Home Page

PTA Qualified Partners Directory

PTA Qualified Partners Directory is a world-wide list of expert security consulting groups with proven experience in using the Practical Threat Analysis methodology and tools for risk assessment and compliance projects. Feel free to contact one of our qualified partners for getting tips and assistance in your risk analysis missions and add value to your service proposition.

USA & North America:
Netsecuris Inc. - Security "one-stop shop".
Treadstone 71 - Focuses on prevention.
HolisticInfoSec.org - Sharing infosec content and resources.
JC Hanlon Consulting, Inc. - Information security for businesses.
Software Associates Ltd. - Software security specialists.
Africa:
Logiciel Information Security Solutions Ltd - Active lifecycle security.
Central America:
E.Diz Actuarial Services & Consulting - Statistics for strategic planning.
Nemesis - Security consultancy for information technologies.
England & Europe:
Help2 Information Security - Information security consultants.
Deloitte Turkey - Security and privacy services.
Control Policy Group - Information security management.
InfoSecur - IT security and cybercrime investigations.
Russia:
Pavel Khizhnyak Security Consulting - Experts of ISMS.
Israel & Middle East:
Open Solutions - Customer data protection.
Australia & Far East
VTechnologies P/L - Specialists in IT security reviews.
Thailand Productivity Institute - Achievements by means of productivity.

Contact Marina Radinovsky for more details on how to join the PTA Qualified Partner Program.

 

Netsecuris Inc is a premier provider of information security and technology support service since 2000. The company has the expertise to maintain and secure the most complex information technology systems used today and tomorrow.

Netsecuris partners with customers to assess threats to their organizations and improve the defensible position of their networks. A defensible network is an information architecture that is well maintained, closely monitored and controlled, as well as up to date.

Services provided are:

We use the Practical Threat Analysis methodology and product during our Risk Assessments services.


Contact  Leonard Jacobs MBA, CISSP, MCP, CSSA www.netsecuris.com at:

+1-952-641-1421

13278 Webster Avenue Savage, MN 55378

email: ljacobs@netsecuris.com

Treadstone 71 services improve the stability, maturity, and overall risk posture of your organization no matter how large or small. We are proven to drive down your security costs while enhancing your security posture and bringing your risk-based message to the boardroom.

Our services ensure you provide timely, reliable and cost effective security and risk management solutions that safeguard and protect information while using a holistic, defense in depth, risk-based approach to your program.

Treadstone 71 balances the effectiveness of the information protection required relative to the sensitivity of the data and the dollars available. We use the PTA toolset in our overall Risk Assessment efforts that traverse multiple offerings.

Treadstone 71 is owned and operated by Jeff Bardin. The company has experience in Aerospace, Federal Government, Insurance, Financial Services, Healthcare, Hospitality, Managed Service Providers, and Education. 
 

Contact Jeff Bardin www.treadstone71.com at:

1-888-687-8450     508.519.0363 Fax

email: info@treadstone71.com

Logiciel Information Security Solutions Ltd is an Information Security services firm offering a diverse portfolio of services including security training and certification, penetration testing, computer forensics as well as risk management and Practical Threat Analysis (including ISO27001).

Established in 2002 by experienced security professionals, Logiciel is independent of IT security vendors and their products, bringing the benefit of impartiality and allowing us to enable clients with the appropriate tools and knowledge necessary to secure their systems.

Information Security concerns all organizations to varying degrees and Logiciel's client list includes firms from the banking, telecom, oil, pharmaceutical and entertainment sectors. We focus on a risk management approach to engineer effective security solutions that enhance our clients’ operations. 
 

Contact Cyril Esedo, CTO www.logiciel-inc.com at:

+234-1-4738002    +234-1-7602038    +234-8053167189

13 Ayodeji Otegbola Street, Gbagada Phase 2, Lagos, Nigeria

email: cesedo@logiciel-inc.com

HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve InfoSec for all who seek to do so.

Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.

Holisticinfosec.org's Russ McRee incorporates Practical Threat Analysis as part of vulnerability research and penetration testing engagements.

 

Contact  Russ McRee at www.HolisticInfoSec.org

JC Hanlon Consulting, Inc. (JCHCI) is a premier security consulting and services firm reaching out to organizations of all sizes. Each member of our senior management team has practical experience working through real issues as security officers and operations managers from Fortune 150 companies to small enterprises. We provide a complete spectrum of security consulting and services including:

Our programs are based upon internationally accepted security standards and best practices (i.e. ISO27001/ISO27002, CoBiT, ITIL and others). While JCHCI embraces these standards and practices, it is our view that any practical solution must be articulated by our client’s business needs, culture, and economic situation.


Contact  James C. Hanlon Jr. , Chief Executive Officer  www.JCHCI.com at:

+1 (586) 435-6231     +1 (586) 435-6245 Fax

52611 Jessie Dr. Chesterfield, MI 48051-3719

email: info@JCHCI.com

Deloitte Turkey is a member firm of Deloitte Touche Tohmatsu. Deloitte Turkey provides its security services in 7 service lines, combining people, process and technology aspects of security in providing security management and technical security solutions:

We employ PTA as a practical tool in risk assessment phase of our security management engagements which is the most crucial component in any information security management system.


Contact  Deloitte Turkey Security & Privacy Services www.deloitte.com.tr at:

+90-212-366-63-02

email: tr.security@deloitte.com

E.Diz Actuarial Services & Consulting is considered as one of the first Venezuelan consulting groups with high technical level and expertise. The firm is engaged in actuarial and statistical consulting with more than 14 years in operation, providing each of our clients with professional risk assessment services and technical advice to warrant their best investment.

We implement a system of periodic visits to each of our clients’ sites (made by a senior officer) in order to asses the local concerns and provide quick mitigation to prioritized problems, thus maintaining a dynamic way of Practical Threat Analysis with the highest level of service and communication. With our advanced data processing simulation packages and PTA threat modeling and risk management tool, we follow up on the details of every process, and provide the best specific advisories that support and facilitate our clients’ decisions and asses the service received.

The company is specializing in serving the Banking, Finance, Electric Power, Insurance
Manufacturing and Petroleum industries. Among our clients are Shell, British Petroleum, CADAFE, Enerven, Enelbar, IESA, Banco Federal, Nestle, Chevron, Heinz, Raytheon Engineers, Avon and many other leading enterprises in Central America.

Contact Professor Evaristo Diz, CEO and Chief Analyst www.ediz.com.ve at:

+58-212-985.7207

+58-212-985.9675

email: evaristo_diz@ediz.com.ve

Help2 Information Security provides Information Security expertise around ISO27001. With over 9 years experience we can assist with all ISO27001 requirements, from SOA through to implementation. Having a qualified ISO27001 Lead Auditor (also MCP and CEH) allows us to tailor your requirements and ensure they are 100% compliant.

Help2 has extensive knowledge of various security products and is compiling a growing number of specific tools to aid customers security efforts. We use PTA Professional as part of our review process to highlight the risks in your systems. As we specialise in ISO27001 we utilise the ISO27001 library for PTA.

We have experience in the Investment and Retail Banking arenas and also within a UK Utility Company.

 

Contact  Steve Boydon, CEH, MCP, ISO 27001 Lead Auditor at www.help2.co.uk

VTechnologies P\L is an IT Systems Integration and Support company based in Queensland, Australia. We provide public and private sector clients with deep hands-on expertise in IT security, facilities, project and applications development as follows:

We employ the Practical Threat Analysis security methodology & tool to provide services in the Asia Pacific region providing clients with faster and more cost effective Security Threat & Risk Analysis services.


Contact  VTechnologies P\L www.vteks.com at:

+61-0413-308-205

PO Box 2064, Runcorn, QLD. 4113

email: info@vteks.com

InfoSecur is an independent consultancy firm specializing in IT security and investigations of cybercrime. The company is managed by Mr. Jindrich Hlavaty who has over 15 years of experience with IT security and cybercrime investigating.

InfoSecur implements standard-based Information Security Management System on the foundation of ISO 27000 family of standards and has great expertise in making audits of security systems. 

By virtue of using the Practical Threat Analysis security methodology & tool, InfoSecur provides professional and effective Security Threat & Risk Analysis services for clients in the Czech Republic and in Central Europe.

Contact  Jindrich Hlavaty www.infosecur.cz at:

Topolova 646, 28924 Milovice, Czech Republic.  

+420-776-166-833

email: info@infosecur.cz

Pavel Khizhnyak Security Consulting  - Specializes in threat analysis and security audit projects for leading banks and financial institutions in the Republic of Belarus. The firm has developed and implemented a full international standard-based Information Security Management System based on PTA Professional infrastructure and calculative engine. The solution is implemented in full conformity with PCI DSS and ISO 27001 and the ISO 17799 standards.

Pavel Khizhnyak has an impressive experience in information security and is well familiar with the special needs of financial organizations regarding the protection of their clients’ data integrity and confidentiality. Pavel will be happy to share his experience with PTA users world-wide.

Contact Chief Analyst, Belarus - Pavel Khizhnyak at:

+375 (296) 511-323

email: isec.consulting@gmail.com

Software Associates Ltd. is a professional global consultancy that works with companies seeking to reduce their security costs. Our expertise enables a business to analyze, mitigate and optimize their operational risk.

Software Associates IT Audit programs are specially tailored for C-level executive staff at publicly-traded companies that must comply with Sarbanes-Oxley and financial institutions that must comply with Basel-II or Solvency-II for insurance companies.

Our operational risk management methodology employs PTA for quantitative threat modeling of critical business functions in order to ensure that the model is a robust reflection of reality. Our recommendations for optimized risk mitigation plans are stated in dollars, in a language that senior executives and the board can understand. We work with our executive staff clients throughout the entire life cycle of operational risk management from data collection, through risk modeling, mitigation and monitoring of risk profile. We supervise implementation of security countermeasures and delivery of timely reporting of risk control costs and implementation status.

Contact the Software Associates sales information center at:

+1-301-841-7122

+972-8-970-1485 (Outside the US)

email: sales@software.co.il

Nemesis, Gobierno y Seguridad en Tecnologias de la Información is a world-class security service consultancy for information technologies located at Mexico City:

All our services are based on practical threat risk assessment to avoid unnecessary controls, costs, and stressing to the organization. Our services cover the following:

Contact  Jose Luis Aparicio C. CISA, CISM www.auditor-ti.com at:

+52-55-5896-3176

email: jlaparicio@auditor-ti.com or lmorenor@auditor-ti.com

Control Policy Group - Experts in PTA and ISO 27001/2 standard to help client assess enterprise risk and build sustainable information security management framework. Such way is accepted by client as logical because final responsibility for IT risk lies with security officer who reports to management board in Poland.

Security officer must show that policies, plans and procedures, skills and expertise training operate in such way that responsibility and accountability follows hierarchy of organization from line operation to board level.

Due to internal regulations "big" prospects like insurance companies and telecom providers must comply with standard risk assessment of Information Security Management BS 7799.2:2002/ ISO 27001/27002 and prove that institution has set out the organisational approach to managing information security. Contact us for more information.

Contact Sales manager, Poland - Maciej Lewandowski www.controlpolicy.com at:

+48-608-293030

email: maciej.l@controlpolicy.com

Open Solutions knows that most data security breaches stem from internal, not external threats. A younger, hip, technology-savvy workforce, organized crime, and poor hiring and screening practices are the key contributors to employee fraud.

The founders have been involved in the field of trusted insider threats and data leakage since 2002 and have practical hands-on experience with commercial organizations of all sizes in the US, Middle East and Europe. Open Solutions eRisk(TM) is a 48 hour data security risk assessment that uses PTA and Fidelis Security Systems XPS to monitor outgoing traffic and build a clear picture of threats that exploit vulnerabilities of critical customer data assets.

Open Solutions PTA for PCI DSS package is an ideal solution for consultants to performance cost-effective PCI compliance audits for smaller merchants.

Contact  Yuval Avital, VP Business Development for projects and partnerships www.opensolutions.co.il at:

+972-525-311-790

email: yuvala@opensolutions.co.il

Thailand Productivity Institute - Training and consulting services: defend, support and promote a principle of productivity.

Due to the Computer Crime law, many firms in Thailand need experts and security solutions to help them comply with the regulation. ISO/IEC 27001- Information Security Management is used in a wide range of industries and government institutions to provide confidentiality integrity and availability. Security breaches raise security awareness among CIO and non-IT professionals to protect information assets properly. 

We use PTA as a great tool to manage risks identified in the scope of ISMS implementation.
Ease of use and very nice ISO27001 library help us save more time to reduce things to do in risk assessment process. PTA also generates very good reports in many views which help manage risks based on analyzed data.

Contact  Pryn Sereepong, ISMS/ISO27001 Lead auditor www.ftpi.or.th at:

12-15th fl. Yakult Building 1025 Pahonyothin Rd. Bangkok 10400 Thailand.  

+66-2-6195500

email: pryn@ftpi.or.th

 

***

 

 PTA Professional Forum
Home Page