Application information security specialists
Watson Hall, London and Edinburgh, United Kingdom
Watson Hall web internet application information security
Watson Hall helps United Kingdom organisations with their information security requirements.
Watson Hall works with your business and information
systems staff, designers, developers, partners and suppliers, including professional advisors such as
accountants, auditors, insurers and solicitors. Watson Hall guides, assists and contributes
security experience and knowledge to reduce security risk.
Application risk management
Application identification, risk assessment and development & acquisition maturity assessments. Objectives, controls and metrics definition. Implementation of application defensive strategies. ISO/IEC 27034. Process evolution and continuous improvement.
Web site, web application and mobile app security assessments and audit
Pre and post deployment risk assessments, reviews and security audits for live websites, web applications and mobile apps to identify security practices, controls and the adequacy of these. Secure software development lifecycle. Incident investigation may be required if a website has been hacked. Web site due diligence reviews are required during the procurement of third-party web-enabled services or corporate mergers and acquisitions.
Web security design and review
Training, coaching and consultancy for the initiation, requirements, specification, design, development and testing stages of web site and web application projects to build in practical and appropriate security that is accessible, usable and supports business objectives.
Information security & privacy policies, standards and procedures
Investigation, analysis, recommendation, data classification, documentation, implementation for organisations requiring formal information security & privacy policies and related standards, procedures and guidance notes. Particularly suitable for organisations without resources to develop or maintain their own policies or document their existing practices, and where boilerplate versions are inappropriate or unsuitable.