Opt-Sec was formed with a clear objective:-
The Frameworks for Best Practices in information Security have already been comprehensively laid out in a number of Policies. These policies have been introduced by various organisations (ISO, PCI etc) with the aim of standardising terminology, definitions and minimum requirements. They are far from easy to understand however, and tend to be overly complicated, riddled with jargon and very confusing.
To compound matters, many vendors have jumped on the bandwagon and will go to great pains to point out how their products will “make you compliant”. This is usually because the use of their product will probably contribute towards the satisfaction of one or more of the requirements of one of the major Policies, but it is hardly ever because the product does everything that needs to be done to satisfy any Policy completely.
We thought there was a growing need for a Team who could explain which products can help and in which ways – using products to help satisfy compliance instead of using compliance to help sell products!
We thought there was also a clear need for simple to use systems that can help those tasked with making their organisations compliant to understand their chosen compliance Policy, manage the compliance Processes and implement the right technologies – through to Certification and beyond!
We can’t make you compliant – only you can do that – but we can optimise your efforts to secure your information, become compliant and stay compliant, in the minimum time and with the minimum effort and cost.
Please feel free to explore the pages of this website to learn more and, when you’re ready, we look forward to working with you.
Small businesses around the world are increasingly at risk for payment data theft. Nearly half of cyber-attacks worldwide in 2015 were against small businesses with less than 250 workers, according to cybersecurity firm Symantec. In order to help these companies protect themselves and their customers, the PCI Security Standards Council (PCI SSC) Small Merchant Taskforce has developed a set of payment protection resources for small businesses.
Today the PCI Security Standards Council (PCI SSC) published a new version of its device security standard for Hardware Security Modules (HSMs). HSMs are secure cryptographic devices that are used for cryptographic-key management and the protection of sensitive data used in payment card processing.