Cybersecurity and Information Resilience

The Payment Card Industry Data Security Standard (PCI DSS) is the global standard for securing payment card data. It's a set of security controls managed by the PCI Security Standards Council (PCI SSC), and developed by a body of experts from the international payment card brands (VISA, MasterCard, JCB, AMEX and Discover) to help prevent credit card data breach.

This data security standard provides a set of requirements to help protect cardholder data, taking into consideration the people, processes and technologies involved in payment card processing systems. It focuses on security management, policies, procedures, system configurations and secure software design.

Our penetration testing services include:

• Web and mobile application penetration testing
• Internal penetration testing
• External infrastructure penetration testing
• Web service penetration testing 

Our experienced team are trained to get inside the mind of an attacker and use an exhaustive set of tools to perform and imitate an attack.

We are CREST accredited for penetration testing. This places us as part of an elite group of companies who demonstrate the highest levels of security testing standards.

Data protection has never been as important as it is today. New EU regulations (EU GDPR), soon to be implemented will place significant legal responsibilities on organizations that collect, store or process data.

For the first time, monetary sanctions of up to 4% of global annual turnover will apply to breaches of the regulation.

We understand the value of data to your business, and the serious implications of a data breach.

We can help you to: 

• Apply best practice in achieving and maintaining compliance with EU Data Protection standards across differing regulatory environments
• Plan and implement measures in preparation for the proposed new EU regulation

A vulnerability assessment is an automated assessment designed to identify vulnerabilities in an organization’s IT systems.

Vulnerability assessments are performed using BSI Espion’s industry standard scanning tools and systems. This assessment differs from a penetration test as it is performed by an automated solution which typically does not include manual testing. 

Performing vulnerability scans will help ensure that known vulnerabilities are identified and addressed in a timely manner, thus reducing an organization’s risk exposure to an acceptable level.

Within the last calendar year, 77% of companies have experienced a phishing attack, and 58% of organizations say this type of attack is increasing. 

Furthermore, nearly 80% of all malware attacks come from phishing attempts.

At BSI, we partner with Gartner Leader, Wombat Security, to help organizations educate and support their staff with security awareness training. In Gartner’s latest publication (October 2016) of the “Magic Quadrant for Security Awareness Computer-Based Training” Wombat Security Technologies continue to lead the way in security awareness training. See image below:

Employees are the weakest link in your security chain, and increasingly we see the majority of breaches being traced back to employee behaviour.

We partner with Wombat Security, to help organizations educate and support their staff with security awareness training.