Being one of the leaders in delivering information security and compliance services, Intersec Worldwide operates in two separate divisions: Compliance and incident response investigation. Compliance includes different certifications around PCI such as QSA, payment applications, P2PE, among other qualifications. Whether it is a single standard such as PCI, GLBA, HIPAA or Sarbanes-Oxley, or in an environment where there is a need to combine multiple standards, Intersec Worldwide has extensive expertise and experience in bringing their clients into compliance as quickly and seamlessly as possible. They also provide on-going monitoring and managed services. Recently, Intersec Worldwide has added many security services specifically for the financial sector to deliver their expertise to Fortune 500 companies. Further, the company has also expanded their portfolio by aligning their services around new regulations such as GDPR and California CCPA. They have also worked with their vendor partners and team of engineers to develop a uniquely bundled solution that completes both data discovery and data classification in an automated method using machine-learning technology. This capability improves the accuracy, while reducing the complexity and costs of this process that most organizations and competitors are completing manually.
Incident response investigation services include corporate investigations from an internal threat and data leak/breach perspective. The company also focuses on remediation services, which serves as one of their many key differentiators. We interviewed Jeff Tutton, the President of Intersec Worldwide to understand the different services that the company delivers and its future. Following are the insights shared by him.
What is the role of data in implementing cybersecurity practices at an organization?
Data plays a central role in any company’s security implementations. It is pivotal for them to understand where their data really is and characterize it. They also need to comprehend the threat factors associated with that data in order to protect the data. While our competitors take a reactive and manual path, we take both proactive and automated measures to find and prioritize the response according to associated threat vectors. This helps reduce costs because the company knows what data needs protection and where it is located. It also plays well with our compliance services division as we provide different certifications to ensure the data protection is working.
What are the key pain-points that organizations face today and how does Intersec Worldwide mitigate them?
For many organizations, it is their biggest headache to manage the structured data from a security perspective. From a compliance standpoint, companies always face the predicament of retrieving the correct data at the right time.
We have developed a comprehensive professional line of services that operationalizes across the full spectrum of information security technology
They also face the problem of reducing the costs associated with implementing security tools to become compliant.
Companies also have to ensure that they have both the resources and the time required to execute these strategies. That’s where we come in and allow our clients to concentrate on their core business while we focus on the technology, people and resources, and how to protect their valuable data. We have developed a comprehensive professional line of services that operationalizes across the full spectrum of information security and technology. From investigation to remediation, we’ve developed and deployed first-in-class solutions.
Is there an approach that Intersec Worldwide takes to understand the clients’ needs?
For us, it is of paramount importance to understand the clients’ mission and end-goals. We map their data environment and objectives first through our scoping services and automated solutions. Then clients are provided with the ways in which they can minimize the overall costs and reap benefits out of the security implementations. Next, we decide the needed timeframe that helps us in laying out the roadmap to accomplish the client goals through a partnership effort with the clients. Finally, we work together with our clients to mitigate their cybersecurity challenges identified. It is key to understand, that with any organization resources are not unlimited. Most consultants and companies make the mistake of trying to “boil the ocean” when it comes to Cybersecurity. This approach is too costly, ineffective and the wrong approach. We have learned that during an ongoing and active data breach, you know what data they have already compromised, but you don’t know what they are likely to target next. You have to quickly discover the next data gold-mine before they do and it’s too late. This is why we can’t boil the ocean and are very targeted and strategic in our efforts during an Incident and in our everyday non-emergency projects.
The key is to become the clients’ advocates such that we are on the same page in understanding the quandaries, goals, and timelines. Lastly, we start executing and accomplishing the upgrades that the clients’ system may need. We identify novel trends and technologies. We work with the client to implement new technologies, while educating the client at the same time. Intersec Worldwide is solution-agnostic and believes in providing the best-in-breed and correct solutions.
What lies ahead in the future for Intersec Worldwide?
For the next 12-18 months, the focus of our company will be on CCPA, GDPR and other compliance automation. By using automation capabilities in both compliance and security we will continue to improve the industry and lower the costs of these new regulations. We will also be educating clients on the new solutions and technologies that can help them in the long run. Assisting customers in every way possible has been our forte and we will continue on the same path by delivering discovery and compliance services.
We are one of the only California-based cybersecurity firms, which is focused on working with clients and understanding their requirements. In the near future, we will be expanding our capabilities on the cybersecurity front by growing organically and educating our customers. The industry vertical that we serve is maturing and we would like to take advantage by bundling different state-of-the-art solutions to deliver a singular offering that would work in any environment.
By using our unique capabilities and solutions, we are able to provide our customers capabilities that before have only been provided by “local resources or extensive travel costs” resources. We can now provide these capabilities, including full-forensics and insider threat analysis, remotely around the globe without boarding a plane. This allows us to provide a more comprehensive solution, faster and further, in near-real-time that with other firms is simply not possible. From an expansion standpoint, at present, our service area includes North America, Caribbean, Europe, South America, and Asia.