Cybersecurity and information resilience
Did you know:
- In 2013, the cost of cyber-crime in the U.S. was approximately $100 billion?*
- In 2016, the annual cost of cyber-crime globally was approximately $500 billion?**
- By 2019, cyber-crime costs are projected to reach $2 trillion?***
*Wall Street Journal
***Juniper Research, 2016
The cost of cyber-crime quadruples every four years
Cyber-crime costs the global economy hundreds of billions of dollars per annum and increases year on year. We can help you to minimize the risks.
We have a team of information resilience experts who understand global information security and work with clients like you each day to protect their businesses.
As well as internationally recognized standards such as ISO/IEC 27001 Information Security Management, we also offer additional services that can help you to combat cyber threats.
We recently acquired Espion - cyber security and information resilience experts - and Info Assure - information security specialists. Both have allowed us to grow our team of experts in this area, and we can help clients with a wide range of information security issues from payment card industry data security standards (PCI DSS) to penetration testing, vulnerability assessments to data protection, and much more.
Whatever your priorities, we'll guide you through compliance and certification, help you to become more resilient, and keep up to date, including with the new General Data Protection Regulation (GDPR) which will be in effect from 25th May 2018.
Browse the information below to find out more about the areas we can help you with.
PCI DSS - Payment card industry
The Payment Card Industry Data Security Standard (PCI DSS) is the global standard for securing payment card data. It's a set of security controls managed by the PCI Security Standards Council (PCI SSC), and developed by a body of experts from the international payment card brands (VISA, MasterCard, JCB, AMEX and Discover) to help prevent credit card data breach.
This data security standard provides a set of requirements to help protect cardholder data, taking into consideration the people, processes and technologies involved in payment card processing systems. It focuses on security management, policies, procedures, system configurations and secure software design.
Data protection (GDPR)
Data protection has never been as important as it is today. New EU regulations (EU GDPR), soon to be implemented will place significant legal responsibilities on organizations that collect, store or process data.
For the first time, monetary sanctions of up to 4% of global annual turnover will apply to breaches of the regulation.
We understand the value of data to your business, and the serious implications of a data breach.
We can help you to:
- Apply best practice in achieving and maintaining compliance with EU Data Protection standards across differing regulatory environments
- Plan and implement measures in preparation for the proposed new EU regulation
A vulnerability assessment is an automated assessment designed to identify vulnerabilities in an organization’s IT systems.
Vulnerability assessments are performed using BSI Espion’s industry standard scanning tools and systems. This assessment differs from a penetration test as it is performed by an automated solution which typically does not include manual testing.
Performing vulnerability scans will help ensure that known vulnerabilities are identified and addressed in a timely manner, thus reducing an organization’s risk exposure to an acceptable level.
Our penetration testing services include:
- Web and mobile application penetration testing
- Internal penetration testing
- External infrastructure penetration testing
- Web service penetration testing
Our experienced team are trained to get inside the mind of an attacker and use an exhaustive set of tools to perform and imitate an attack.
We are CREST accredited for penetration testing. This places us as part of an elite group of companies who demonstrate the highest levels of security testing standards.
End user security awareness
Within the last calendar year, 77% of companies have experienced a phishing attack, and 58% of organizations say this type of attack is increasing.
Furthermore, nearly 80% of all malware attacks come from phishing attempts.
At BSI, we partner with Gartner Leader, Wombat Security, to help organizations educate and support their staff with security awareness training. In Gartner’s latest publication (October 2016) of the “Magic Quadrant for Security Awareness Computer-Based Training” Wombat Security Technologies continue to lead the way in security awareness training. See image below:
Employees are the weakest link in your security chain, and increasingly we see the majority of breaches being traced back to employee behaviour.
We partner with Wombat Security, to help organizations educate and support their staff with security awareness training.