Welcome to the home of Öruggt Net (Secured Network) We are a small cybersecurity consultant company in Iceland. Our focus is advising Icelandic companies and helping them with their cybersecurity challenges. We specialize in preventive measures. We place great emphasis on prevention to reduce the likelihood of safety deviations.
What do we do?
We advise, educate, train employees and managers of companies as well as individuals with everything related to computer security. We sell both software and hardware related to cybersecurity, offer courses, consulting and security manager services on subscription. We can help from start to finish and take care of everything related to computer and network security for companies. Book an appointment for a free consultation today.
We offer three different courses in cybersecurity for different groups. Our basic course is designed for the general public or the average employee of a company. As the name suggests, the basics of cybersecurity are covered. A Vulnerability Management course is for IT professionals who seek knowledge in vulnerability management and other preventative cybersecurity issues. The course for business managers is intended for managers and those who want to better understand cybersecurity without getting lost in details. Check out the courses that are available
Við veitum fyrirtækjum og einstaklingum ráðgjöf í öllu sem snertir net- og gagnaöryggi og aðstoðum við framkvæmd. Við aðstoðum við úttektir, endurgjöf og framkvæmd öryggisáætlana, hönnum ferlana, setjum upp veikleikastjórnun, stýrum þjálfun og margt fleira. Ef þitt fyrirtæki fellur undir NIS2 eða DORA reglugerðir þá getum við hjálpað við það.
Our virtual CISO service works by providing long-term service and being there if needed. We customize the service according to your needs and take over the role of security manage
Our values are reliability, professionalism and safety. We are experts in cybersecurity, computer security, and data security. We simplify cybersecurity issues and provide advice in plain language on all matters relating to digital security. We carry out audits and submit reports on what needs to be fixed. We also offer to implement all our suggestions and help you maintain the security.
We also offer to take over digital security issues at your company on a subscription. We also offer various courses for different groups on most issues related to digital security for companies and individuals.
Staff
Sigurður Gísli Bjarnason
Executive Director and Cybersecurity Specialist
Tel: +354 551 1120
Email: siggi@oruggtnet.is
Kristján Benediktsson
Sales and Marketing Manager
Tel: +354 551 5119
Email: kristjan@oruggtnet.is
Finance and accounting
Tel: +354 551 5132
Email: bokhald@oruggtnet.is
How do we help you with your computer security?
Are you concerned about requirements from NIS, NIS-2 or DORA? Or maybe don’t know what it is? Are you seeking certification from PCI-DSS, ISO, NIST or other certification bodies? We help prepare you for an audit from these parties. Are you reading about hacking in the news and wondering if you might be caught by this? Although it is not possible to guarantee that you will never be broken into, there are certain preventive measures that greatly reduce the risk. We can review the systems and processes and give our assessment of the likelihood that you will be attacked and fend off the attack. Finally, we return to you a report with our recommendations for improvement. If you need help getting these improvements done, we’re here to help.
The founder of Öruggt Net ehf, Sigurður Gísli Bjarnason, has been in the computer industry since shortly after home computers came on the market and therefore has extensive experience to build on. He started using the internet around the year 1985 or a decade before the first browser was available. The first browser was not designed until 1993 when the Mosaic browser was designed in a university in the United States. Mosaic was then the basis for the first browser available on the market when Netscape Navigator was released in December 1994.
Our founder has a bachelor’s degree in Computer Engineering which he completed in 1994 and an MS degree in Computer Security which he completed in 2019. Both of these degrees are from universities in the United States where he resided for 30 years and worked for companies such as Microsoft and T-Mobile US inc. You can read more about his adventures on our about us page. Under the tab Culture is a list of the degrees and exams he has taken.
After completing his master’s degree, he wrote a book on how the public can be safer while browsing the internet. You can find out more about the book on our book page .
Below you can see examples of the services we provide. Despite this list, we always tailor each individual’s service and it is just as likely that your service needs are a combination of all of these.
Please contact us with any questions or to book an appointment with us.
Vulnerability Management Design
Vulnerability management is fundamental when it comes to a secure computing environment. This is multifaceted and includes, among other things, asset management. We help you set up a strong vulnerability management tailored to your company, recommend the best tools for the job and help with their installation in the future.
Strong vulnerability management mostly consists of good work processes with tools and equipment in a support role. Once we have good work processes, we work together to find what your company requires of these tools, and by doing so, we ensure that the right one is chosen.
Set up the right processes
Some people believe the salesperson when he tells them that if they buy their tool, they will be 100% safe. Then the next salesman comes along and makes them believe that their device is much better. Then they end up with a lot of tools and tools that they don’t know anything about and a very false sense of security.
The truth is that it is not possible to guarantee 100% safety, and certainly not by buying any tools and equipment. It’s never good to start with a solution and then go on to find a problem that that solution can solve.
We recommend reviewing all work processes to make sure they contribute to good computer security and then to see which tools and tools can help and support your processes. With this way, you start by finding the problem and then solutions to the problem.
Internal audits
If you are working on any kind of certifications or just maintaining the certifications you have, then an external and independent party needs to audit your company before you can go through the certification audit. It is also a requirement of most certification bodies that this is done annually. This is one of the services we offer.
User Awareness Training
One of the key elements of good computer security is to make sure that all your employees are aware and informed about computer security issues. This is one of the basics of any good computer security process. It is not possible to get any certification without this being in order.
The majority of computer hacks occur due to poor computer security awareness. Therefore, this is very important even if you are not pursuing any certification. There are two basic methods to ensure this:
You can purchase a subscription to e-learning platforms.
Or you can get an expert to come to your office and provide training for your employees.
There are pros and cons to both as so often.
E-learning is easy to use and easy for staff to find time to watch the videos, and you can check the box that you have met these requirements. These are often short videos and hence easy to find time for very busy people. The problem is to ensure that employees are able to absorb what they are watching in the videos. You also have little or no control over what your people are learning.
On the other hand, lessons like what we offer are more customized and engaging. It is easier to make sure that everyone is on board with the content and it is possible to establish a conversation that often results in a lot. The problem is that finding the time to get everyone into the classroom can be a big challenge.
We usually recommend having on-site tutoring, but we know it doesn’t work for everyone, so we can help you find the right teaching material online.
NIS2 or DORA updates
If your company falls under NIS2 or DORA regulations, we can help with that. There are many more companies and institutions that are covered by NIS2 than NIS, and possibly your company is one of them. If you need help understanding the requirements set by the regulations, organizing and implementing the activities so that you meet the requirements of the regulations, please contact us and we will get into the matter. We tailor our assistance to what you need help with.
Our Safety Manager service works by providing long-term service and being available if needed. We tailor the service to your needs and take over the role of safety manager in contractor work. Typically, the service is a combination of the following components:
Be available for advice on daily questions that arise
Keep your processes alive and aligned with your business. Updates the processes when the business or business needs change
Help prioritize security items as needed
Takes care of necessary preventive measures in the company’s cyber security matters
The cost of these services depends on the scope of the project such as the number of employees in the company, the nature of the company’s operations, and more. We offer a free consultation on the best way to go for each company. Click on the button below to book an appointment for a free consultation.
Our main focus is consulting in the field of cyber security and security manager services on subscription. We also offer various courses. Click on the images below to learn more about each service option.
A special welcome to members of Aukakrónur Landsbankann, who get special discounts on all their purchases.
ABOUT ÖRUGGT NET EHF
Our values are trustworthiness, professionalism, and security. We are experts in cybersecurity, computer security and data security. We simplify cybersecurity and provide “No-BS” advice on everything that is relevant to digital security. We audit and report on what needs to be improved. We also offer to implement all our proposals and help you maintain security. We also offer to take over digital security issues at your company in subscription. Then we offer various courses for different groups on most issues related to digital security for companies and individuals.
Welcome to the home of Öruggt Net (Secured Network). We are a small cybersecurity consultant company in Iceland. Our focus is advising Icelandic companies and helping them with their cybersecurity challenges. We specialize in preventive measures. As the saying goes, it’s best to close the barn door before the horses get out. For example, we can evaluate your current security posture, establish a cybersecurity lifecycle, review your cybersecurity tools, and formulate an action plan to harden your environment. We can even help you execute that plan if needed. Vulnerability Management and continuous threat exposure management (CTEM) are some of the best ways to accomplish this. We have a lot of experience with Vulnerability Management Programs and would love to help you establish yours. With a great Vulnerability Management Program in place, you gain confidence in your security posture and enjoy increased security resiliency.
The main foundation of a good cybersecurity lifecycle is having all the right tools, policies, and procedures in place. We can audit how strong your security foundation is and make recommendations on how to improve it. Certainly, if you need help with implementation, we can handle that as well.
Book a free meeting with us to go over our services and how we can help you increase your security.
Are you looking to obtain any certifications? For example, PCI-DSS, ISO 27001:2022, NIST? Or are you worried about compliance with NIS, NIS-2, or DORA requirements from the European Union or Icelandic Law? Let us work with you to ensure your full compliance. Then, we can help you obtain your desired certifications as well as shore up your cybersecurity foundation.
Worried about becoming the latest cybersecurity breach news item? We can review your threat matrix and exposure and help you formulate a plan to shore up your defenses. If desired, we’ll even help you implement said plan.
Just need help deciding which tool is best for your environment or advice on selecting the best vendor for your needs? We have a lot of experience in this area and would be happy to help.
If you don’t already have a strong vulnerability management program or a continuous threat exposure management program, we strongly recommend starting with that.
Company Introduction Video
Cybersecurity Background
Our founder has been in the computer business since the dawn of personal computers, so he has a lot of experience from which you can benefit. He started going online as a teenager in the 1980s. However, there were no web browsers available until 1993, when Mosaic was developed as a college project. Mosaic became the first commercially available browser, Netscape Navigator, in December 1994.
Our founder completed a BS in Computer Engineering in 1994 and an MS in Cybersecurity and information assurance in 2019. You can read more about the adventures of our founder on our About Us page, and our founder’s qualifications can be found on the Qualifications and Credentials page.
After completing his master’s degree, he wrote a book on how the public can stay safe online; you can find out more about that on the Book page.
You can see examples of the services we provide below. Despite this listing, we always tailor each service individually and it is just as likely that your service needs are a combination of all of these. Please contact us for any questions or to book an appointment with us.
Designing a Vulnerability Management Program
A vulnerability management program is one of the cornerstones of a great cybersecurity program. Therefore, one of our services is to help you design a program custom-made for your business, mold tool requirements that help you with that program, and get those tools set up and maximize their usage. Similar to our philosophy above, a good vulnerability Management Program consists mostly of policies and procedures, with tools playing a support role only. Once your policies and procedures have been nailed down, we will work with you to compile tool selection requirements. Once the requirements are clear, we will help you work with vendors to select the right tool for your environment.
Establishing proper policies and procedures
Some think that all they have to do to be secure is to buy the right tool because a sales guy told them that it would make them safe, then buy another tool because that sales guy said it was better. Then they stand there with many tools and no idea how to use any of them. We believe buying a tool and looking for a problem to solve with it is very unproductive. Our advice is to start by creating sound policies and procedures and, from that, create requirements for tools to help you with your new policies and procedures. This way, you start by identifying a problem or a need and then find a tool to fulfill the need. With this approach, you won’t have all sorts of tools you don’t use. Therefore, this is the approach we always use. This service offering is similar to the one above, just a little more comprehensive.
Internal audits Services
If you are working towards a certification or simply maintaining one, you need to have an independent party review your setup and confirm that you are ready for the final review. Without that, you have very little chance of passing your certification audit. This is one of the core services we provide
End User Awareness Training
One thing you absolutely need to pay attention to is training your staff to be security conscious. This is one of the cornerstones of any decent security program, which is why many security frameworks and compliance requirements require this. There are two approaches to this:
You can purchase a subscription to a video training service, which will check all the required boxes.
Or you can bring an expert in for true in-person training.
There are pros and cons to each. The video training service makes getting everyone to complete and show compliance easier. It is often bite-sized and easier to fit into busy schedules. The problem is that there is a much greater chance that folks won’t get the material or, worse, will sleep through it.
On the other hand, in-person training, like the one we offer, is more engaging and more comprehensive and ensures everyone is learning the material. The problem is that scheduling can be challenging.
While we typically recommend in-person training for that personal touch, we realize it isn’t practical for everyone. Therefore, we can also put you in touch with some great video training solutions.
NIS2 or DORA Implementation or planning services
We can work with you to ensure you meet NIS2 or DORA government regulations. With the expansion in scope in NIS2, there is a long list of companies that are required to be compliant that weren’t before. Does your company fall under the expanded scope? You may not have the expertise in-house to understand, plan, and implement programs to become NIS2 or DORA compliant, so let us help you. We can provide as much or as little help here as you desire.
Our virtual CISO service works by providing long-term service and being there if needed. We customize the service according to your needs and take over the role of security manager. Usually the service is a combination of the following elements:
Be available for advice regarding daily questions that may arise
Keep your processes alive and in sync with the company. Updates the processes when the company or the company’s needs change
Help with prioritizing cybersecurity safety issues as needed
Do the necessary preventive measures in the company’s cybersecurity
The cost of this service depends on the scope of the project, such as the number of employees in the company, the nature of the business and more. We offer free consultation on the best way to go for each company. Click on the button below to book an appointment for a free consultation.
