Introducing atsec information security. Helmut Kurth, Sal la Pietra and Staffan Persson



Similar documents
Cryptographic and Security Testing Laboratory. Deputy Laboratory Director, CST Laboratory Manager

Information Security Management Systems. Chief Operating Officer, Director of Strategy and Business Development, Chief Information Security Officer

Are You Prepared to Successfully Pass a PCI-DSS and/or a FISMA Certification Assessment? Fiona Pattinson, SHARE: Seattle 2010

PCI Compliance for Large Computer Systems

GSA FIPS 201 Evaluation Program

kamai Technologies Inc. Commonly Accepted Security Practices and Recommendations (CASPR)

FSSC Q. Certification module for food quality in compliance with ISO 9001:2008. Quality module REQUIREMENTS

How To Get The Nist Report And Other Products For Free

CASPR Commonly Accepted Security Practices and Recommendations

1 ISA Security Compliance Institute

Certification Report

ISA Security Compliance Institute

International Laboratory Accreditation Cooperation. Laboratory Accreditation or ISO 9001 Certification? global trust. Testing Calibration Inspection

ISA Security Compliance Institute ISASecure IACS Certification Programs

INDEPENDENT TESTING LABORATORY

NIST Cyber Security Activities

THE GLOBAL LEADER FOR LIMS and ELN SOLUTIONS

FIME SECURITY OFFER. PCI PTS POI security evaluation process

Common Criteria Evaluations for the Biometrics Industry

Certification Report

How do I gain confidence in an Inspection Body? Do they need ISO 9001 certification or ISO/IEC accreditation?

EAC Decision on Request for Interpretation (Operating System Configuration)

INFORMATION TECHNOLOGY SECURITY: PORTFOLIO OVERVIEW

SUSE Linux Enterprise 12 Security Certifications

ISA Security Compliance Institute

Transaction Security. Training Academy

An Operational Architecture for Federated Identity Management

IAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:2013 from ISO/TS 22003:2007

FDA Software Validation-Answers to the Top Five Software Validation Questions

To ensure independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors.

Amazon Web Services: Risk and Compliance January 2011

FISMA Implementation Project

ISO/IEC Information & ICT Security and Governance Standards in practice. Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT

IT Security Evaluation in China

Certification Report

PRIME IDENTITY MANAGEMENT CORE

The Next Generation of Security Leaders

Securing Your Sensitive Data with EKM & TDE. on SQL Server 2008/2012

Merchant Application Processing & Management System

An introduction to BSI

Protecting Your Customers' Card Data. Presented By: Oliver Pinson-Roxburgh

Comparison of Vendors for Electronic Health Record Systems A Pre RFP Questionnaire

future data and infrastructure

Security Testing. Claire L. Lohr, CSQE, CSDP, CTAL F. Scot Anderson, CISSP April 7, 2009 V 1.

Global Outsourcing Services IT-BPO SERVICES OVERALL CAPABILITY

The Government-wide Implementation of Biometrics for HSPD-12

IAF Informative Document. Transition Planning Guidance for ISO 9001:2015. Issue 1 (IAF ID 9:2015)

Subject: Public Key Infrastructure: Examples of Risks and Internal Control Objectives Associated with Certification Authorities

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Certification Report

Procedure for Assessment of System and Software

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

AN OVERVIEW OF INFORMATION SECURITY STANDARDS

GSA PRODUCT CERTIFICATION PROGRAM POLICY GUIDE RELEASE 5

Certicom Security for Government Suppliers developing client-side products to meet the US Government FIPS security requirement

Security Language for IT Acquisition Efforts CIO-IT Security-09-48

BMC s Security Strategy for ITSM in the SaaS Environment

IAF Informative Document. IAF Informative Document for the Transition of Management System Accreditation to ISO/IEC 17021:2011 from ISO/IEC 17021:2006

Certification Report

CyberSecurity Solutions. Delivering

IAF Informative Document for the Transition of Food Safety Management System Accreditation to ISO/TS 22003:201X from ISO/TS 22003:2007

FedRAMP Master Acronym List. Version 1.0

Security Controls Assessment for Federal Information Systems

How To: Choosing the Right Catalog for Software License Management

A Flexible and Comprehensive Approach to a Cloud Compliance Program

KLC Consulting, Inc. All Rights Reserved. 1 THIRD PARTY (VENDOR) SECURITY RISK MANAGEMENT

WYLE REPORT NO. T Appendix A.4. Security TEST CASE PROCEDURE SPECIFICATION (T )

THE STATE OF HEALTHCARE COMPLIANCE: Keeping up with HIPAA, Advancements in EHR & Additional Regulations

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

How To Evaluate Watchguard And Fireware V11.5.1

(Draft) Transition Planning Guidance for ISO 9001:2015

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Network Test Labs (NTL) Software Testing Services for igaming

FedRAMP Standard Contract Language

October 2014 Issue No: 2.0. Good Practice Guide No. 44 Authentication and Credentials for use with HMG Online Services

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

CSSC-CL Announces ISASecure Certification of Hitachi and Yokogawa Industrial Control Devices. ~For More Globally Competitive Control System Devices ~

Certification Report

Using ISO 9001 or ISO to Gain a Competitive Advantage

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

Automating Software License Management

The Value of Information Security Certifications

National Information Assurance Program (NIAP) Evolution

Info 15:2 TRAINING 2015/2016. Info 13:19

The Importance of Security Standards

Certification Report

Software Verification and Validation

Transcription:

Introducing atsec information security Helmut Kurth, Sal la Pietra and Staffan Persson

Who are we? atsec information security is a government accredited lab for testing information assurance (IA) and IA-enabled commercial off the shelf (COTS) information technology. Whether you need information security consulting, compliance, testing or evaluation services, atsec can help. 2

Foundations The company was founded in January 2000 by three internationally-recognized IT security professionals: Helmut Kurth, Sal La Pietra, and Staffan Persson Sharing a passion for IT security and confident that a company focused solely on providing information security services would be successful, they financed the new business themselves. Since then atsec has grown steadily and organically. We are lucky to be financially independent. We have no venture capital, no credit debt or loans. Thanks to our customers, we truly are independent! 3

atsec s business principles We know the business atsec knows the worldwide information security consulting business very well. With a multinational staff, it is only natural that we feel comfortable operating internationally. We are a company with global reach. We act with integrity Information security consulting and evaluation is a high-integrity business, and very much a matter of trust. All atsec employees are committed to sustaining the highest degree of integrity in our client relationships. We are devoted to delivering the highest quality in a timely manner. 4

atsec s business principles We stay focused atsec consultants are information security consultants. As such atsec focuses solely on information security consulting. We do not consult in any other areas, and we do not sell hardware, software, or any other ware. We are independent We are not affiliated with any hardware or software vendor, and we never will be. Our credibility as consultants hinges on that independence. Our customers can rely on us to be objective. We have no interest in selling anything other than our security expertise. 5

Our services We provide service in all IT security areas Evaluation, Testing and Assessment Compliance and Audit Consulting and Training Consulting services 6

Evaluation, testing and assessment atsec s world-renowned testing laboratories offer formal testing in several international certification schemes. Common Criteria in Germany, U.S. and Sweden Cryptographic module testing to FIPS 140-2 Cryptographic algorithm testing Security Content Automation Protocol (SCAP) Personal Identity Verification Program (NPIVP) Testing GSA Personal Identity Verification Testing (FIPS 201) Payment Card Industry: Qualified Security Assessor Payment Card Industry: Approved Scanning Vendor Payment Card Industry: Payment Application QSA 7

Compliance and audit atsec s consultants work with organizations to implement and integrate a variety of requirements for compliance into one efficient and effective management system. ISO/IEC 27001 FISMA NASPO HIPAA & HITECH SOX & EuroSOX Digital Signature Compliance 8

Consulting and training atsec consultants have longstanding expertise in IT security consulting. We offer services in many technologies. Hardware Testing Biometrics Embedded Systems Voting System Testing and Analysis Penetration Testing Source Code Analysis Web Application testing Training 9

Versatility Our basket of security experts allows us to offer true expert consultancy and not just production line service. We offer customized services and combine them in ways that help customers gain the assurance that they need. For example National accreditation scheme development Cryptographic export control regulations Integrated management systems We sometimes open new offices and develop new services because that is what our customers need. 10

Why are we different? We are industry leaders with many renowned experts of IT security in our basket. We take time to understand your problems and use that knowledge to innovate and design solutions that give satisfaction. Quality: We are ISO 9001 and ISO/IEC 27001 certified ourselves. We understand that being on time can make all the difference. We are independent of external influences, from finance to partnerships with product vendors. 11

Find out much more at www.atsec.com atsec s thought leadership at http://atsec-information-security.blogspot.com/ We re also on Facebook! 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information