SRA International, Inc. SRX 0.00% , a leading provider of technology and strategic consulting services and solutions to government organizations, today announced it is one of the awardees on the Department of Veterans Affairs' (VA) Transformation Twenty-One Total Technology (T4) program. The indefinite delivery, indefinite quantity (IDIQ), multiple-award task order contract has a five-year base period, with a ceiling of $12 billion.
"SRA understands VA's mission," said SRA Senior Vice President Steve Tolbert. "We stand ready to deliver the support the VA needs, supporting their goals to drive efficiencies through the use of innovative technology while lowering costs and reducing risk. We're proud to support the VA in helping all veterans win, enabling them to provide quality services while lessening overall IT investment."
The intent of the T4 program is to provide a wide array of IT services, including program management and strategy planning, systems and software engineering, enterprise networks, cyber security, operation and maintenance, and IT facilities. Under the contract, SRA will provide a total IT solution, encompassing software, products and IT-related services, supporting the VA and helping them to address their mission requirements.
"We share VA's mission to improve the way we take care of our nation's veterans -- enhancing their health, improving their access to benefits and streamlining their access to care -- and T4 will deliver IT services that strengthen VA's support to the veteran," said SRA Health Programs Vice President Paul Nedzbala. "This program continues SRA's mission in healthcare IT, and aligns with our mission of enhancing human health around the world."
About SRA International, Inc.
SRA and its subsidiaries are dedicated to solving complex problems of global significance for government organizations serving the national security, civil government, intelligence, health and space markets. Founded in 1978, the company and its subsidiaries have expertise in such areas as cyber security; disaster response planning; enterprise resource planning; energy systems and sustainability; environmental strategies; IT systems, infrastructure and managed services; learning technologies; logistics; public health preparedness; public safety; strategic management consulting; and systems engineering.
SRA and its subsidiaries employ approximately 7,000 employees serving clients from its headquarters in Fairfax, Va., and offices around the world. For additional information on SRA, please visit www.sra.com.
Showing posts with label Information Security Consulting. Show all posts
Showing posts with label Information Security Consulting. Show all posts
Tuesday, July 12, 2011
Tuesday, November 16, 2010
Accuvant Named Top Company in Colorado
Accuvant, a leading provider of information security, risk and compliance management consulting services, has received ColoradoBiz Magazine's Top Company distinction in the Technology/Media category.
Top Company is Colorado's most competitive business awards program, judged on the basis of sustained financial performance, operational excellence and community involvement. International consulting and accounting firm Deloitte selected finalists after rigorous evaluations, and then a panel of professionals and leading policy officials convened to determine the winners in each of 10 categories.
"We are honored to receive this prestigious award, which is a tribute to the efforts of the entire Accuvant team," said Ed Wittman, vice president of operations for Accuvant. "Accuvant's culture has kept us at the forefront of the industry, and allowed us to outperform the market during a difficult time. Our ability to efficiently respond to information security trends and diverse client needs has enabled us to expand from a boutique security consultancy to one of the nation's largest and most respected security and compliance providers in a short period of time."
Accuvant experienced an impressive growth rate of nearly 740 percent from 2005 to 2009, and was recently named one of America's fastest growing private companies by Inc. Magazine for the fourth year in a row. Accuvant currently serves 65 of the Fortune 100, 20 major federal agencies, and thousands of mid-market businesses by providing comprehensive, strategic consulting services that protect data assets across the enterprise while minimizing security risk.
Accuvant helps their client base navigate the increasingly complex security landscape and continually evolves their capabilities to respond to changing market requirements. In 2010 Accuvant introduced several key offerings including information security risk assessments, secure software development, data leak protection, on-demand consulting, product training, managed security, and security enablement services.
About Accuvant
Accuvant is the only research-driven information security partner delivering alignment between IT security and business objectives, clarity to complex security challenges and confidence in enterprise security decisions.
Accuvant delivers these solutions through three practice areas: Risk and Compliance Management, Accuvant LABS and Technology Solutions. Based on our clients' unique requirements, Accuvant assesses, architects and implements the policies, procedures and technologies that most efficiently and effectively protect valuable data assets.
Since 2002, more than 3,900 organizations, including 65 of the Fortune 100, have trusted Accuvant with their data security challenges. Headquartered in Denver, Accuvant has offices in 37 cities across the United States, Europe, and Asia Pacific. For more information, please visit www.accuvant.com, follow us on Twitter: @Accuvant, or keep in touch via Facebook: http://tiny.cc/facebook553.
Top Company is Colorado's most competitive business awards program, judged on the basis of sustained financial performance, operational excellence and community involvement. International consulting and accounting firm Deloitte selected finalists after rigorous evaluations, and then a panel of professionals and leading policy officials convened to determine the winners in each of 10 categories.
"We are honored to receive this prestigious award, which is a tribute to the efforts of the entire Accuvant team," said Ed Wittman, vice president of operations for Accuvant. "Accuvant's culture has kept us at the forefront of the industry, and allowed us to outperform the market during a difficult time. Our ability to efficiently respond to information security trends and diverse client needs has enabled us to expand from a boutique security consultancy to one of the nation's largest and most respected security and compliance providers in a short period of time."
Accuvant experienced an impressive growth rate of nearly 740 percent from 2005 to 2009, and was recently named one of America's fastest growing private companies by Inc. Magazine for the fourth year in a row. Accuvant currently serves 65 of the Fortune 100, 20 major federal agencies, and thousands of mid-market businesses by providing comprehensive, strategic consulting services that protect data assets across the enterprise while minimizing security risk.
Accuvant helps their client base navigate the increasingly complex security landscape and continually evolves their capabilities to respond to changing market requirements. In 2010 Accuvant introduced several key offerings including information security risk assessments, secure software development, data leak protection, on-demand consulting, product training, managed security, and security enablement services.
About Accuvant
Accuvant is the only research-driven information security partner delivering alignment between IT security and business objectives, clarity to complex security challenges and confidence in enterprise security decisions.
Accuvant delivers these solutions through three practice areas: Risk and Compliance Management, Accuvant LABS and Technology Solutions. Based on our clients' unique requirements, Accuvant assesses, architects and implements the policies, procedures and technologies that most efficiently and effectively protect valuable data assets.
Since 2002, more than 3,900 organizations, including 65 of the Fortune 100, have trusted Accuvant with their data security challenges. Headquartered in Denver, Accuvant has offices in 37 cities across the United States, Europe, and Asia Pacific. For more information, please visit www.accuvant.com, follow us on Twitter: @Accuvant, or keep in touch via Facebook: http://tiny.cc/facebook553.
Friday, September 24, 2010
Independent Research Firm Names IBM a Leader in Managed Security Services
IBM today announced that it was ranked a leader in "The Forrester Wave™: Managed Security Services, Q3 2010" (August 2010) report and included prominently in "The Forrester Wave™: Information Security And Risk Consulting Services, Q3 2010" (August 2010) report.
The Forrester Wave ™: Managed Security Services, Q3 2010" report included 11 managed security service providers in the assessment. Forrester Research, Inc. thoroughly evaluated these vendors across 78 criteria, broken down into three main areas: current offering, strategy, and market presence. "The Forrester Wave™: Information Security And Risk Consulting Services, Q3 2010" included 12 information security and risk consulting service providers in the assessment and evaluated these vendors across 75 criteria also in three main areas: current offering, strategy and market presence.
The Forrester Wave™ managed security services (MSS) report stated that IBM was a leader in managed security services because of the flexibility, competency and breadth of coverage offered. The report stated: "IBM has the broadest suite of MSS of all the providers assessed in this Forrester Wave…. The IBM X-Force Threat Analysis service is well respected in the industry and provides leading-edge security intelligence and research to IBM clients…. Customers identified responsiveness and breadth of offerings as positive attributes for IBM."
Separately, the Forrester Wave™ Information Security and Risk Consulting Services report noted that IBM continues to offer significant value to its clients by delivering a wide spectrum of capabilities and expertise across its various business units. According to the report, "IBM offers the greatest number of security consulting services. It has a great presence in this market and continues to provide thought leadership and expertise in technical and operation areas of security…. Client references pointed to consultant expertise, customer service, and global presence as areas of strength."
"The Forrester Wave ™: Managed Security Services, Q3 2010" report stated: "security organizations that require global reach, a broad suite of security services, and good threat intelligence from a single vendor should look to IBM to deliver these services." Recommendations included in The Forrester Wave™: Information Security And Risk Consulting Services, Q3 2010" report noted "If you are looking for a single vendor that offers a breadth of capabilities and security technologies and that has a wealth of experience in working security, look to IBM."
"We believe this independent analysis reflects the focus IBM Managed Security Services has on delivering the right expertise, tools and infrastructure needed help to secure information assets and preempt security threats," said Marisa Viveros, vice president, IBM Security Services. "Our global team of security researchers, developers, and subject matter experts have a unique handle on the broad threat landscape, which benefits clients of all sizes and industries."
IBM is one of the world's leading providers of risk and security solutions. Through product offerings, professional security services and managed and cloud-based security services, IBM provides flexibility and breadth of solutions as a trusted security vendor. Clients around the world team with IBM to help reduce the complexities of security and strategically manage risk.
About IBM
For more information on IBM's security solutions, visit: http://www.ibm.com/security/
The Forrester Wave ™: Managed Security Services, Q3 2010" report included 11 managed security service providers in the assessment. Forrester Research, Inc. thoroughly evaluated these vendors across 78 criteria, broken down into three main areas: current offering, strategy, and market presence. "The Forrester Wave™: Information Security And Risk Consulting Services, Q3 2010" included 12 information security and risk consulting service providers in the assessment and evaluated these vendors across 75 criteria also in three main areas: current offering, strategy and market presence.
The Forrester Wave™ managed security services (MSS) report stated that IBM was a leader in managed security services because of the flexibility, competency and breadth of coverage offered. The report stated: "IBM has the broadest suite of MSS of all the providers assessed in this Forrester Wave…. The IBM X-Force Threat Analysis service is well respected in the industry and provides leading-edge security intelligence and research to IBM clients…. Customers identified responsiveness and breadth of offerings as positive attributes for IBM."
Separately, the Forrester Wave™ Information Security and Risk Consulting Services report noted that IBM continues to offer significant value to its clients by delivering a wide spectrum of capabilities and expertise across its various business units. According to the report, "IBM offers the greatest number of security consulting services. It has a great presence in this market and continues to provide thought leadership and expertise in technical and operation areas of security…. Client references pointed to consultant expertise, customer service, and global presence as areas of strength."
"The Forrester Wave ™: Managed Security Services, Q3 2010" report stated: "security organizations that require global reach, a broad suite of security services, and good threat intelligence from a single vendor should look to IBM to deliver these services." Recommendations included in The Forrester Wave™: Information Security And Risk Consulting Services, Q3 2010" report noted "If you are looking for a single vendor that offers a breadth of capabilities and security technologies and that has a wealth of experience in working security, look to IBM."
"We believe this independent analysis reflects the focus IBM Managed Security Services has on delivering the right expertise, tools and infrastructure needed help to secure information assets and preempt security threats," said Marisa Viveros, vice president, IBM Security Services. "Our global team of security researchers, developers, and subject matter experts have a unique handle on the broad threat landscape, which benefits clients of all sizes and industries."
IBM is one of the world's leading providers of risk and security solutions. Through product offerings, professional security services and managed and cloud-based security services, IBM provides flexibility and breadth of solutions as a trusted security vendor. Clients around the world team with IBM to help reduce the complexities of security and strategically manage risk.
About IBM
For more information on IBM's security solutions, visit: http://www.ibm.com/security/
Friday, September 17, 2010
BCMC Awarded Contract to Support DISA's Cyber Security Situational Awareness System
Business Computers Management Consulting Group, LLC announced today it has been awarded a contract by the Defense Information Systems Agency (DISA) to provide services in support of Department of Defense Cyber Situational Awareness. BCMC's work will initially be performed primarily at Falls Church, Va., but will move to Ft. Meade, MD in support of the BRAC.
DISA Program Executive Office Mission Assurance and Network Operations (PEO-MA) focuses on acquiring/developing, engineering, and implementing DoD Information Assurance and NetOps capabilities. DISA PEO-MA provides responsive, secure, and interoperable net-centric solutions necessary to secure and operate the Global Information Grid. Under the contract, BCMC will provide program support in areas including project management, engineering, integration, certification and accreditation, logistics, operations, maintenance, and test and evaluation.
"We are excited to support DISA as they maintain and enhance their overall DoD GIG situational awareness capabilities," said Kalvin Lee, President.
About BCMC
BCMC, an SBA 8(a) company, recognized as a "Top 500 Emerging Business in the US," is one of the fastest growing federal contracting firms in the greater Washington DC Metropolitan area. With core competencies in program management, engineering, and technology applications, BCMC uses expertise in cyber security and systems integration to provide critical solutions to solve problems of vital importance to the nation. BCMC's core of trusted engineers supports several branches of the US government such as the Department of Homeland Security (DHS), and the Department of Defense (DoD). For more information, please visit www.bcmcgroup.com.
DISA Program Executive Office Mission Assurance and Network Operations (PEO-MA) focuses on acquiring/developing, engineering, and implementing DoD Information Assurance and NetOps capabilities. DISA PEO-MA provides responsive, secure, and interoperable net-centric solutions necessary to secure and operate the Global Information Grid. Under the contract, BCMC will provide program support in areas including project management, engineering, integration, certification and accreditation, logistics, operations, maintenance, and test and evaluation.
"We are excited to support DISA as they maintain and enhance their overall DoD GIG situational awareness capabilities," said Kalvin Lee, President.
About BCMC
BCMC, an SBA 8(a) company, recognized as a "Top 500 Emerging Business in the US," is one of the fastest growing federal contracting firms in the greater Washington DC Metropolitan area. With core competencies in program management, engineering, and technology applications, BCMC uses expertise in cyber security and systems integration to provide critical solutions to solve problems of vital importance to the nation. BCMC's core of trusted engineers supports several branches of the US government such as the Department of Homeland Security (DHS), and the Department of Defense (DoD). For more information, please visit www.bcmcgroup.com.
Friday, October 23, 2009
D&D Consulting, Ltd. Offers Disaster.com for Sale
D&D Consulting, Ltd., which provides network design, information security, systems and technology management services for the public and private sector, today announced the intention to sell the internet domain Disaster.com.
The sale of Disaster.com is expected to draw a high national and international response specifically within the business continuity, disaster recovery, meteorology, media and insurance sectors.
Christopher Labatt-Simon, CEO, commented, "While still providing Continuous Business Operations services, after eighteen years D&D Consulting has diversified. Liquidating this asset will enable additional investment that will help drive the future growth of D&D Consulting, Ltd."
Originally registered in 1994, Disaster.com has a huge branding and advertising potential to the right organization. It is a unique opportunity to acquire a very rare and desirable single word domain name.
"I anticipate a domain of this value to be snapped up," Labatt-Simon continued, "Single word domain names of this rarity come to market infrequently and I am confident of a rapid sale."
The sale will take place by silent auction. The auction is expected to conclude by November 20th 2009.
Interested parties should contact Janice Haney at D&D Consulting, Ltd. to register their intent or go to disaster.com for more information.
D&D Consulting, a Woman Owned Business, was founded in 1992 and quickly established a reputation for client-centric IT solutions driven by business needs. Since then the company has experienced steady and sustained growth offering assessment, design, implementation and support services in the areas of network and communications infrastructure, security, systems, virtualization, application availability and performance, and management and lifecycle.
About D&D Consulting
D&D Consulting, Ltd. is a customer centric IT consulting company connecting client business initiatives to focused technology strategies and solutions. D&D specializes in network and communications infrastructure, information security, systems, applications performance and availability, and management and lifecycle services. We support customers throughout the technology lifecycle with assessment, planning, design, implementation and support services. D&D public sector customers include: NYS Executive Chamber, NYS Office For Technology, NYS Department of Transportation, NYS Division of Criminal Justice Services and the NYS Energy Research and Developmental Authority. Private sector customers include Pitney Bowes, Stewarts Shops, CommerceHub, and Hero Beechnut.
The sale of Disaster.com is expected to draw a high national and international response specifically within the business continuity, disaster recovery, meteorology, media and insurance sectors.
Christopher Labatt-Simon, CEO, commented, "While still providing Continuous Business Operations services, after eighteen years D&D Consulting has diversified. Liquidating this asset will enable additional investment that will help drive the future growth of D&D Consulting, Ltd."
Originally registered in 1994, Disaster.com has a huge branding and advertising potential to the right organization. It is a unique opportunity to acquire a very rare and desirable single word domain name.
"I anticipate a domain of this value to be snapped up," Labatt-Simon continued, "Single word domain names of this rarity come to market infrequently and I am confident of a rapid sale."
The sale will take place by silent auction. The auction is expected to conclude by November 20th 2009.
Interested parties should contact Janice Haney at D&D Consulting, Ltd. to register their intent or go to disaster.com for more information.
D&D Consulting, a Woman Owned Business, was founded in 1992 and quickly established a reputation for client-centric IT solutions driven by business needs. Since then the company has experienced steady and sustained growth offering assessment, design, implementation and support services in the areas of network and communications infrastructure, security, systems, virtualization, application availability and performance, and management and lifecycle.
About D&D Consulting
D&D Consulting, Ltd. is a customer centric IT consulting company connecting client business initiatives to focused technology strategies and solutions. D&D specializes in network and communications infrastructure, information security, systems, applications performance and availability, and management and lifecycle services. We support customers throughout the technology lifecycle with assessment, planning, design, implementation and support services. D&D public sector customers include: NYS Executive Chamber, NYS Office For Technology, NYS Department of Transportation, NYS Division of Criminal Justice Services and the NYS Energy Research and Developmental Authority. Private sector customers include Pitney Bowes, Stewarts Shops, CommerceHub, and Hero Beechnut.
Friday, October 16, 2009
Information Security Function "Protected" in Economic Crisis: PricewaterhouseCoopers/CIO/CSO Magazine’s Global State of Information Security Survey
According to the 7th annual Global State of Information Security Survey® 2010, released today, six out of ten respondents (63 percent) expect spending to either increase or stay the same – in spite of the worst economic downturn in decades – or perhaps because of it. The study, the largest of its kind, is conducted by PricewaterhouseCoopers LLP (PwC) in conjunction with CIO and CSO magazines. More than 7,200 executives from 130 countries across all industries were asked about their information security expectations. The results demonstrate that global leaders appear to be “protecting” the information function from budget cuts – but at the same time are placing it under intensive pressure to “perform.”
“The increased risk environment has visibly elevated the role and importance of the information security function to the entire business organization,” says Mark Lobel, an Advisory principal at PricewaterhouseCoopers. “After years of misalignment, business and IT leaders seem to be starting to think like each other. This year, as we move from 2009 to 2010, may turn out to be a high-stakes ‘coming of age’.”
The Global State of Information Security Survey® 2010 shows that across industries and from the private to the public sector, the downturn has had a major impact on security spending. A few key industry trends from this year’s survey include:
Financial Services
Health Industries
A key priority this year will be addressing a global trend in stiffer requirements for breach notification and specific technical controls.
More than 6 out of 10 provider respondents (61 percent) report that their organization does not have an incident response policy to report and handle breaches with third parties handling data.
As many countries address the security implications of electronic health record policies, U.S. providers need to address the HITECH Act
On February 17, 2009, President Obama signed into law the American Recovery and Reinvestment Act of 2009 ("ARRA"). Part of the ARRA, the HITECH Act strengthens and expands the scope of the HIPAA privacy and security rules.
As complexity and regulation increase within the industry - with heightened penalties and disclosure requirements for breaches and missteps - U.S. providers will need to understand the financial and operational implications for their organization.
Utilities
Reported incident type levels have declined across all elements, except one: the exploitation of data is now the leading type of incident.
Utility companies have advanced their security and privacy capabilities in the past year in areas including strategy, security leadership, privacy-related assessments, and integration.
Public Sector
Today a new generation of government employees is accessing social networks from work in great numbers, often without the knowledge of the IT department – and in circumvention of the traditional countermeasures employed by many. Some organizations have moved quickly to close this gap – but most need to do more – only 35 percent of government agencies have security technologies in place that support Web 2.0 exchanges.
In the U.S., advancing cyber security and private/public partnerships are additional emerging priorities.
While the “full damage report” for 2009 is not yet clear, the survey finds that business impacts such as financial losses, compromises to brand or reputation, and loss of shareholder value, have increased.
Global Trends
The survey reveals that North American and Asian security practices are no longer on par with one another, as was reported in last year’s survey. Asian respondents are far more likely than their North American colleagues to estimate that spending on security over the next year will either increase or stay the same (73 percent vs. 59 percent). South America also shows advances this year – 81 percent of respondents report they will increase spending or stay the same compared with 50 percent in Europe.
The study reveals that information security is a priority for organizations in China. More than 8 out of every 10 Chinese respondents expect information security spending to either increase or stay the same over the next 12 months – a higher score than nearly every other country in the world.
“As China muscles its way through the economic downturn, its security capabilities have stepped nimbly ahead of India’s – in a dramatic shift from last year’s trend –and, in the same one-year sweep, ahead of those in the U.S. and most of the world,” says Bob Bragdon, Publisher, CSO.
Looking Ahead
Survey results reveal that companies are placing high expectations on initiatives that take a strategic, risk-based approach. “This year, the message isn’t new or different. It’s just more urgent,” suggests Lobel. Organizations that want to “get it right” should be focusing on the following key issues:
Protecting data elements - a top priority
The number of respondents who say their organization has a data loss prevention (DLP) capability in place has leapt this year – from 29 percent in 2008 to 44 percent in 2009.
Addressing the risks associated with social networking
Four out of every ten respondents report that their organization has security technologies that support Web 2.0 exchanges, such as social networks, blogs, and wikis.
Cloud computing is “on the table”
While IT virtualization is a growing priority, only one out of every two respondents believes that it improves information security.
Lobel emphasizes, “If 2010 proves to be a ‘trial by fire’, these strategies will be enormously valuable – not just in limiting damages to assets and reputations and mitigating risks but also in positioning companies for the recovery period and stronger business performance in the years ahead.”
To learn more about the survey, including industry specific highlights and further regional information, please visit www.pwc.com/giss2010.
METHODOLOGY
The Global State of Information Security 2010 is a worldwide security survey by PricewaterhouseCoopers, CIO magazine and CSO magazine. It was conducted online from April 22 to June 15, 2009. Readers of CIO and CSO magazines and clients of PricewaterhouseCoopers from around the globe were invited via email to take the survey. The results discussed in this report are based on the responses of more than 7,200 CEOs, CFOs, CIOs, CSOs, vice presidents and directors of IT and information security from 130 countries. Thirty-one percent (31%) of respondents were from North America, 27% from Asia, 26% from Europe, 14% from South America, and 2% from the Middle East and South Africa. The margin of error is ±1%.
About CIO and CSO Magazines
CIO and CSO magazines are published by CXO Media Inc., producer of award-winning media properties, executive programs and the CIO Executive Council for corporate officers who use technology and security to thrive and prosper in this new era of business. The CIO portfolio includes CIO.com, CIO magazine (launched in 1987), CIO Executive Programs and the CIO Executive Council. CIO properties provide business technology leaders with analysis and insight on information technology trends and a keen understanding of IT’s role in achieving business goals. The U.S. edition of the magazine and website are recipients of more than 200 awards to date, including the Top B-to-B magazine since 2000 from American Society of Business Publication Editors, two Grand Neals from the Jesse H. Neal National Business Journalism Awards and two Magazine of the Year awards from the National Society of Business Publication Editors.
Launched in 2002 the CSO portfolio includes CSOonline.com, CSO magazine and CSO Executive Programs. The properties provide chief security officers (CSOs) in the public and private sectors with analysis and insight on security trends and a keen understanding of how to develop and implement successful strategies to secure all business assets—from people to information and financial value to physical infrastructure. The U.S. edition of the magazine and website are the recipients of more than 100 awards to date, including the Top B-to-B magazine since 2000 and Magazine of the Year award from the American Society of Business Publication Editors as well as the Grand Neal from the Jesse H. Neal National Business Journalism Awards. CXO Media is a subsidiary of International Data Group (IDG).
About PricewaterhouseCoopers' Advisory Practice
PricewaterhouseCoopers' business advisory professionals provide clients with the confidence to succeed by helping them anticipate, create and manage change. Whether clients are proactively implementing change or reacting to an unplanned event, we leverage our network's resources, deep industry experience, and functional acumen across the areas of operations, finance, organizational strategy and structure, process improvement, human resources effectiveness, technology integration and implementation, risk mitigation and crisis management to help organizations effect sustainable change.
About PricewaterhouseCoopers
PricewaterhouseCoopers provides industry-focused assurance, tax and advisory services to build public trust and enhance value for its clients and their stakeholders. More than 163,000 people in 151 countries across our network share their thinking, experience and solutions to develop fresh perspectives and practical advice.
“The increased risk environment has visibly elevated the role and importance of the information security function to the entire business organization,” says Mark Lobel, an Advisory principal at PricewaterhouseCoopers. “After years of misalignment, business and IT leaders seem to be starting to think like each other. This year, as we move from 2009 to 2010, may turn out to be a high-stakes ‘coming of age’.”
The Global State of Information Security Survey® 2010 shows that across industries and from the private to the public sector, the downturn has had a major impact on security spending. A few key industry trends from this year’s survey include:
Financial Services
- This year, fewer financial services respondents predict spending will increase (40 percent in 2009; 46 percent in 2008) yet two-thirds (64 percent) expect spending to either increase or stay the same.
- For the first time in the history of this survey, the majority of metrics used to track advances in security-related capabilities – across all major security domains, including strategy, structure, people, process and technology – have, by and large, for the financial services industry, not improved.
- Seventy-five percent of financial services respondents have an overall information security strategy in place, compared to 74 percent in 2008.
- Fifty-nine percent of financial services respondents report they conduct threat and vulnerability assessments (unchanged from 2008).
- Also unchanged from 2008 - 61 percent of financial services respondents require employees to complete training on privacy policies/practices.
Health Industries
A key priority this year will be addressing a global trend in stiffer requirements for breach notification and specific technical controls.
More than 6 out of 10 provider respondents (61 percent) report that their organization does not have an incident response policy to report and handle breaches with third parties handling data.
As many countries address the security implications of electronic health record policies, U.S. providers need to address the HITECH Act
On February 17, 2009, President Obama signed into law the American Recovery and Reinvestment Act of 2009 ("ARRA"). Part of the ARRA, the HITECH Act strengthens and expands the scope of the HIPAA privacy and security rules.
As complexity and regulation increase within the industry - with heightened penalties and disclosure requirements for breaches and missteps - U.S. providers will need to understand the financial and operational implications for their organization.
Utilities
Reported incident type levels have declined across all elements, except one: the exploitation of data is now the leading type of incident.
Utility companies have advanced their security and privacy capabilities in the past year in areas including strategy, security leadership, privacy-related assessments, and integration.
Public Sector
Today a new generation of government employees is accessing social networks from work in great numbers, often without the knowledge of the IT department – and in circumvention of the traditional countermeasures employed by many. Some organizations have moved quickly to close this gap – but most need to do more – only 35 percent of government agencies have security technologies in place that support Web 2.0 exchanges.
In the U.S., advancing cyber security and private/public partnerships are additional emerging priorities.
While the “full damage report” for 2009 is not yet clear, the survey finds that business impacts such as financial losses, compromises to brand or reputation, and loss of shareholder value, have increased.
Global Trends
The survey reveals that North American and Asian security practices are no longer on par with one another, as was reported in last year’s survey. Asian respondents are far more likely than their North American colleagues to estimate that spending on security over the next year will either increase or stay the same (73 percent vs. 59 percent). South America also shows advances this year – 81 percent of respondents report they will increase spending or stay the same compared with 50 percent in Europe.
The study reveals that information security is a priority for organizations in China. More than 8 out of every 10 Chinese respondents expect information security spending to either increase or stay the same over the next 12 months – a higher score than nearly every other country in the world.
“As China muscles its way through the economic downturn, its security capabilities have stepped nimbly ahead of India’s – in a dramatic shift from last year’s trend –and, in the same one-year sweep, ahead of those in the U.S. and most of the world,” says Bob Bragdon, Publisher, CSO.
Looking Ahead
Survey results reveal that companies are placing high expectations on initiatives that take a strategic, risk-based approach. “This year, the message isn’t new or different. It’s just more urgent,” suggests Lobel. Organizations that want to “get it right” should be focusing on the following key issues:
Protecting data elements - a top priority
The number of respondents who say their organization has a data loss prevention (DLP) capability in place has leapt this year – from 29 percent in 2008 to 44 percent in 2009.
Addressing the risks associated with social networking
Four out of every ten respondents report that their organization has security technologies that support Web 2.0 exchanges, such as social networks, blogs, and wikis.
Cloud computing is “on the table”
While IT virtualization is a growing priority, only one out of every two respondents believes that it improves information security.
Lobel emphasizes, “If 2010 proves to be a ‘trial by fire’, these strategies will be enormously valuable – not just in limiting damages to assets and reputations and mitigating risks but also in positioning companies for the recovery period and stronger business performance in the years ahead.”
To learn more about the survey, including industry specific highlights and further regional information, please visit www.pwc.com/giss2010.
METHODOLOGY
The Global State of Information Security 2010 is a worldwide security survey by PricewaterhouseCoopers, CIO magazine and CSO magazine. It was conducted online from April 22 to June 15, 2009. Readers of CIO and CSO magazines and clients of PricewaterhouseCoopers from around the globe were invited via email to take the survey. The results discussed in this report are based on the responses of more than 7,200 CEOs, CFOs, CIOs, CSOs, vice presidents and directors of IT and information security from 130 countries. Thirty-one percent (31%) of respondents were from North America, 27% from Asia, 26% from Europe, 14% from South America, and 2% from the Middle East and South Africa. The margin of error is ±1%.
About CIO and CSO Magazines
CIO and CSO magazines are published by CXO Media Inc., producer of award-winning media properties, executive programs and the CIO Executive Council for corporate officers who use technology and security to thrive and prosper in this new era of business. The CIO portfolio includes CIO.com, CIO magazine (launched in 1987), CIO Executive Programs and the CIO Executive Council. CIO properties provide business technology leaders with analysis and insight on information technology trends and a keen understanding of IT’s role in achieving business goals. The U.S. edition of the magazine and website are recipients of more than 200 awards to date, including the Top B-to-B magazine since 2000 from American Society of Business Publication Editors, two Grand Neals from the Jesse H. Neal National Business Journalism Awards and two Magazine of the Year awards from the National Society of Business Publication Editors.
Launched in 2002 the CSO portfolio includes CSOonline.com, CSO magazine and CSO Executive Programs. The properties provide chief security officers (CSOs) in the public and private sectors with analysis and insight on security trends and a keen understanding of how to develop and implement successful strategies to secure all business assets—from people to information and financial value to physical infrastructure. The U.S. edition of the magazine and website are the recipients of more than 100 awards to date, including the Top B-to-B magazine since 2000 and Magazine of the Year award from the American Society of Business Publication Editors as well as the Grand Neal from the Jesse H. Neal National Business Journalism Awards. CXO Media is a subsidiary of International Data Group (IDG).
About PricewaterhouseCoopers' Advisory Practice
PricewaterhouseCoopers' business advisory professionals provide clients with the confidence to succeed by helping them anticipate, create and manage change. Whether clients are proactively implementing change or reacting to an unplanned event, we leverage our network's resources, deep industry experience, and functional acumen across the areas of operations, finance, organizational strategy and structure, process improvement, human resources effectiveness, technology integration and implementation, risk mitigation and crisis management to help organizations effect sustainable change.
About PricewaterhouseCoopers
PricewaterhouseCoopers provides industry-focused assurance, tax and advisory services to build public trust and enhance value for its clients and their stakeholders. More than 163,000 people in 151 countries across our network share their thinking, experience and solutions to develop fresh perspectives and practical advice.
Tuesday, October 13, 2009
Accuvant Opens New Office in Atlanta
Accuvant, a leading provider of information security, risk and compliance management consulting services, announced today that it has opened a new office in Atlanta, Georgia. This is the fourth office the company has opened in the last three months.
"Demand for Accuvant's information security consulting services and technology solutions from new and existing customers continues to grow despite slow economic conditions," said Mark Bennett, area vice president of sales for Accuvant. "We believe this is a direct result of being known for continually delivering top quality service and expertise. There are myriad technology solutions that address information security, risk and compliance challenges, but companies want advice from a firm they can trust to determine the appropriate approach, proper implementation and optimization. Accuvant seeks to serve as our clients' trusted advisor. We are confident our entrance into the Atlanta market will enable us to better meet the needs of businesses in the southeast, which is home to some of the largest and most innovative companies in America."
Jeff Patton, regional director for Accuvant, will lead the Atlanta office. Over the next several quarters, Accuvant expects to add new positions in the areas of sales and support. With 25 offices nationwide, Accuvant is well-located to meet the needs of its growing client base, which includes financial, healthcare, education, telecom, manufacturing, retail, government, entertainment, transportation, hospitality and high tech.
Accuvant is the industry's only information security consulting firm and value-added reseller offering unmatched expertise in the areas of assessment, research, risk and compliance, underpinned by a strong understanding of more than 200 security and networking products.
About Accuvant
Accuvant is a leading provider of information security, risk and compliance management consulting services, with more than 2,000 customers across North America and Europe. The company's security advisors use industry expertise and proven methodologies to help large enterprises assess their environments, improve their compliance postures and secure their infrastructures. Headquartered in Denver, Accuvant has 25 offices across the United States. For more information on Accuvant, please visit www.accuvant.com.
"Demand for Accuvant's information security consulting services and technology solutions from new and existing customers continues to grow despite slow economic conditions," said Mark Bennett, area vice president of sales for Accuvant. "We believe this is a direct result of being known for continually delivering top quality service and expertise. There are myriad technology solutions that address information security, risk and compliance challenges, but companies want advice from a firm they can trust to determine the appropriate approach, proper implementation and optimization. Accuvant seeks to serve as our clients' trusted advisor. We are confident our entrance into the Atlanta market will enable us to better meet the needs of businesses in the southeast, which is home to some of the largest and most innovative companies in America."
Jeff Patton, regional director for Accuvant, will lead the Atlanta office. Over the next several quarters, Accuvant expects to add new positions in the areas of sales and support. With 25 offices nationwide, Accuvant is well-located to meet the needs of its growing client base, which includes financial, healthcare, education, telecom, manufacturing, retail, government, entertainment, transportation, hospitality and high tech.
Accuvant is the industry's only information security consulting firm and value-added reseller offering unmatched expertise in the areas of assessment, research, risk and compliance, underpinned by a strong understanding of more than 200 security and networking products.
About Accuvant
Accuvant is a leading provider of information security, risk and compliance management consulting services, with more than 2,000 customers across North America and Europe. The company's security advisors use industry expertise and proven methodologies to help large enterprises assess their environments, improve their compliance postures and secure their infrastructures. Headquartered in Denver, Accuvant has 25 offices across the United States. For more information on Accuvant, please visit www.accuvant.com.
Verizon Business Offers IT and Security Tips to Guide Clients Through Merger Integrations
Among the many complex issues driven by merger and acquisition (M&A) activity is the need for IT leaders to meld disparate systems and processes. A failure to effectively assess and devise a strategic plan to securely combine IT systems can lead to tremendous trouble and expense at a critical time for the acquiring company.
With this in mind, Verizon Business is offering five tips to assist businesses in building a successful framework for bringing together and securing IT systems.
1) Align IT and security integration with business intent. Oftentimes, IT and security managers do not take the necessary time, or are not given sufficient opportunity, to fully understand the business strategy behind a merger or acquisition. As such, they are tempted to make integration decisions based on IT drivers alone, rather than considering the accompanying business objectives as part of the greater picture.
IT leaders should make sure they understand how the business strategy aligns with the IT and security integration, so that the solution chosen is optimal for the business overall.
2) Communicate and plan effectively. Well-planned and executed integration activities and strong communications plans are essential to a successful merger or acquisition. This is true for any part of the organization going through changes, including IT.
There may be significant turmoil and uncertainty among employees of an acquired organization. IT executives should communicate information to their employees in a timely, easy-to-understand manner to stave off productivity loss and malintent due to speculation and fear.
It is equally important for company leaders to define a realistic roadmap for critical IT infrastructure and plan for additional load on the workforce during the transition, and to communicate this information to employees effectively.
3) Inventory all existing and incoming IT assets. First, ensure that the company has a strong visibility into and understanding of its own IT assets. This provides the basis for a successful IT integration. When acquiring another company, take a thorough inventory of the acquired company's IT assets. Acquiring companies often do not have a full understanding of the IT assets they are acquiring, which opens up the company to increased risk.
This is more common than an IT manager might suspect. Sixty-six percent of all breaches investigated by Verizon Business in 2008 involved data that a company did not even know was on its systems. Be aware that while you are gaining IT assets, you may also be increasing your risk.
4) Understand the technical and reputational risks. As part of due diligence, understand the viability, scalability, flexibility, financial position, regulatory compliance, market share and service qualifications of major suppliers of services, hardware and software. This includes a thorough review of third-party organizations -- such as vendors, customers and partners -- that connect to the acquired business via its extended enterprise. Failure to review the company's third-party relationships can impact security compliance and the initiatives surrounding them.
5) Assess IT maturity. Finally, as part of post-merger activity, determine the maturity of the acquired company's IT assets. Identify the company's compliance with industry regulations. Learn about the company's disaster and recovery procedures. Review all essential IT practices concerning capacity management, change management and approval and problem management. An awareness of the company's youth or maturity from an IT perspective can help the acquiring organization decide where it has incoming security strengths and weaknesses.
"As a leader in security and IT services, Verizon Business is poised to help clients make the most of a merger or acquisition, especially with M&A activity heating up as the economy continues to improve," said Kerry Bailey, senior vice president of global services, Verizon Business. "Through our client engagements, we have learned that these five simple tips can help customers avoid common IT and security pitfalls associated with M&A activity. This allows a business to come out of an acquisition faster and stronger."
Verizon Business Consulting Services Ease the IT Transition
Verizon Business offers a full range of security and IT consulting services aimed at helping organizations manage the M&A process as part of a robust global portfolio of expert professional services. Backed by a team of more than 2,700 consultants in 30 countries, Verizon Business offers consulting services that help customers map out their security and IT requirements and calculate risk; identify which IT assets, data and applications are most critical to the business; and design and implement plans to securely consolidate the IT infrastructure and network.
About Verizon Business
Verizon Business, a unit of Verizon Communications (NYSE: VZ), is a global leader in communications and IT solutions. We combine professional expertise with the world's most connected IP network to deliver award-winning communications, IT, information security and network solutions. We securely connect today's extended enterprises of widespread and mobile customers, partners, suppliers and employees -- enabling them to increase productivity and efficiency and help preserve the environment. Many of the world's largest businesses and governments -- including 96 percent of the Fortune 1000 and thousands of government agencies and educational institutions -- rely on our professional and managed services and network technologies to accelerate their business. Find out more at www.verizonbusiness.com.
With this in mind, Verizon Business is offering five tips to assist businesses in building a successful framework for bringing together and securing IT systems.
1) Align IT and security integration with business intent. Oftentimes, IT and security managers do not take the necessary time, or are not given sufficient opportunity, to fully understand the business strategy behind a merger or acquisition. As such, they are tempted to make integration decisions based on IT drivers alone, rather than considering the accompanying business objectives as part of the greater picture.
IT leaders should make sure they understand how the business strategy aligns with the IT and security integration, so that the solution chosen is optimal for the business overall.
2) Communicate and plan effectively. Well-planned and executed integration activities and strong communications plans are essential to a successful merger or acquisition. This is true for any part of the organization going through changes, including IT.
There may be significant turmoil and uncertainty among employees of an acquired organization. IT executives should communicate information to their employees in a timely, easy-to-understand manner to stave off productivity loss and malintent due to speculation and fear.
It is equally important for company leaders to define a realistic roadmap for critical IT infrastructure and plan for additional load on the workforce during the transition, and to communicate this information to employees effectively.
3) Inventory all existing and incoming IT assets. First, ensure that the company has a strong visibility into and understanding of its own IT assets. This provides the basis for a successful IT integration. When acquiring another company, take a thorough inventory of the acquired company's IT assets. Acquiring companies often do not have a full understanding of the IT assets they are acquiring, which opens up the company to increased risk.
This is more common than an IT manager might suspect. Sixty-six percent of all breaches investigated by Verizon Business in 2008 involved data that a company did not even know was on its systems. Be aware that while you are gaining IT assets, you may also be increasing your risk.
4) Understand the technical and reputational risks. As part of due diligence, understand the viability, scalability, flexibility, financial position, regulatory compliance, market share and service qualifications of major suppliers of services, hardware and software. This includes a thorough review of third-party organizations -- such as vendors, customers and partners -- that connect to the acquired business via its extended enterprise. Failure to review the company's third-party relationships can impact security compliance and the initiatives surrounding them.
5) Assess IT maturity. Finally, as part of post-merger activity, determine the maturity of the acquired company's IT assets. Identify the company's compliance with industry regulations. Learn about the company's disaster and recovery procedures. Review all essential IT practices concerning capacity management, change management and approval and problem management. An awareness of the company's youth or maturity from an IT perspective can help the acquiring organization decide where it has incoming security strengths and weaknesses.
"As a leader in security and IT services, Verizon Business is poised to help clients make the most of a merger or acquisition, especially with M&A activity heating up as the economy continues to improve," said Kerry Bailey, senior vice president of global services, Verizon Business. "Through our client engagements, we have learned that these five simple tips can help customers avoid common IT and security pitfalls associated with M&A activity. This allows a business to come out of an acquisition faster and stronger."
Verizon Business Consulting Services Ease the IT Transition
Verizon Business offers a full range of security and IT consulting services aimed at helping organizations manage the M&A process as part of a robust global portfolio of expert professional services. Backed by a team of more than 2,700 consultants in 30 countries, Verizon Business offers consulting services that help customers map out their security and IT requirements and calculate risk; identify which IT assets, data and applications are most critical to the business; and design and implement plans to securely consolidate the IT infrastructure and network.
About Verizon Business
Verizon Business, a unit of Verizon Communications (NYSE: VZ), is a global leader in communications and IT solutions. We combine professional expertise with the world's most connected IP network to deliver award-winning communications, IT, information security and network solutions. We securely connect today's extended enterprises of widespread and mobile customers, partners, suppliers and employees -- enabling them to increase productivity and efficiency and help preserve the environment. Many of the world's largest businesses and governments -- including 96 percent of the Fortune 1000 and thousands of government agencies and educational institutions -- rely on our professional and managed services and network technologies to accelerate their business. Find out more at www.verizonbusiness.com.
Thursday, October 1, 2009
Boston-Based Computer Forensics Expert Launches Arsenal Consulting
Today, computer forensics industry veteran Mark Spencer, announced the launch of Arsenal Consulting, a high-technology litigation consulting firm. The new venture provides Boston-area law firms, corporations and government agencies with cutting edge computer forensics, information security and electronic discovery solutions to meet their litigation challenges.
"I am extremely excited to officially introduce Arsenal Consulting to the region's legal and business communities," said Spencer, who brings over a decade of law-enforcement and private-sector computer forensics experience to his role as President. "We have already provided several well-known clients with customized solutions and counsel, and we look forward to emerging as the region's go-to high-technology litigation consulting resource."
While Arsenal Consulting specializes in employing best-in-class technologies to preserve, analyze, and report on electronic evidence, the firm's prominence is due to its ability to understand litigation challenges and then provide tailored and comprehensible solutions and counsel. The Arsenal team's diverse skill set and industry experience, including those of Spencer and his top computer forensics analyst Soyup Hahn, will contribute to the firm's continued growth.
"My combination of criminal, civil and teaching experience dovetails perfectly with Soyup's computer systems engineering background," said Spencer. "These complimentary skills are exactly what clients look for from a computer forensics and high-technology litigation consulting partner."
In addition to his day-to-day responsibilities with Arsenal, Spencer is also an accomplished education professional. Spencer serves as an instructor for the Computer Security Institute and is an adjunct professor in computer forensics at Bunker Hill Community College in Boston.
Spencer will be sharing his expertise during a presentation for area attorneys on the Practical Benefits of Computer Forensics at the University of Massachusetts Club on November 24(th).
For more information on Arsenal Consulting, Spencer, and the rest of the team, please visit: http://www.ArsenalExperts.com/
About Arsenal Consulting
Based in Chelsea, Massachusetts, Arsenal Consulting provides high-technology litigation consulting services to law firms, corporations, and government agencies. The firm's core areas of expertise are computer forensics, information security, and electronic discovery. Arsenal Consulting leverages both proven technologies and the latest techniques to fulfill clients' needs.
"I am extremely excited to officially introduce Arsenal Consulting to the region's legal and business communities," said Spencer, who brings over a decade of law-enforcement and private-sector computer forensics experience to his role as President. "We have already provided several well-known clients with customized solutions and counsel, and we look forward to emerging as the region's go-to high-technology litigation consulting resource."
While Arsenal Consulting specializes in employing best-in-class technologies to preserve, analyze, and report on electronic evidence, the firm's prominence is due to its ability to understand litigation challenges and then provide tailored and comprehensible solutions and counsel. The Arsenal team's diverse skill set and industry experience, including those of Spencer and his top computer forensics analyst Soyup Hahn, will contribute to the firm's continued growth.
"My combination of criminal, civil and teaching experience dovetails perfectly with Soyup's computer systems engineering background," said Spencer. "These complimentary skills are exactly what clients look for from a computer forensics and high-technology litigation consulting partner."
In addition to his day-to-day responsibilities with Arsenal, Spencer is also an accomplished education professional. Spencer serves as an instructor for the Computer Security Institute and is an adjunct professor in computer forensics at Bunker Hill Community College in Boston.
Spencer will be sharing his expertise during a presentation for area attorneys on the Practical Benefits of Computer Forensics at the University of Massachusetts Club on November 24(th).
For more information on Arsenal Consulting, Spencer, and the rest of the team, please visit: http://www.ArsenalExperts.com/
About Arsenal Consulting
Based in Chelsea, Massachusetts, Arsenal Consulting provides high-technology litigation consulting services to law firms, corporations, and government agencies. The firm's core areas of expertise are computer forensics, information security, and electronic discovery. Arsenal Consulting leverages both proven technologies and the latest techniques to fulfill clients' needs.
Tuesday, August 25, 2009
Accuvant Named One of America's Fastest-Growing Private Companies by Inc. Magazine
Accuvant, a leading provider of information security, risk and compliance management consulting services, announced today that is has been named one of fastest growing private companies by Inc., a business magazine for entrepreneurs.
Inc. ranked Accuvant No. 1,251 on its third annual Inc. 5000 list, which represents the most comprehensive look at the most important segment of the economy - America's independent-minded entrepreneurs. Consumer electronics maker Vizio, Internet giant GoDaddy, rental car service Zipcar and beverage maker Honest Tea are among the prominent brands featured on this year's list.
"Savvy trend spotters and those who invest in private companies know that the Inc. 5000 is the best place to find out about young companies that are achieving success through a wide variety of unprecedented business models, as well as older private companies that are still expanding at an impressive rate," said Inc. 5000 project manager Jim Melloan. "That's why our list is so eagerly anticipated every year."
Accuvant is a leading information security, risk and compliance management consulting firm. The company was founded in 2002 by a group of security veterans who saw the need for comprehensive security solutions that bridged the gap between product vendors and end users by combining best in class technology with expert consulting services.
"We are very pleased to once again have been named to Inc.'s fastest growing private company list," said Scott Walker, vice president of strategic planning for Accuvant. "This is the third year in a row Accuvant has received this prestigious distinction. We believe our accelerated growth and continued success in the information security industry is a direct result of our extremely talented employees, continuously high levels of customer service and ability to tailor solutions that meet our clients' unique and complex information security needs."
The 2009 Inc. 5000 serves as a unique report card on the U.S. economy. Despite the ongoing recession, aggregate revenue among the companies on the list increased to $214 billion, up $29 billion from last year, with a median three-year growth rate of 126 percent. The Inc. 5000 are also responsible for creating more than 1 million jobs since their founding.
Methodology
The Inc. 5000 is ranked according to percentage revenue growth from 2005 through 2008. To qualify, companies must have been founded and generating revenue by the first week of 2005, and therefore able to show four full calendar years of sales. Additionally, they have to be U.S.-based, privately held, for profit, and independent -- not subsidiaries or divisions of other companies -- as of December 31, 2008. Revenue in 2005 must have been at least $200,000, and revenue in 2008 must have been at least $2 million. The top 10 percent of companies on the list comprise the Inc. 500, now in its 28th year.
About Accuvant
Accuvant is a leading provider of information security, risk and compliance management consulting services, with more than 2,000 customers across North America and Europe. The company's security advisors use industry expertise and proven methodologies to help large enterprises assess their environments, improve their compliance postures and secure their infrastructures. Headquartered in Denver, Accuvant has 24 offices across the United States. For more information on Accuvant, please visit www.accuvant.com.
About Inc. Magazine
Founded in 1979 and acquired in 2005 by Mansueto Ventures LLC, Inc. (www.inc.com) is the only major business magazine dedicated exclusively to owners and managers of growing private companies that delivers real solutions for today's innovative company builders. With a total paid circulation of 712,961, Inc. provides hands-on tools and market-tested strategies for managing people, finances, sales, marketing, and technology. Visit us online at Inc.com.
About the Inc. 500|5000 Conference
Each year, Inc. and Inc.com celebrate the remarkable achievements of today's entrepreneurial superstars--the privately held small businesses that drive our economy. The Inc. 500|5000 Conference & Awards Ceremony brings together members of the Inc. 5000 community, both a new class of Inc. 5000 honorees and the list's alumni, for three days of powerful networking, inspired learning, and momentous celebration. Please join us September 23-25, 2009, at the Gaylord National Resort and Convention Center in National Harbor, Maryland. For more information about the 2009 Inc. 500|5000 Conference & Awards Ceremony, and to register, visit www.Inc5000event.com. Stay connected with Inc. Events by following @IncEvents on Twitter.
Inc. ranked Accuvant No. 1,251 on its third annual Inc. 5000 list, which represents the most comprehensive look at the most important segment of the economy - America's independent-minded entrepreneurs. Consumer electronics maker Vizio, Internet giant GoDaddy, rental car service Zipcar and beverage maker Honest Tea are among the prominent brands featured on this year's list.
"Savvy trend spotters and those who invest in private companies know that the Inc. 5000 is the best place to find out about young companies that are achieving success through a wide variety of unprecedented business models, as well as older private companies that are still expanding at an impressive rate," said Inc. 5000 project manager Jim Melloan. "That's why our list is so eagerly anticipated every year."
Accuvant is a leading information security, risk and compliance management consulting firm. The company was founded in 2002 by a group of security veterans who saw the need for comprehensive security solutions that bridged the gap between product vendors and end users by combining best in class technology with expert consulting services.
"We are very pleased to once again have been named to Inc.'s fastest growing private company list," said Scott Walker, vice president of strategic planning for Accuvant. "This is the third year in a row Accuvant has received this prestigious distinction. We believe our accelerated growth and continued success in the information security industry is a direct result of our extremely talented employees, continuously high levels of customer service and ability to tailor solutions that meet our clients' unique and complex information security needs."
The 2009 Inc. 5000 serves as a unique report card on the U.S. economy. Despite the ongoing recession, aggregate revenue among the companies on the list increased to $214 billion, up $29 billion from last year, with a median three-year growth rate of 126 percent. The Inc. 5000 are also responsible for creating more than 1 million jobs since their founding.
Methodology
The Inc. 5000 is ranked according to percentage revenue growth from 2005 through 2008. To qualify, companies must have been founded and generating revenue by the first week of 2005, and therefore able to show four full calendar years of sales. Additionally, they have to be U.S.-based, privately held, for profit, and independent -- not subsidiaries or divisions of other companies -- as of December 31, 2008. Revenue in 2005 must have been at least $200,000, and revenue in 2008 must have been at least $2 million. The top 10 percent of companies on the list comprise the Inc. 500, now in its 28th year.
About Accuvant
Accuvant is a leading provider of information security, risk and compliance management consulting services, with more than 2,000 customers across North America and Europe. The company's security advisors use industry expertise and proven methodologies to help large enterprises assess their environments, improve their compliance postures and secure their infrastructures. Headquartered in Denver, Accuvant has 24 offices across the United States. For more information on Accuvant, please visit www.accuvant.com.
About Inc. Magazine
Founded in 1979 and acquired in 2005 by Mansueto Ventures LLC, Inc. (www.inc.com) is the only major business magazine dedicated exclusively to owners and managers of growing private companies that delivers real solutions for today's innovative company builders. With a total paid circulation of 712,961, Inc. provides hands-on tools and market-tested strategies for managing people, finances, sales, marketing, and technology. Visit us online at Inc.com.
About the Inc. 500|5000 Conference
Each year, Inc. and Inc.com celebrate the remarkable achievements of today's entrepreneurial superstars--the privately held small businesses that drive our economy. The Inc. 500|5000 Conference & Awards Ceremony brings together members of the Inc. 5000 community, both a new class of Inc. 5000 honorees and the list's alumni, for three days of powerful networking, inspired learning, and momentous celebration. Please join us September 23-25, 2009, at the Gaylord National Resort and Convention Center in National Harbor, Maryland. For more information about the 2009 Inc. 500|5000 Conference & Awards Ceremony, and to register, visit www.Inc5000event.com. Stay connected with Inc. Events by following @IncEvents on Twitter.
Wednesday, July 29, 2009
Guidance Consulting Looks to the Future of IT Vulnerability Attacks with a New Vulnerability Management Program
According to the experts at specialty IT consulting and network provider company Guidance Consulting, one of the most difficult aspects of infrastructure and network security is the fast pace of vulnerability attacks. Up to 100 new, real-threat viruses are spread each month, and those that are email viruses tend to peak after just eight hours of being released. For companies like Guidance Consulting, these numbers represent challenges that must be addressed on a daily basis.
Not only is it important to create vulnerability protection that prevents attacks from known sources, but protection against the unknown is equally important in today's computer-based business climate. This is a challenge for even the most technologically-advanced companies, since knowing where the damages are going to occur next can be costly, time-intensive, and oftentimes, incorrect.
Fortunately, companies like Guidance Consulting take the guesswork out of these types of problems. In fact, it is their job to keep businesses away from the dangers and prepared for the next wave of attacks.
For the immediate future, vulnerability attacks are expected to be more about multi-wave attack methods. "These types of viruses are the worst kinds," says Ronald Gottilla, senior consultant at Guidance Consulting. "They are built to change after just days or even hours of their initial release." For most companies and computer users, this means that vulnerability protection methods don't have a chance. As soon as a spyware program is updated to catch the newest virus, the virus changes its signature, which gives it a chance to re-infect computer systems and spread throughout the Internet.
"This focus on multi-wave attacks is part of a growing trend," Gottilla adds. "The truth is, viruses alone count for billions of dollars in lost productivity and equipment every year. Most business can't afford to be vulnerable to these types of attacks."
The multi-wave attack trend could change at any time, too. Gottilla and his associates recommend regular updates and a strong IT partner to prevent and prepare for whatever the malicious virus creators have in mind next.
About Guidance Consulting
Guidance Consulting is a technology solutions firm offering a range of services related to technology, infrastructure development, and general information technology consulting.
For over 15 years, Guidance Consulting has been delivering profitable technology results to everything from small, private firms to Fortune 500 companies. In addition to meeting employment and staffing needs, Guidance Consulting implements a wide range of IT solutions that help companies to cut costs, increase productivity, and avoid damages associated with vulnerability issues to get the most out of the current technologies available for businesses of all sizes.
For more information on making Guidance Consulting a part of your company's IT support team, visit their website at http://www.guidance-consulting.com.
Not only is it important to create vulnerability protection that prevents attacks from known sources, but protection against the unknown is equally important in today's computer-based business climate. This is a challenge for even the most technologically-advanced companies, since knowing where the damages are going to occur next can be costly, time-intensive, and oftentimes, incorrect.
Fortunately, companies like Guidance Consulting take the guesswork out of these types of problems. In fact, it is their job to keep businesses away from the dangers and prepared for the next wave of attacks.
For the immediate future, vulnerability attacks are expected to be more about multi-wave attack methods. "These types of viruses are the worst kinds," says Ronald Gottilla, senior consultant at Guidance Consulting. "They are built to change after just days or even hours of their initial release." For most companies and computer users, this means that vulnerability protection methods don't have a chance. As soon as a spyware program is updated to catch the newest virus, the virus changes its signature, which gives it a chance to re-infect computer systems and spread throughout the Internet.
"This focus on multi-wave attacks is part of a growing trend," Gottilla adds. "The truth is, viruses alone count for billions of dollars in lost productivity and equipment every year. Most business can't afford to be vulnerable to these types of attacks."
The multi-wave attack trend could change at any time, too. Gottilla and his associates recommend regular updates and a strong IT partner to prevent and prepare for whatever the malicious virus creators have in mind next.
About Guidance Consulting
Guidance Consulting is a technology solutions firm offering a range of services related to technology, infrastructure development, and general information technology consulting.
For over 15 years, Guidance Consulting has been delivering profitable technology results to everything from small, private firms to Fortune 500 companies. In addition to meeting employment and staffing needs, Guidance Consulting implements a wide range of IT solutions that help companies to cut costs, increase productivity, and avoid damages associated with vulnerability issues to get the most out of the current technologies available for businesses of all sizes.
For more information on making Guidance Consulting a part of your company's IT support team, visit their website at http://www.guidance-consulting.com.
Tuesday, July 28, 2009
Nebulas Security’s New Assessment Highlights Risks to Corporate Data
Nebulas Security, the data security specialist has just launched its new Data Loss Prevention (DLP) Assessment to help companies fully understand and address the risks they face from losing their corporate data.
The Assessment helps companies assess the potential security weaknesses in their systems: Verizon’s 2009 Data Breach Investigation Report showed that during last year, 285 million records were compromised and 74% of the data breaches analysed were caused by external parties. It also highlighted that over 90% of the breaches were linked to organised criminal groups.
Aiming to help companies secure their systems against such losses, Nebulas Security’s DLP Assessment qualifies and quantifies the risks to organisations’ data. It also highlights the impact losing or leaking data would have on the business. In addition to looking at data at rest (such as file shares), the comprehensive Assessment shows the risks presented by data in motion, such as email, Instant Messaging, web traffic and FTP file transfers. By analysing data in its different states, the Assessment shows the implications of where data is stored and who can access it; often highlighting unforeseen threats to its security.
Nick Garlick, Nebulas Security’s Managing Director is confident that many organisations will see the benefit of this new Assessment. He commented: “Most organisations have now deployed considerable amounts of security technology to protect themselves from external and internal threats. As a result, the challenge is now to understand the effectiveness of the technology that they’ve installed. This Assessment shows customers exactly where they’re vulnerable, the risks they face, the impact data leaks and losses would have on their business.
He added: “The Assessment gives customers detailed information which they can use as a blue-print to address their security issues before they become a major problem or result in serious financial loss, damage to their credibility or legal action. The Financial Services Authority fining three HSBC companies £3.2 million for not doing enough to protect customer data is a case in point.”
The Assessment takes place over a number of days: a monitoring device is installed on the organisation’s network, which unobtrusively gathers data without any impact on its performance. Following careful analysis of the findings, Nebulas Security produces a detailed report summarising the risks which organisations face.
The report’s management summary gives a high level perspective, which is then broken down into more specific information such as a quantifiable list of the greatest risks to the business. It is accompanied by a full statistical analysis by type of data and activity.
About Nebulas Solutions Group
Nebulas Solutions Group is a security, acceleration and virtualisation specialist. The Group offers sophisticated technology solutions, consultancy and implementation expertise to help organisations address their key business issues of data security, acceleration and availability.
Nebulas Solutions Group comprises three divisions: Nebulas Security is the UK’s leading provider of IT security, data privacy and compliance solutions. Nebulas Xcelerate provides leading WAN optimisation and applications acceleration solutions and Nebulas Virtualise offers market leading virtualisation solutions. The Group’s combined expertise ensures that organisations can maximise the performance, efficiency and security of their IT infrastructure, as well as reducing operating costs.
Based in London, Nebulas Solutions Group has more than 200 customers worldwide, including many blue chip and FTSE 250 organisations. For further information, go to www.nebulassolutions.com.
The Assessment helps companies assess the potential security weaknesses in their systems: Verizon’s 2009 Data Breach Investigation Report showed that during last year, 285 million records were compromised and 74% of the data breaches analysed were caused by external parties. It also highlighted that over 90% of the breaches were linked to organised criminal groups.
Aiming to help companies secure their systems against such losses, Nebulas Security’s DLP Assessment qualifies and quantifies the risks to organisations’ data. It also highlights the impact losing or leaking data would have on the business. In addition to looking at data at rest (such as file shares), the comprehensive Assessment shows the risks presented by data in motion, such as email, Instant Messaging, web traffic and FTP file transfers. By analysing data in its different states, the Assessment shows the implications of where data is stored and who can access it; often highlighting unforeseen threats to its security.
Nick Garlick, Nebulas Security’s Managing Director is confident that many organisations will see the benefit of this new Assessment. He commented: “Most organisations have now deployed considerable amounts of security technology to protect themselves from external and internal threats. As a result, the challenge is now to understand the effectiveness of the technology that they’ve installed. This Assessment shows customers exactly where they’re vulnerable, the risks they face, the impact data leaks and losses would have on their business.
He added: “The Assessment gives customers detailed information which they can use as a blue-print to address their security issues before they become a major problem or result in serious financial loss, damage to their credibility or legal action. The Financial Services Authority fining three HSBC companies £3.2 million for not doing enough to protect customer data is a case in point.”
The Assessment takes place over a number of days: a monitoring device is installed on the organisation’s network, which unobtrusively gathers data without any impact on its performance. Following careful analysis of the findings, Nebulas Security produces a detailed report summarising the risks which organisations face.
The report’s management summary gives a high level perspective, which is then broken down into more specific information such as a quantifiable list of the greatest risks to the business. It is accompanied by a full statistical analysis by type of data and activity.
About Nebulas Solutions Group
Nebulas Solutions Group is a security, acceleration and virtualisation specialist. The Group offers sophisticated technology solutions, consultancy and implementation expertise to help organisations address their key business issues of data security, acceleration and availability.
Nebulas Solutions Group comprises three divisions: Nebulas Security is the UK’s leading provider of IT security, data privacy and compliance solutions. Nebulas Xcelerate provides leading WAN optimisation and applications acceleration solutions and Nebulas Virtualise offers market leading virtualisation solutions. The Group’s combined expertise ensures that organisations can maximise the performance, efficiency and security of their IT infrastructure, as well as reducing operating costs.
Based in London, Nebulas Solutions Group has more than 200 customers worldwide, including many blue chip and FTSE 250 organisations. For further information, go to www.nebulassolutions.com.
Friday, June 5, 2009
NCX Group Offers Businesses Information Risk Advisory Program
NCX Group, a leading information risk management consulting firm, today announced the expansion of its MyCSO (My Chief Security Officer) Services to include MyCSO Advisor, a one-on-one telephone and email-based advisory program relating to Information Security, Business Continuity, Incident Response, as well as regulatory compliance.
"MyCSO Advisor is a perfect support option to assist in addressing today's information risk and compliance requirements," said Mike Fitzpatrick, CEO of NCX Group. "For a price as low as $995 per year, every business can get objective and knowledgeable advice to assist them in making the most educated decisions involving their information risk. A 'second set of eyes' from experienced consultants can be invaluable to validate a decision or possibly expose areas not considered."
According to Fitzpatrick, the increased focus on information risk management by President Obama and his administration will make ISO security standards and meeting regulatory requirements such as PCI, FISMA HIPAA, GLBA, and SOX more critical than ever before. "MyCSO Advisor expands the scope and value of our MyCSO outsourced risk management services to assist organizations in proactively managing their business information risk," Fitzpatrick added. "Businesses are facing some very difficult decisions in this tough economic climate and the slightest misstep in executing an organization's information risk management plan could be very costly. With MyCSO Advisor, business leaders can have access to the resources they need when making decisions that impact their company's risk and well-being."
NCX Group's MyCSO embraces three levels of outsourced information risk management services that reduce the cost of in-house capabilities:
MyCSO Advisor - Adds information risk management expertise to an organization's staff by providing one-on-one access to an expert in Information Security, Business Continuity, and Incident Response.
MyCSO Analyst - Provides 24x7x365 customized intrusion detection, security event management, log management, and security event correlation services.
MyCSO Assurance - A fully customized program that tackles the strategic objectives, as well as the tactical requirements, of an information security assurance program. MyCSO Assurance specifically addresses assessment, governance, awareness training, policies and procedures, incident response and day-to-day security operations management.
NCX Group's highly credentialed and skilled consultants are leaders in their fields of expertise with between 15 and 25 years experience. They hold the following certifications: CISSP, CISM, CISA, CSSA, CCIE, Certified EnCase Examiner, and Business Continuity Institute Fellow.
About NCX Group, Inc.
NCX Group, Inc. is a leading information risk management firm specializing in the assessment and mitigation of risk associated with today's technologies and business processes. Focused exclusively on the real-world information risk management requirements of small, midsize and divisions of Global 1000 companies, NCX Group offers information security, business continuity, incident response, and security event management services.
NCX Group is headquartered in Newport Beach, California. For more information about NCX Group, its services and offerings, visit http://www.ncxgroup.com.
"MyCSO Advisor is a perfect support option to assist in addressing today's information risk and compliance requirements," said Mike Fitzpatrick, CEO of NCX Group. "For a price as low as $995 per year, every business can get objective and knowledgeable advice to assist them in making the most educated decisions involving their information risk. A 'second set of eyes' from experienced consultants can be invaluable to validate a decision or possibly expose areas not considered."
According to Fitzpatrick, the increased focus on information risk management by President Obama and his administration will make ISO security standards and meeting regulatory requirements such as PCI, FISMA HIPAA, GLBA, and SOX more critical than ever before. "MyCSO Advisor expands the scope and value of our MyCSO outsourced risk management services to assist organizations in proactively managing their business information risk," Fitzpatrick added. "Businesses are facing some very difficult decisions in this tough economic climate and the slightest misstep in executing an organization's information risk management plan could be very costly. With MyCSO Advisor, business leaders can have access to the resources they need when making decisions that impact their company's risk and well-being."
NCX Group's MyCSO embraces three levels of outsourced information risk management services that reduce the cost of in-house capabilities:
MyCSO Advisor - Adds information risk management expertise to an organization's staff by providing one-on-one access to an expert in Information Security, Business Continuity, and Incident Response.
MyCSO Analyst - Provides 24x7x365 customized intrusion detection, security event management, log management, and security event correlation services.
MyCSO Assurance - A fully customized program that tackles the strategic objectives, as well as the tactical requirements, of an information security assurance program. MyCSO Assurance specifically addresses assessment, governance, awareness training, policies and procedures, incident response and day-to-day security operations management.
NCX Group's highly credentialed and skilled consultants are leaders in their fields of expertise with between 15 and 25 years experience. They hold the following certifications: CISSP, CISM, CISA, CSSA, CCIE, Certified EnCase Examiner, and Business Continuity Institute Fellow.
About NCX Group, Inc.
NCX Group, Inc. is a leading information risk management firm specializing in the assessment and mitigation of risk associated with today's technologies and business processes. Focused exclusively on the real-world information risk management requirements of small, midsize and divisions of Global 1000 companies, NCX Group offers information security, business continuity, incident response, and security event management services.
NCX Group is headquartered in Newport Beach, California. For more information about NCX Group, its services and offerings, visit http://www.ncxgroup.com.
Thursday, February 19, 2009
PeakData Services Expands Data Security Services to Asia
PeakData Services, Inc, a fast-growing IT provider dedicated to information security compliance and risk mitigation services, announced today that it has launched operations based in Hong Kong dedicated to serving customers in the Asia-Pacific region.
PeakData Services, Inc, a fast-growing IT provider dedicated to information security compliance and risk mitigation services, announced today that it has launched operations based in Hong Kong dedicated to serving customers in the Asia-Pacific region.
Leading PeakData Services Hong Kong Limited is General Manager Huy Nguyen, a 20-year IT veteran. Nguyen has worked primarily in the information storage segment in positions ranging from IT management to consulting services to business development. He joins PeakData Services from Independent IT Consulting where he provided advice and solutions in IT and infrastructure to C-level management.
Previously, he was a director, enterprise solutions, for the Global Solution Services group at Hitachi APAC. His role was to grow the professional services teams, their expertise and their market penetration. He was also part of the Hitachi global team to build its services portfolio.
The company's regional headquarters are located at the Lee Gardens, 33 Hysan Ave., Causeway Bay, Hong Kong.
"Information security concerns are at the forefront of IT organization agendas all over the world. Our primary focus is on data on disk media that has essentially outlived its useful economic life yet still poses a risk of breach if not handled properly," said Glenn Jacobsen, vice president and general manager of PeakData Services.
"We are seeing strong and growing demand for our services in Asia, particularly from multi-national organizations. Because they are subject to many varying regulations in the many countries in which they do business, they must take tremendous precautions with their sensitive data. We have found that our technology and experience "travels" well along with these companies' information technology operations," added Nguyen.
Nguyen said that the initial projects in Asia include secure disk destruction for a leading global financial entity with operations in eleven (11) countries across Asia.
About PeakData Services
PeakData Services, Inc. develops and delivers consulting and professional services that incorporate industry-leading people, products, tools, and methodologies to help companies mitigate risk by showing them how to store, protect, and manage their business-critical information more efficiently and cost-effectively. PeakData Services works directly with clients or through leading IT services partners such as Hitachi Data Systems and Sun Microsystems. PeakData Services is headquartered in Boulder County, Colorado, U.S.A. For further information please visit: www.peakdataservices.com.
PeakData Services, Inc, a fast-growing IT provider dedicated to information security compliance and risk mitigation services, announced today that it has launched operations based in Hong Kong dedicated to serving customers in the Asia-Pacific region.
Leading PeakData Services Hong Kong Limited is General Manager Huy Nguyen, a 20-year IT veteran. Nguyen has worked primarily in the information storage segment in positions ranging from IT management to consulting services to business development. He joins PeakData Services from Independent IT Consulting where he provided advice and solutions in IT and infrastructure to C-level management.
Previously, he was a director, enterprise solutions, for the Global Solution Services group at Hitachi APAC. His role was to grow the professional services teams, their expertise and their market penetration. He was also part of the Hitachi global team to build its services portfolio.
The company's regional headquarters are located at the Lee Gardens, 33 Hysan Ave., Causeway Bay, Hong Kong.
"Information security concerns are at the forefront of IT organization agendas all over the world. Our primary focus is on data on disk media that has essentially outlived its useful economic life yet still poses a risk of breach if not handled properly," said Glenn Jacobsen, vice president and general manager of PeakData Services.
"We are seeing strong and growing demand for our services in Asia, particularly from multi-national organizations. Because they are subject to many varying regulations in the many countries in which they do business, they must take tremendous precautions with their sensitive data. We have found that our technology and experience "travels" well along with these companies' information technology operations," added Nguyen.
Nguyen said that the initial projects in Asia include secure disk destruction for a leading global financial entity with operations in eleven (11) countries across Asia.
About PeakData Services
PeakData Services, Inc. develops and delivers consulting and professional services that incorporate industry-leading people, products, tools, and methodologies to help companies mitigate risk by showing them how to store, protect, and manage their business-critical information more efficiently and cost-effectively. PeakData Services works directly with clients or through leading IT services partners such as Hitachi Data Systems and Sun Microsystems. PeakData Services is headquartered in Boulder County, Colorado, U.S.A. For further information please visit: www.peakdataservices.com.
Subscribe to:
Posts (Atom)