Piql & ShieldTech

"More than seven out of ten data attacks target SMEs.

– PWC

60% of all SMEs that have suered a cyber-attack are put out of business or go bankrupt within 6 months.

It is likely that successful data breaches against Small and Medium Enterprises (SMEs) in Norway will increase and it is very likely that organisations connected to socially critical functions will be aected by ransomware.

– The National Cyber Security Alliance (USA)

The Norwegian Police

important data? Would you risk loosing your most

What are your most critical systems and data?

Business-critical systems and data

Have you protected your most valuable data and information? Have you taken steps to minimise the financial, reputational, and operational impact of a data breach?

In today’s digital and interconnected world, data security is of paramount importance to any organisation. Every business should know which data is the most important and critical to their business or organisation. Furthermore, everyone should have an overview of their irreplaceable systems and information assets that need to be recovered quickly in the event of a cyber attack. This is where ShieldTech and Piql make a difference Together, we offer comprehensive services to secure your digital environment, uncovering your most critical data, mitigating risk while ensuring rapid recovery and the highest level of protection. We contribute to operational resilience and ensure business continuity - should you be attacked, being shut down and find yourself in a crisis.

Business-critical data is what keeps your business operational

and what you really need to get back up and running after an IT security incident

- data you cannot do without. Identifying this data, information assets and critical systems is as crucial as protecting them. Does your organisation have a clear strategy and overview of this data, in which systems or processes it resides and how you secure this information? We offer services to help identify and protect your business critical data. We focus on both preventive measures and effective strategies for rapid recovery should the worst happen.

Establish an incident management plan that addresses the need for business continuity in the event of emergency preparedness and crisis. This should include an overview of requirements for restoring ICT functions, ICT services and ICT systems based on an analysis of the consequences for the organisation. – The Norwegian National Security Authority

ShieldTech has extensive experience in investigating cybercrime and knows how cybercriminals operate and the methods they use. Digital security - what we do:

Make sure to have backups that are truly o ine and tested for recovery.

– The Norwegian Business Security Council

| 1

| 2

Risk and vulnerability analysis: Gain a comprehensive understanding of your organisation’s cyber security risks through our in-depth assessments. We identify potential threats, evaluate vulne rabilities in your systems and processes, and assess the potential impact of security breaches. Most importantly, we help you identify your key data and information assets that are essential to the continuity of your business - and rapid recovery after an IT security incident. Building a solid foundation is essential for effective IT security management. We help set up a comprehensive information secu rity framework tailored to your needs. This framework, which complies with the globally recognised ISO 27001 standard, includes an incident management policy, information security policy, backup policy and more. Incident response planning: We understand the importance of a fast and effective response when an IT security incident occurs. Our services include the development of a robust incident response plan, effective recovery plans, clearly defined roles, responsi bilities, and procedures for handling incidents. This ensures that threats are quickly averted, and your most critical data is rapidly recovered after an incident, promoting a culture of security awareness. Development and review of a security framework:

Data protection for guaranteed recovery – what we do:

Security architecture review: Uncover vulnerabilities in your IT infrastruc ture and applications through a thorough examination of your security architecture. Our experts will assess your systems, identify weaknesses, and make recommendations to strengthen your IT security. • Supplier risk management: Minimise potential cybersecurity risks associated with third-party suppliers through our rigorous quality assurance processes. We help you manage and minimise vendor-related risks to protect your sensitive and critical data. • Penetration testing: Simulates real-world attacks to identify vulnerabilities in your network infrastructure and other critical systems, protecting your most vital data.

Piql’s unique technology and secure data storage service ensures that your business-critical data is protected against any kind of digital threats. We have the most secure solution for recovery after a cyber incident. We are there if your cyber defences fail - and you have been attacked and lost access to, or simply lost, your data. You can rely on us to get your most critical systems and data back.

Piql protects and ensures that you “get back on your feet” Data stored on the unique storage medium piqlFilm, is protected against manipulation, alteration and loss caused by both digital criminals and human error within your own organisation. The risk of data loss over time or due to e.g., power failure, unstable tem perature, and humidity, or due to inherent technical weaknesses, failure of magnetic or electronic storage media does not exist with piqlFilm. Your data is stored in a secure vault in a secret location in Norway and the storage medium, piqlFilm, is neither

connected to the internet or any other data network (offline) nor is it connected to the power grid (off-grid). Data stored on piqlFilm cannot be accessed or attacked by hackers due to its analogue, offline nature. Storing your most business-critical data on piqlFilm cannot prevent an attack on your online sys tems and your online data, but it can ensure that you get back up and running after you have been attacked and taken down. A secure recovery copy on piqlFilm is a vital part of a robust recovery plan for your organisation.

| 3

| 4

Ensure you are well prepared and can get back on your feet quickly after a crisis

Thorough testing by third-party laboratories

We are ready to protect your most valuable data, ensure safe storage, and guarantee its availability when you need it most. We help you identify what is critically important to your organisation, design

The technology has been tested over several years by recognised research institutions in Norway: • Norner (for robustness and longevity), • Norwegian Institute for Energy Technology (IFE) for immunity to electromagnetic and radioactive radiation, and • Norwegian Defence Research Establishment (FFI) in context to security challenges related to insider threats, fire, water, chemical compounds, microorganisms, nuclear radiation, electromagnetic radiation, sabotage, espionage, and several types of cyber threats.

A recent test conducted by FFI documents that the technology is also unaffected by any chemical, biological or radiological effects.

strategies for handling unforeseen incidents, advise on data security best practices, and support you in restoring normal operations after a crisis. We are your dedicated partners in creating a robust and secure future for your business.

Cybercrime as a Service

Criminals increasingly see cybercrime as an easy and almost risk-free way to make a lot of money. This type of service can be seen as a more generalised and refined version of “Ransomware as a Service” (RaaS), which has been around for a couple of years. These value chains/supply chains will attract even more criminals to these environments, and more criminals usually means more attacks. Malicious actors will increasingly utilise artificial intelligence (AI) as a tool for their cyber operations. The new intelligent chat bots - or more precisely, the technology underneath - can and will be used to create near-perfect phishing emails, perform social surveys prior to digital attacks (social engineering) and create text for influence operations.

When we look into the crystal ball, we see new criminal services being offered, which we believe will increase in the coming years. One of these is “Cybercrime as a Service” (CaaS), where methods, tools and infra structure are provided by experienced criminal technicians, and the package can be bought by other criminals who have neither ability, infrastructure nor tools. Often the agreement is a percentage of the fraud revenue.

Make sure you have backups that are truly offline and tested for recovery.

| 5

| 6

Make sure to have backups that are truly o ine and tested for recovery."

– NSR

piql.com

Piql AS Grønland 56 3045 Drammen NORWAY +47 905 33 432 office@piql.com