NetSPI The age of the Internet almost simultaneously became the age of the Internet criminal. As email, web sites, and e-commerce flourished and provided new richness and productivity, so the hackers, script kiddies, phishers, denial-of-service attackers and email scammers were right behind, perpetrating disruption, needless expense, and theft on an enormous scale. Protecting individuals and businesses against these predators is the mission of IT security consulting firms such as NetSPI. Their assessments and advice can be crucial in defending assets and identities, and thereby enabling the benefits of the Internet age to continue. The NetSPI firm, founded in 2001 by Deke George and Seth Peter, focuses on compliance and security consulting in these industries: financial services, healthcare, higher education, energy, and retail. History and Locations Deke George and Seth Peter started NetSPI, an IT security and compliance company, in 2001. Both of them had previously worked at OnTrack Data Recovery (now Kroll OnTrack) in the computer forensics field, where they were involved in a number of high-profile criminal investigations. Later they moved to different IT security firms. When one of their employers went under in 2000, they decided to get together again and start their own business. NetSPI thus was born; originally, the name was an abbreviation for Network Security Professionals Inc. After some lean times, the company landed HealthEast and Genworth Financial, an insurance spinoff from GE, as clients. Revenues did take a hit in 2006, though, when the company decided to stop reselling firewalls. The thought was that being a product vendor detracted from their ability to provide objective security advice. The growth resumed in 2007, and the company has been profitable every year. Revenues in 2008 were about $5 million, and there are now some 30 employees. Its main office is located in Minneapolis. A West Coast office opened in 2008 in Walnut Creek, California. What NetSPI Does NetSPI concentrates on several industries: financial services, healthcare, higher education, energy, and retail. The company provides consulting services in compliance management, security assessments, PCI consulting, and security program advisory services. Compliance management encompasses federal regulations associated with HIPAA (including the new requirements flowing from the of 2009, Gramm-Leach-Bliley, Sarbanes-Oxley, and the Nuclear Regulatory Commission, among others. Another area of focus is compliance with the industry-sponsored Payment Card Industry (PCI) standard for the protection of cardholder data. NetSPI is certified by the PCI Security Standards Council as both a and as an ASV (Approved Scanning Vendor). Why What NetSPI Does Matters As the world has deployed ever more wired and wireless connections for education, for commerce, for entertainment, for everything, so have the opportunities for cyber criminals to exploit the complex vulnerabilities of these networked systems. Phishing, spear-phishing, war-driving, drive-by pharming--these are just a few of the names given to various kinds of cyber attacks, which today are not designed to gain street cred but simply to steal as much money as possible from innocent people. For example, last year a gang of international hackers was indicted for stealing credit card information on millions of people. How they did it was appallingly easy. Sitting in a car in a parking lot outside a T.J. Maxx in St. Paul, Minnesota, with a laptop equipped with a directional antenna, the thieves captured card data as it passed from wireless handheld devices to a server. Using that information, the thieves were then able to penetrate the main servers at the store's parent company. We also now know about foreign spies mapping the U.S. power grid and stealing classified data on a new U.S. fighter plane. NetSPI has grown over the past several years, as the threats from cyber criminals have become more sophisticated. The company helped the state of Minnesota and the City of St. Paul prepare for the Republican National Convention last year. And some of the largest Minnesota-based companies and systems of higher education systems rely on NetSPI to help keep one step ahead of the crooks. Media References Coleman campaign may have broken law after breach - Minneapolis Star Tribune Fighting Vulnerable Payment Applications - Retail Info Systems News Privacy, Please - Franchise Times Penetrating IT Security to Find the Weaknesses - Minneapolis Star Tribune Associations
|
|
|