Fortalice was founded to be the security company that was lacking when we were in senior levels of government and industry. Fortalice is defined as a small fort, fortified house, or outwork of fortification. Informally around Fortalice, we have two inside jokes – first, it’s “Fort-a-liss"… not “Fort-alice” or “Fort-a-leeeese"; second - the verb form of Fortalice is “Fortified”. When we talk about “Fortified Security,” we talk about the significant gaps in the industry – you will seldom find an end-to-end, personal solution designed with the human in mind; rather you will find various products and services fulfilling numerous niches. Fortalice brings together the brightest minds and approaches for cybersecurity as a one-stop-shop for busy executives and practitioners who want to spend less time with trial and error and more time working with a true partner, the right people, and pragmatic solutions.
How do we deliver fortified security? Through the following four pillars:
Our multi-disciplined team provides personalized assessments, exercises and action plans for cybersecurity maturity.
Our incident response and open source intelligence teams manage incidents from detection to remediation. Our strategic communications team assists with managing internal and external responses to stakeholders.
In everything we do, we aim to leave the client better and more educated than we found them. Our teams excel at providing training, mentoring and coaching in areas such as offensive cybersecurity operations, incident response and open source intelligence, and security engineering.
We aim for long-term relationships with our clients. Once a client, always a client.
Let’s talk if you’re looking for a true partner in the cybersecurity space.
During the course of our investigative work, Fortalice has observed an increasing and alarming trend: personal email compromise is leading to business email compromise. Threat actors will leverage weaknesses regarding executives’ or board members’ personal cybersecurity hygiene to gain access to their business accounts. Extortion also remains a top cybersecurity threat, with organized criminals overseas routinely targeting corporations and the people who support them.
Silicon Valley Bank (SVB) was shuttered early this month and had its deposits seized in the largest U.S. bank failure since the 2008 financial crisis. Although it may seem like SVB’s collapse will only impact its direct customers and depositors, it is far more complicated. Like vultures to roadkill, cyber scammers often wait to exploit and target victims after tragedy strikes, or bad news arises. A perfect storm of stress, uncertainty, and urgency for customers and vendors alike during this time can impair someone’s judgement when they click links and open emails they otherwise would ignore or delete. Fortalice has outlined a few different ways cybercriminals social engineer their victims during times of extreme distress and insecurity.