Home Page

PTA Qualified Partners Directory

PTA Qualified Partners Directory is a world-wide list of expert security consulting groups with proven experience in using the Practical Threat Analysis methodology and tools for risk assessment and compliance projects. Feel free to contact one of our qualified partners for getting tips and assistance in your risk analysis missions and add value to your service proposition.

USA & Canada:
Stuart Hall Technologies - Evaluate operational vulnerabilities.
InfoWire - Know your security risk level.
Netsecuris Inc. - Security "one-stop shop".
Treadstone 71 - Focuses on prevention.
HolisticInfoSec.org - Sharing infosec content and resources.
JC Hanlon Consulting, Inc. - Information security for businesses.
Software Associates Ltd. - Software security specialists.
OPSEC Risk Management Services Inc. - Integrity, ability and attention to details.
UK & West Europe:
Securm Ltd. - Hedging your risk.
Information Assurance Strategies Ltd. - Information security by design.
Sertytude Ltd. - Business protection and security.
Help2 Information Security - Information security consultants.
Deloitte Turkey - Security and privacy services.
Control Policy Group - Information security management.
InfoSecur - IT security and cybercrime investigations.
East Europe:
Pavel Khizhnyak Security Consulting - Experts of ISMS.
China:
ChinaITSMS - Risk assessment services.
India:
VISTA InfoSec - Avenues in information security and networks.
Africa:
Digital Encode - Realize your business potential.
Logiciel Information Security Solutions Ltd - Active lifecycle security.
Central & South America:
E-SERVI - Inventing the future.
E.Diz Actuarial Services & Consulting - Statistics for strategic planning.
Nemesis - Security consultancy for information technologies.
Israel & Middle East:
Open Solutions - Customer data protection.
Australia & Far East
VTechnologies P/L - Specialists in IT security reviews.
Management Solutions (HK) Ltd. - Specializes in Risk Management services.
Thailand Productivity Institute - Achievements by means of productivity.

The PTA Qualified Partner Program is intended for security consultants and expert advisors who are already members of the PTA Free Program and wish to enhance their PTA based risk assessment projects. It enables security consulting companies to install PTA on several workstations in their offices as well as at their clients' sites and get premium support for their customers.  Contact Marina Radinovsky for more details on how to join the PTA Qualified Partner Program and showcase your risk analysis expertise in this directory.

Netsecuris Inc is a premier provider of information security and technology support service since 2000. The company has the expertise to maintain and secure the most complex information technology systems used today and tomorrow.

Netsecuris partners with customers to assess threats to their organizations and improve the defensible position of their networks. A defensible network is an information architecture that is well maintained, closely monitored and controlled, as well as up to date.

Services provided are:

We use the Practical Threat Analysis methodology and product during our Risk Assessments services.


Contact  Leonard Jacobs MBA, CISSP, MCP, CSSA www.netsecuris.com at:

+1-952-641-1421

13278 Webster Avenue Savage, MN 55378

email: ljacobs@netsecuris.com

Treadstone 71 services improve the stability, maturity, and overall risk posture of your organization no matter how large or small. We are proven to drive down your security costs while enhancing your security posture and bringing your risk-based message to the boardroom.

Our services ensure you provide timely, reliable and cost effective security and risk management solutions that safeguard and protect information while using a holistic, defense in depth, risk-based approach to your program.

Treadstone 71 balances the effectiveness of the information protection required relative to the sensitivity of the data and the dollars available. We use the PTA toolset in our overall Risk Assessment efforts that traverse multiple offerings.

Treadstone 71 is owned and operated by Jeff Bardin. The company has experience in Aerospace, Federal Government, Insurance, Financial Services, Healthcare, Hospitality, Managed Service Providers, and Education. 
 

Contact Jeff Bardin www.treadstone71.com at:

1-888-687-8450     508.519.0363 Fax

email: info@treadstone71.com

 

OPSEC Risk Management Services Inc is a professional security consulting firm, established in 2000 by a group of senior security managers and government consultants who pride themselves on their integrity, ability and attention to details. Based in the Greater Toronto Area, we are focused on information security, digital forensics, and electronic evidence support services.

OPSEC specializes in risk and security management; we have been formally trained by law enforcement, government agencies and world leading security organizations to reduce your risk. We offer full technical support capabilities to support your organization and provide the following Threat related services:

 

Contact  Blair Brown, MSc, CPP, CISSP, CCE , President  www.opsec.ca at:

+1-905-428-3549 Phone, Fax

1-866-890-6105 Fax

email: info AT opsec DOT ca

InfoWire is an international compliance and security service consultancy located in Royal Oak, Michigan. We provide security management and technical security solutions to Financial Services, Healthcare, Government and Education sectors. 

Professional Services provided are:

We also provide the following Managed Services:

We employ security and risk assessment methodologies, standards and regulations with PTA - Practical Threat Analysis for Cobit, ISO 27001, Sarbanes Oxley and NIST.


Contact  Ron Kayani, CISA, CISSP  www.infowire.com at:

+1-877 -INFOWIRE(463-6947)

email: info@infowire.com

HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve InfoSec for all who seek to do so.

Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.

Holisticinfosec.org's Russ McRee incorporates Practical Threat Analysis as part of his vulnerability research and penetration testing engagements.

 

Contact  Russ McRee at www.HolisticInfoSec.org

Stuart Hall Technologies' highly experienced information security experts have the focused expertise to effectively identify and evaluate vulnerabilities in your daily operations.

Our security review, which employs the PTA tool, identifies inefficient controls, sensitive resources and databases, and vulnerabilities in your internal and external networks. We then deploy a comprehensive methodology that is customized to the specific needs and infrastructure of your organization.

After conducting your information security assessment, we will summarize our findings and provide you with recommendations for closing security loopholes and vulnerabilities. Commensurate with this, we will transfer our knowledge of best practices to professionals in your organization so your staff quickly becomes knowledgeable and productive with new security solutions, policies and procedures.

 

Contact Jason Hall, Senior Enterprise Consultant www.shtechnologies.net at:

+1 (215) 619 - 0365

email: Jason.Hall@shtechnologies.net

JC Hanlon Consulting, Inc. (JCHCI) is a premier security consulting and services firm reaching out to organizations of all sizes. Each member of our senior management team has practical experience working through real issues as security officers and operations managers from Fortune 150 companies to small enterprises. We provide a complete spectrum of security consulting and services including:

Our programs are based upon internationally accepted security standards and best practices (i.e. ISO27001/ISO27002, CoBiT, ITIL and others). While JCHCI embraces these standards and practices, it is our view that any practical solution must be articulated by our client’s business needs, culture, and economic situation.


Contact  James C. Hanlon Jr. , Chief Executive Officer  www.JCHCI.com at:

+1 (586) 435-6231     +1 (586) 435-6245 Fax

52611 Jessie Dr. Chesterfield, MI 48051-3719

email: info@JCHCI.com

Securm Ltd. are an Information Security Risk management consultancy firm. We can take your organization from nothing to full ISO27001 certification (using a UKAS accredited auditor to achieve certification). Additionally we provide the following services:

We complete ISO27001 implementation work for all types of companies, in addition to this we also do Business Continuity Implementation, Penetration Testing, Data Destruction, and IT Security Training and Awareness. We use the PTA (Practical Threat Analysis) tool to assist us with our Risk Assessments during our implementation programs for ISO27001 and BS22999.

Please visit our website for more information. If you wish to learn more about ISO27001 then please download our Directors Briefing paper at the following link.

Contact  Lee Barney, CISSP, CEH, MCSE, CITP, Director  www.securm.co.uk at:

Tel: +44 (0)800 612 4074      Fax: +44 (0)207 193 669    Fax: +44 (0)207 183 2222

Securm Ltd, Suite 90, Lansdowne Row, Mayfair, London W1J 6HL, United Kingdom

Securm Ltd, Fairbourne Drive, Atterbury, Milton Keynes, MK10 9RG, United Kingdom

email: info@securm.co.uk

IAS - Information Assurance Strategies Ltd. works with you to identify what information you store, use or move and will develop a strategy that when implemented will allow your department or business to reduce the risks associated with the security of the information and to demonstrate compliance with relevant Legislation and Regulations.

Understanding Information Assurance requirements as they affect you, your department or business and developing a strategy to deal with these issues is key to successful growth and development.

Our service offering is simple:

Contact  Roy Isbell, MSc, IEng, FIET, FBCS, CITP  www.iasltd.biz at:

Tel: +44 1530 249620     Fax: +44 1530 249623    Mob: +44 7860 189282 

Grace Dieu House, Forest Fields, Thornton Lane, Markfield, Leics, LE67 9RP, United Kingdom

Skype: tunernorth

email: info@iasltd.biz

Sertytude Ltd. is a global business consulting firm active in business protection and security. We help management take strategic decisions understanding their risks, protecting their assets, tangible and intangible, and exploiting covert and open risk areas.

Companies that care about increasing their value like to work with us; we are as passionate about their results as they are. Whether preparing for facing potential crisis or need to assess compliance or security level, Sertytude addresses needs with a strategic view, a global approach and a practical outcome that can be immediately used to solve potential immediate issues.

Practical field where we are actively helping customers and employ the PTA methodology and tool include: PCI DSS compliance, fraud management, anti-counterfeit, supply chain security, IT Security and Threat Risk Assessment.

Sertytude is present with its headquarters in London and with an operative branch in Italy, and works with collaborators and partners on global projects.


Contact  Massimo Cotrozzi, Vice President & Executive Director www.sertytude.com at:

+44-8448-930-812

2nd Floor - 50 Gresham Street, London, EC2V 7AY, United Kingdom

+39-0289-011-933

15 Via Cesare Battisti, 20121, Milano, Italia

email: email@sertytude.com

E-SERVI provides quality IT services and specializes in Web solutions for small and medium companies. Our team is built of multidisciplinary professionals who are responsible for the design and development of websites software.

We identify and integrate the appropriate technological development tools and support the various information technology architectures and environments for the benefit of our clients. The detailed coordinates management methods we use enable our customers to monitor all factors involved in the development process from the design to the delivery e.g. human resources, environment aspects, time-tables, customers and suppliers inputs as well as evaluation of the project's financials, results, profitability and users satisfaction.

We use the PTA Professional Edition methodology and threat risk assessment tool for offering strong and non intrusive information assurance compliance and consulting within the scope of our projects.

Contact Rulfo Quintero, CIO, Co-founder and engineer www.e-servi.com at:

(+571) 810 2046

Bogota - Colombia

email: rulfo@e-servi.com

Deloitte Turkey is a member firm of Deloitte Touche Tohmatsu. Deloitte Turkey provides its security services in 7 service lines, combining people, process and technology aspects of security in providing security management and technical security solutions:

We employ PTA as a practical tool in risk assessment phase of our security management engagements which is the most crucial component in any information security management system.


Contact  Deloitte Turkey Security & Privacy Services www.deloitte.com.tr at:

+90-212-366-63-02

email: tr.security@deloitte.com

E.Diz Actuarial Services & Consulting is considered as one of the first Venezuelan consulting groups with high technical level and expertise. The firm is engaged in actuarial and statistical consulting with more than 14 years in operation, providing each of our clients with professional risk assessment services and technical advice to warrant their best investment.

We implement a system of periodic visits to each of our clients’ sites (made by a senior officer) in order to asses the local concerns and provide quick mitigation to prioritized problems, thus maintaining a dynamic way of Practical Threat Analysis with the highest level of service and communication. With our advanced data processing simulation packages and PTA threat modeling and risk management tool, we follow up on the details of every process, and provide the best specific advisories that support and facilitate our clients’ decisions and asses the service received.

The company is specializing in serving the Banking, Finance, Electric Power, Insurance
Manufacturing and Petroleum industries. Among our clients are Shell, British Petroleum, CADAFE, Enerven, Enelbar, IESA, Banco Federal, Nestle, Chevron, Heinz, Raytheon Engineers, Avon and many other leading enterprises in Central America.

Contact Professor Evaristo Diz, CEO and Chief Analyst www.ediz.com.ve at:

+58-212-985.7207

+58-212-985.9675

email: evaristo_diz@ediz.com.ve

Management Solutions (HK) Ltd. specializes in Risk Management services including Business Continuity Management and Planning (BS25999), Disaster Recovery, Information Security Management Systems (ISO27001) and other risk related areas such as Health & Safety, Environmental (ISO14001).

We employ PTA - the Practical Threat Analysis methodology and tool in our Risk Management services as well as in our Business Risk Reduction activities which relate to business issues impacting the overall organization of our clients e.g. staff turnover problems / competition / new products etc.

The company is registered in Hong Kong and has its offices in the Philippines where it partners with Macro Vision Consultancy (Philippines). Mr. John Broome, the managing director of the company has over 15 years of intensive experience working in management systems and ISO27001 certifications and the team has a wide experience in all risk systems and BCM. 
 

Contact John Broome, Managing Director www.msl-global.com at:

+63 (0) 915 4101 553    +63 (046) 686 4145   

Skype: johnrbhk

email: john.broome@yahoo.com

Help2 Information Security provides Information Security expertise around ISO27001. With over 9 years experience we can assist with all ISO27001 requirements, from SOA through to implementation. Having a qualified ISO27001 Lead Auditor (also MCP and CEH) allows us to tailor your requirements and ensure they are 100% compliant.

Help2 has extensive knowledge of various security products and is compiling a growing number of specific tools to aid customers security efforts. We use PTA Professional as part of our review process to highlight the risks in your systems. As we specialize in ISO27001 we utilize the ISO27001 library for PTA.

We have experience in the Investment and Retail Banking arenas and also within a UK Utility Company.

 

Contact  Steve Boydon, CEH, MCP, ISO 27001 Lead Auditor at www.help2.co.uk

Digital Encode Ltd. offers Information Security Services as well as Penetration Testing, Vulnerability Assessment and Training. Our clients are in the top 100 companies in these parts ranging from Banks to Pension Funds companies, Manufacturing and Oil and Gas. The strong background of our employees and our experience in the Information Technology world makes us a valuable partner for your next project.

We are complementing our service offerings with the introduction of a risk management framework. The PTA - Practical Threat Analysis methodology, modeling and reporting capabilities were found as good fit for this purpose.

Since threat analysis and modeling has become a major headache for most organizations and institutions as they are faced with regulatory compliance, we have built a training curriculum based on the PTA platform together with our local support for the benefit of our clients. 
 

Contact Obadare Peter Adewale www.digitalencode.net at:

        186 Igbosere Street, Lagos Island, Lagos, Nigeria

+234-1-7237689    Mobile: +080-233-16951

email: wale@digitalencode.net

VTechnologies P\L is an IT Systems Integration and Support company based in Queensland, Australia. We provide public and private sector clients with deep hands-on expertise in IT security, facilities, project and applications development as follows:

We employ the Practical Threat Analysis security methodology & tool to provide services in the Asia Pacific region providing clients with faster and more cost effective Security Threat & Risk Analysis services.


Contact  VTechnologies P\L www.vteks.com at:

+61-0413-308-205

PO Box 2064, Runcorn, QLD. 4113

email: info@vteks.com

InfoSecur is an independent consultancy firm specializing in IT security and investigations of cybercrime. The company is managed by Mr. Jindrich Hlavaty who has over 15 years of experience with IT security and cybercrime investigating.

InfoSecur implements standard-based Information Security Management System on the foundation of ISO 27000 family of standards and has great expertise in making audits of security systems. 

By virtue of using the Practical Threat Analysis security methodology & tool, InfoSecur provides professional and effective Security Threat & Risk Analysis services for clients in the Czech Republic and in Central Europe.

Contact  Jindrich Hlavaty www.infosecur.cz at:

Topolova 646, 28924 Milovice, Czech Republic. 

+420-776-166-833

email: info@infosecur.cz

ChinaITSMS was founded in 2004 by four partners and consists of four groups. Each group is lead by a partner and focuses on one of the following: IT Consulting, Training, Professional Services and Auditing. Among our customers are BearingPoint GDC (China), Unisys GDC (China), China Finance Exchange, China Telecom, China Netcom, Baosight Software and Dawnpro. ChinaITSMS provides IT services for China's top three automobile manufacturers and top first steel industry company.

The IT consulting group is managed by 8 active professional consultants. The consulting service includes Information Security Management and IT Service Management (ISMS/ITSMS). Risk assessment is the core contents of the ISMS offering – we supply our customers the knowledge and the tools needed for identifying and controlling the risks in their systems.

We use the PTA (Practical Threat Analysis) solution for constructing and implementation of the threat risk assessment process and for storing and managing our customers’ information assets, risks and related documentation. We also use PTA for risk management of FEMA, ISO27001, ISO20000 and other types of risk analysis projects. 

Contact  Dr. Guo Yingkai www.chinaitsms.com at:

Suite 16GH, Zhaofeng Universal Building, No.1800 Weast Zhongshan road, Shanghai, China. 

+86-135-64361522

email: guoyk@chinaitsms.com

VISTA InfoSec Ltd. is a multi service, multi location, professional IT consulting organization based in Mumbai, India with branches in Pune-India, Muscat, Colombo-SriLanka & Toronto-Canada.

The company provides a wide range of services ranging from ISO27001 implementation, PCI-DSS implementation, ISO20000 implementation, Information security audits, Ethical hacking, SOX compliance audits to Technology Design, Implementation & Training.

We provide totally unbiased vendor neutral consulting services, with all its recommendations based on a detailed cost-benefit analysis and the use of PTA Practical Threat Analysis methodology for finding the most cost-effective risk mitigations.

For many companies, information security and networks affects the bottom line and can ultimately mean the difference between success and failure. We can be your complete outsourcing partner and provide an efficient and effective Plan, Build and Operate solution to enable you to focus on your core competency. 

Contact  Narendra S. Sahoo, Director  www.vistainfosec.com at:

2/203,Vahatuk Nagar Caesar Road ,Amboli, Andheri(W), Mumbai, Maharasthra 400058, India. 

Tel: +91-22-65236292    +91-22-26772450    Mobile: +91-98-20223497

email: narendra.sahoo@vistainfosec.com

Pavel Khizhnyak Security Consulting  - Specializes in threat analysis and security audit projects for leading banks and financial institutions in the Republic of Belarus. The firm has developed and implemented a full international standard-based Information Security Management System based on PTA (Practical Threat Analysis) professional software tool infrastructure and calculative engine. The solution is implemented in full conformity with PCI DSS and ISO 27001 and the ISO 17799 standards.

Pavel Khizhnyak has an impressive experience in information security and is well familiar with the special needs of financial organizations regarding the protection of their clients’ data integrity and confidentiality. Pavel will be happy to share his experience with PTA users world-wide.

Contact Chief Analyst, Belarus - Pavel Khizhnyak at:

+375 (296) 511-323

Republic of Belarus

email: isec.consulting@gmail.com

Software Associates Ltd. is a professional global consultancy that works with companies seeking to reduce their security costs. Our expertise enables a business to analyze, mitigate and optimize their operational risk.

Software Associates IT Audit programs are specially tailored for C-level executive staff at publicly-traded companies that must comply with Sarbanes-Oxley and financial institutions that must comply with Basel-II or Solvency-II for insurance companies.

Our operational risk management services employs the Practical Threat Analysis methodology and suite of risk assessment tools for quantitative threat modeling of critical business functions in order to ensure that the model is a robust reflection of reality. Our PTA derived recommendations for optimized risk mitigation plans are stated in dollars, in a language that senior executives and the board can understand. We work with our executive staff clients throughout the entire life cycle of operational risk management from data collection, through risk modeling, mitigation and monitoring of risk profile. We supervise implementation of security countermeasures and delivery of timely reporting of risk control costs and implementation status.

Contact the Software Associates sales information center at:

+1-301-841-7122

+972-8-970-1485 (Outside the US)

email: http://www.software.co.il/contact-us.html

Logiciel Information Security Solutions Ltd is an Information Security services firm offering a diverse portfolio of services including security training and certification, penetration testing, computer forensics as well as threat risk assessment and risk management with the Practical Threat Analysis methodology and tool (including ISO27001).

Established in 2002 by experienced security professionals, Logiciel is independent of IT security vendors and their products, bringing the benefit of impartiality and allowing us to enable clients with the appropriate tools and knowledge necessary to secure their systems.

Information Security concerns all organizations to varying degrees and Logiciel's client list includes firms from the banking, telecom, oil, pharmaceutical and entertainment sectors. We focus on a risk management approach to engineer effective security solutions that enhance our clients’ operations. 
 

Contact Cyril Esedo, CTO www.logiciel-inc.com at:

+234-1-4738002    +234-1-7602038    +234-8053167189

13 Ayodeji Otegbola Street, Gbagada Phase 2, Lagos, Nigeria

email: cesedo@logiciel-inc.com

 

Nemesis, Gobierno y Seguridad en Tecnologias de la Información is a world-class security service consultancy for information technologies located at Mexico City:

All our services are based on PTA practical threat risk assessment to avoid unnecessary controls, costs, and stressing to the organization. Our services cover the following:

Contact  Jose Luis Aparicio C. CISA, CISM www.auditor-ti.com at:

+044-55-2116-3227

email: jlaparicio@prodigy.net.mx

The Control Policy Group - Experts in Practical Threat Analysis with the PTA tool and the ISO 27001/2 standard security library to help client assess enterprise risk and build sustainable information security management framework. Such way is accepted by client as logical because final responsibility for IT risk lies with security officer who reports to management board in Poland.

Security officer must show that policies, plans and procedures, skills and expertise training operate in such way that responsibility and accountability follows hierarchy of organization from line operation to board level.

Due to internal regulations "big" prospects like insurance companies and telecom providers must comply with standard risk assessment of Information Security Management BS 7799.2:2002/ ISO 27001/27002 and prove that institution has set out the organizational approach to managing information security. Contact us for more information.

Contact Sales manager, Poland - Maciej Lewandowski www.controlpolicy.com at:

+48-608-293030

email: maciej.l@controlpolicy.com

Open Solutions knows that most data security breaches stem from internal, not external threats. A younger, hip, technology-savvy workforce, organized crime, and poor hiring and screening practices are the key contributors to employee fraud.

The founders have been involved in the field of trusted insider threats and data leakage since 2002 and have practical hands-on experience with commercial organizations of all sizes in the US, Middle East and Europe. Open Solutions eRisk(TM) is a 48 hour data security risk assessment that uses the Practical Threat Analysis tool and Fidelis Security Systems XPS to monitor outgoing traffic and build a clear picture of threats that exploit vulnerabilities of critical customer data assets.

Open Solutions PTA for PCI DSS security library package is an ideal solution for consultants to performance cost-effective PCI compliance audits for smaller merchants.

Contact  Yuval Avital, VP Business Development for projects and partnerships www.opensolutions.co.il at:

+972-525-311-790

email: yuvala@opensolutions.co.il

Thailand Productivity Institute - Training and consulting services: defend, support and promote a principle of productivity.

Due to the Computer Crime law, many firms in Thailand need experts and security solutions to help them comply with the regulation. ISO/IEC 27001- Information Security Management is used in a wide range of industries and government institutions to provide confidentiality integrity and availability. Security breaches raise security awareness among CIO and non-IT professionals to protect information assets properly. 

We use the Practical Threat Analysis methodology and tool as a great solution to manage risks identified in the scope of our ISMS implementation. The tool's ease-of-use and the very nice ISO27001 library help us save time and reduce workload in our threat risk assessment process. PTA also generates very good reports in many views which greatly help manage risks based on the analyzed data.

Contact  Pryn Sereepong, ISMS/ISO27001 Lead auditor www.ftpi.or.th at:

12-15th fl. Yakult Building 1025 Pahonyothin Rd. Bangkok 10400 Thailand. 

+66-2-6195500

email: pryn@ftpi.or.th

 

***

 

 Get Risk Assessment tips in PTA Professional Forum
Home Page