Case study > Public > Edge One Solutions for Polski Fundusz Rozwoju
About the client
The Polish Development Fund is a group of financial institutions supporting Poland's economic development through investments, support programs and initiatives for enterprises, local governments and innovators.
The team was tasked with adapting the infrastructure, applications, and organizational processes to growing regulatory requirements, including implementing advanced cyber risk management mechanisms and effective security incident reporting.
Key areas of work included:
- adapting existing web applications and infrastructure to current security requirements,
- reducing technical debt and increasing the maturity of cybersecurity processes,
- developing and implementing standards, procedures, and policies compliant with NIS2, ISO 27001/27002, KSC, and KRI regulations,
- verifying the security of existing projects and ensuring compliance in the area of Governance, Risk & Compliance (GRC).
The Edge1S team prepared the Polish Development Fund for the implementation of the NIS2 Directive by conducting gap analyses, consulting, and developing a process and infrastructure adaptation plan.
Application and system security was enhanced through OWASP- and SANS-compliant reviews, and security policies, incident handling procedures, and business continuity plans (BCP/DRP) were implemented.
Additionally, a full SSDLC cycle was implemented, including data encryption, session protection, API security, and standardized code review and hardening processes. Documentation was structured in accordance with NIS2, ISO 27001/27002, and ISO 22301 requirements.
