and direct you to everything that needs to be patched including devices potentially not within your current patch process.

Technology Refresh (EOL)

End-of-life technology compromises your security. The vendors are no longer providing bug fixes, patches or support.

Starting with an IT Risk Assessment, FortNet can help you to uncover EOL technology and either provide ways to secure them or to refresh with up to date replacement.

What are you looking to achieve?

Attack Surface Management

One of the first thing potential attackers will do when targeting your organisation is to see how much of your infrastructure is directly available from the Internet. On average we find between 20% and 40% more assets facing the Internet than our customers expect. You can’t manage what you don’t know. FortNet provide tools to provide in depth information regarding your infrastructure’s visibility and the underlying vulnerabilities.

Phish Threats

Phishing is the most widely used cyberattack vector. Between 10-15% of spam and malicious email make it past your firewall and filters. There are tools available to help you identify and respond to email threats faster. FortNet can help you to understand what is suitable for your organisation.

Domain Impersonation / Squatting

Domain impersonation is when your own domain has been registered by another person with a small often imperceptible change e.g. a slightly different spelling. This means that your customers, staff and supply chain may inadvertently be engaging with criminals rather than you.

FortNet can help you to understand the risk to your organisation and select appropriate tools to locate the impersonators and remove them from the Internet.

Mobile Threats

2020 saw a huge growth in homeworking with an increased use of portable and personal devices, creating another layer for security teams to protect and manage. This in turn has increased the likelihood of successful Phish attacks and the opportunity for disgruntled employees to steal company data.

To mitigate against these threats, implement a comprehensive IT and Risk Assessment, providing you with a detailed picture to devise a mobile device security plan. FortNet can discuss various solutions with you to help prevent Data Loss Prevention and build Staff Awareness reducing the likelihood of these threats being successful. We can help you with the planning and policy side of things too.

Social Monitoring

The Internet can hold a lot of data about you and your staff. This can introduce a layer of intelligence that malicious individuals can use to target you personally and/or your company. FortNet can help you monitor the social platforms and other elements of the internet where necessary and take actions to get unwanted detail removed.

A simple starting point is to look in the dark web (DW), the illegal part of the Internet, to see if personal and or company emails have been compromised. Fortnet’s FortPatrol - Dark Web Monitoring service will provide a low cost and 24/7 coverage to alert you when emails are discovered in the DW.

VIP Personnel Protection

High profile individuals can be targets for a wide range of criminal activity including kidnap, stalking, robbery, and impersonation. According to the FBI statistics, CEO fraud is now a $12 billion scam. We provide services to assess individuals cyber footprint including physical threats on social media, impersonation attempts and track what data potential attackers could find.

What are you looking to achieve?

Security Health Check

IT professionals need to have visibility of their entire network and an understanding of it’s health before reviewing strategy, complete an audit or particular cyber project.

Pen Testing

Pen Testing is a necessary activity to demonstrate that new products and services are secure as well as reassuring the business that the overall security of critical systems cannot be compromised. FortNet can provide Pen Testers to suit your need and budget. Initially we recommend an affordable IT and Risk Assessment which gives you the opportunity to close down as many loose ends as possible - ensuring passwords are refreshed and unique, all devices and servers are using current versions of operating systems, applications and antivirus.

Outsourced SOC

As the number of attempts to attack your organisation grow, an overwhelming number of alerts and events can swamp your IT team. Outsourced security operation centre (SOC) will typically provide 30% cost saving versus doing it internally. Outsourced SOC’s will investigate 100% of alerts, take away the headache of staff retention, keep up to date with the latest emerging threats and Intel and ensure the best tools have been invested in.

FortNet UK advises their customers with regard to external resourcing of Cyber Security including remediation, GRC and out-sourced SOC’s.

We are drowning in information, while starving for wisdom. The world henceforth will be run by synthesizers, people able to put together the right information at the right time, think critically about it, and make important choices wisely

E. O. Wilson

No such thing as a stupid question.

We’ll be happy to discuss your current situation and if we can help then let’s talk about it