TMCnet News
RandomStorm achieves CREST accreditation; -penetration testing and Cyber Essentials assessment skills recognised by UK government body-(M2 PressWIRE Via Acquire Media NewsEdge) Leeds - IT security and compliance company, RandomStorm, has announced that it is among the first companies to achieve CREST accreditation for penetration testing and Cyber Essentials. Part of the UK Government's National Cyber Security Strategy, the Cyber Essentials Scheme aims to help SMEs to reduce the risk of cyber crime by offering accredited third party organisations to assess and advise them on their information security measures. CREST is a not for profit organisation that is approved by the UK government to test and certify that information security companies are able to provide Cyber Essentials services. The CREST scheme is designed to provide consumers with confidence that the businesses that they deal with have the necessary defences in place to protect their information against the most common cyber threats. The test criteria cover information security best practices contained with the ISO 27001 standard and the Standard for Information Assurance for Small and Medium Sized Enterprises relating to the security of web services, internet connected devices, email and application servers. Organisations that have passed the assessment can display the Cyber Essentials badge to let their customers know that they have actively engaged in mitigating the cyber risk to their business and their customers' information. CESG, the Information Security branch of GCHQ, worked with CREST to develop the assessment framework. Commenting on the launch of the Cyber Essentials scheme in June 2014, Ian Glover, president of CREST said, "Not all organisations have the resources available to invest in the most rigorous levels of information security and compliance. Cyber Essentials addresses this by creating a baseline for UK cyber security. By assembling and working with a forum of industry and technical experts, CREST has built an assessment framework optimised for the Cyber Essentials Scheme that will ensure organisations of all sizes and from all sectors can be properly and independently assessed to have the key technical controls in place to manage cyber risks." RandomStorm provides vulnerability scanning and intrusion detection products and penetration testing services to help companies to improve and continually maintain their security posture. The company is a CESG CHECK security consultancy and certified as a Qualified Security Assessor (QSA) and ASV by the Payment Card Industry Security Standards Council. Commenting on RandomStorm's CREST certification, Andrew Mason, co-founder and Technical Director of RandomStorm said, "As an existing provider of penetration testing services for PCI DSS, with a particular expertise in web application security, social engineering pen testing, wireless and network security, it is an natural extension for us to provide CREST assessment to help businesses to improve their defences against hacking and cyber crime." -ends- References: CREST approved member companies http://www.crest-approved.org/crest-member-companies/member-companies/index.html CREST press release, 5th June 2014, "CREST works with UK government to roll out Cyber Essentials" http://www.crest-approved.org/news/crest-works-with-uk-government-to-roll-out-cyber-essentials/index.html Cyber Essentials Companies: http://www.cyberessentials.org/companies PCI Security Standards Council: Approved companies and providershttps://www.pcisecuritystandards.org/approved_companies_providers/ https://www.pcisecuritystandards.org/approved_companies_providers/approved_scanning_vendors.php About RandomStorm RandomStorm is a UK-based network security, vulnerability management and compliance company, focused on providing enterprise-level, proactive security management tools and services. RandomStorm's experienced and certified security experts are able to offer customers a wide range of integrated world-class security vulnerability assessment and professional security services. Covering initial consultancy and gap analysis through to network and application testing, as well as managing client's business compliance accreditation process, RandomStorm aims to work with organisations to ensure that their security investment is fully optimised on a 24/7/365 basis. RandomStorm's core products are supported by a range of complementary monitoring, alerting and remediation tools and services developed under the RandomStorm Open Source Initiative. RandomStorm is a CESG CHECK security consultancy as well as a Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) for the Payment Card Industry Data Security Standard (PCI DSS). Please visit http://www.randomstorm.com for further information.CallSend SMSAdd to SkypeYou'll need Skype CreditFree via Skype . (c) 2014 M2 COMMUNICATIONS |