Security Affiliations
In addition to providing resources to charitable organizations, our leaders also hold key positions within many leading industry and business organizations that improve area business climates and the Information Security industry. Many of our employees, executives and C-level leaders devote substantial resources to organizations such as ISACA, ISSA, Entrepreneurial Exchange, and the High Technology Crime Investigation Association.
ISSA - National Corporate Member
The Information Systems Security Association (ISSA) ® is a not-for-profit international organization of information security professionals and practitioners. Through its membership, ISSA helps security professionals learn about information security issues and trends, which promotes education, collaboration, and leadership to further the information security profession.
ISACA - National Corporate Member
The Information Systems Audit and Control Association (ISACA) ® is a not-for-profit international organization of information security professionals and practitioners. ISACA membership enhances security professionals' creditability and capability by providing them the information, education, tools, and techniques which promotes collaboration, and leadership to further the information security profession.
OWASP - Organization Supporter
The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software by finding and fighting the causes of insecure software. The OWASP application security community is formed by individuals, educators and commercial organizations that works together to create materials, tools, and technologies that support application security.
PCI Security Standards Council (SSC) - Approved as ASV, QSA, PA-QSA and PFI provider
The Payment Card Industry Security Standards Council, or PCI SSC – often termed simply “the Council” – is an open global forum, launched in 2006, that develops, maintains and manages the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements. Our standards cover everything from the point of entry of card data into a system, to how the data is processed, through secure payment applications. We seek to protect and educate industry players such as merchants, processors, financial institutions, and any other organizations that store, process, and transmit cardholder data, around the world.
The Council works to educate stakeholders about the PCI Security Standards, operates programs to train and qualify security professionals in assessing and achieving compliance with PCI Security Standards, and promotes awareness of the need for payment data security to the public. .
PCI Forensic Investigator (PFI) - Approved by the PCI Security Standards Council (SSC) as one of three PFI Investigators in North America
The PCI Forensic Investigator (PFI) program establishes and maintains the rules and requirements regarding eligibility, selection and performance of companies that provide forensic investigation services to ensure they meet PCI Security Standards. The PFI program aims to help simplify and expedite procedures for approving and engaging forensic investigators by; aligning payment card brand requirements for forensic investigators, maintaining one list, sanctioned by all PCI payment card brands, of approved forensic investigators for compromised entities to choose from, and providing guidance on how investigations are to be conducted and reported. The PCI PFI program supplants existing requirements and lists managed by payment card brands, to be retired on February 28, 2011. At that time, affected payment card brands will require that compromised entities engage only approved PCI Forensic Investigators.
Shared Assessments - Leading Organization Member
Shared Assessments was created by leading financial institutions, the Big 4 accounting firms, and key service providers to inject standardization, consistency, speed, efficiency and cost savings into the service provider assessment process. The Shared Assessments organization develops tools, techniques, and industry-standard practices to improve risk management effectiveness.
USSS National Electronic Crimes Task Force (ECTF) - National Member
On October 26, 2001, President Bush signed into law H.R. 3162, the USA PATRIOT Act. The U.S. Secret Service was mandated by this Act to establish a nationwide network of Electronic Crimes Task Forces (ECTFs). The concept of the ECTF network is to bring together not only federal, state and local law enforcement, but also prosecutors, private industry and academia. The common purpose is the prevention, detection, mitigation and aggressive investigation of attacks on the nation's financial and critical infrastructures.
The Secret Service's ECTF and Electronic Crimes Working Group initiatives prioritize investigative cases that involve electronic crimes. These initiatives provide necessary support and resources to field investigations that meet any one of the following criteria:
- Significant economic or community impact
- Participation of organized criminal groups involving multiple districts or transnational organizations
- Use of schemes involving new technology
High Technology Crime Investigation Association (HTCIA) - Member & Consultant
The High Technology Crime Investigation Association (HTCIA) is designed to encourage, promote, aid and effect the voluntary interchange of data, information, experience, ideas and knowledge about methods, processes, and techniques relating to investigations and security in advanced technologies among its membership.