Very large private university in the US

The client was looking to assess compliance to Industry Standard: PCI-DSS and regulations: NYS DFS 23 NYCRR 500 & GLBA to support its annual compliance attestations.

The main focus of the assessment was to examine specific areas of risk that pose the greatest threat, resulting in the creation of a compliance work plan, which spells out the strategy for compliance for the following year.


  • Prioritized remediation plans based on risk exposure
  • Enhanced data protection
  • Improved regulatory compliance

Fortify with Modern Security

Talk to Experts

Case Studies

Cybersecurity Program & Remediation Strategy

The goal here was to help the client identify and mitigate potential cybersecurity risks in order to protect its information systems and assets


Control Assessment & AFIS and IRIS-based forensic product review

The engagement involved evaluating the client's security controls and policies, as well as assessing the effectiveness of digital forensic products based on Automated Fingerprint Identification System (AFIS) and Iris Recognition Integrated System (IRIS) technologies.


Forensic analysis of GDPR breach & Annual audit of control readiness

The engagement involved investigating and analyzing a security incident to determine the cause and extent of a potential data breach while the annual audit of control readiness involved reviewing the client's security controls and policies to assess their effectiveness in addressing potential security risks and compliance with relevant regulations.


Cybersecurity Technology Evaluation & Design

The engagement involved evaluating different vendors of intrusion detection and prevention systems and selecting the best solution to meet the client's specific security requirements.


Cyber Risk Map

The goal here was to develop a visual representation of the client's cyber risk exposure.


Cybersecurity Policies & Procedures Review

The goal here was to help the client identify gaps and areas for improvement across their existing cybersecurity policies and procedures.