Industries We Work With
| We Help Where Risks Are Highest | |
| Fortune 100 | Fortune 1000 companies are half our business. |
| Financial Institutions | Financial institutions know we can help with SOX and GLBA. |
| Telecommunications | Telecom companies count on us for full-featured security. |
| Healthcare | Healthcare institutions trust us to help them with HIPAA. |
| Life Sciences | Life Sciences earn compliance with FDA 21 CFR Part 11. |
| Retail | Retailers turn to us for VISA CISP and MasterCard SDP. |
| Manufacturing | Manufacturers find security and reliability serve profitability. |
| Public Sector | We guide public sector organizations through IA certification and accreditation. |
| Energy / Utilities | We help owners and operators within the energy and utility industry achieve NERC compliance |
| Learn More | o talk with us about security and your business, call 650-426-5310 or submit your inquiry online. Or, see the Global Security Consulting Services Overview. |
Fortune 1000 Companies Make Up Half of Our Business
Fortune 1000 companies are attracted by our high level of certifications, the breadth of our experience, and the maturity of our consultants.
Our Certifications Provide Confidence
Over 90 percent of our consultants are Certified Information Systems Security Professional (CISSPs). Some have multiple certifications. Everyone knows security is essential to a successful business. Certain legislation has made security a legal necessity as well - with serious consequences if a business fails to comply. Our high level of certification makes it possible for us to offer solutions that give our Fortune 1000 clients confidence.
We Have Firsthand Experience inside the Fortune 1000
Many of our consultants are IT security professionals who’ve worked in Fortune 1000 companies. We understand the challenges large corporations face because we’ve experienced them - firsthand. We offer solutions that are tailored to the needs of top-tier companies.
We’re Thought-Leaders in the Industry
Our consultants average nearly 10 years of experience. Our consultants engage in ongoing training and development to maintain a high level of proficiency. Several of our consultants have been involved in the development of computer security programs - both undergraduate and graduate - at colleges and universities. Our consultants hold leadership positions with the Information Systems Security Association (ISSA) and the Information Systems Audit and Control Association (ISACA) and are active participants in industry associations and consortiums.
Learn about:
- Enterprise Security Assessments
- Enterprise Compliance Assessments
- Compliance and Your Business
- Fortune 1000 Success Story
Financial Institutions Know We Can Help with SOX and GLBA
Two facts speak for themselves:
- The financial industry is one of the most highly regulated in the U.S.
- Twenty out of the top fifty financial institutions in the country are our clients.
We Understand the Regulations
Our understanding of the intricacies of the regulatory environment is second to none. We’ve helped many financial institutions address their requirements under Sarbanes-Oxley and the Gramm-Leach-Bliley Act - as well as the Basel II and Federal Financial Institutions Examinations Council (FFIEC) standards, California SB 1386 requirements, and other regulatory directives. Some of the largest financial institutions - some of those with the most at risk - trust us because they recognize regulatory compliance is one of our core competencies.
We Know Their Technical Implications
We also have a thorough knowledge of technical implications of the regulatory environment. We know not just the regulations - but the technology that will satisfy them and the tools and techniques that will test them. See Our Approach for an overview of how we work.
Learn about:
- Enterprise Compliance Assessments
- Security Certification Program
- Compliance and Your Business
- Financial Institutions Success Story
Telecommunications Companies Count on Use for Full-Featured Security
Telecommunications companies are prime targets for security attacks. That has always been true to some extent, but the degree of risk has risen dramatically - because of the exploding use of cordless telephones, mobile telephones, networked PDAs, and remote access computers. Telecom companies are required by government regulation to be up and running 99.99% of the time, so avoiding interruptions to their business is absolutely vital to their survival.
We Can Work as Needed, or Be a Full Security Partner
Depending on your current security status, we can provide anything from compliance assessments to full architecture and design recommendations.
We’re Always Available to Help with Security Breaches or Disaster Recovery
Our goal is always to help you avoid security breaches or, much worse, full disasters. But both will occur, and when they do, VeriSign is there to assist you.
We can analyze why a breach occurred:
- To help you solve it
- To assist with legal proceedings as technical advisors or expert witnesses
- To help design and implement policies and procedures to enhance security in the future
Managed Security Takes the Burden off Your Shoulders
We’re available to consult with you - but, if you like, we can also assume full responsibility for your security needs. Managed security services can provide you with an outsourced solution that helps you identify threats and respond to them quickly. We can also train your employees to be security conscious. We’re available to visit your sites regularly to make sure the proper policies and standards are in effect.
Learn about:
- Enterprise Security Assessments
- Enterprise Compliance Assessments
- Technical Security Assessments
- Security Architecture and Design Solutions
- Incident Response and Forensics Services
- Disaster Recovery and Business Continuity Solutions
- Compliance and Your Business
- Telecommunications Success Story
Healthcare Institutions Trust Us to Help Them with HIPAA
HIPAA Is a Core Competency
Regulatory compliance is equally pervasive throughout the healthcare industry. Healthcare organizations have engaged us over the past years to help assess their compliance with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is another of our core competencies - and the clients we work with recognize that:
- Healthcare providers
- Health insurance plans
- Clearinghouses
- Medicare and Medicaid agencies
Safeguarding Electronic Data Is Good Business
Safeguarding electronic data isn’t essential only to HIPAA - it’s also an essential business practice as healthcare organizations move information online to automate business processes, streamline communications, and improve customer service. Security isn’t just about compliance, it’s about your business.
We Offer Sarbanes-Oxley Compliance Consulting if You’re a Public Company
Our experience helping companies assess their compliance with Sarbanes-Oxley regulations equals our core expertise in HIPAA. We can recommend solutions that will help you address the requirements of both sets of regulations - and do so more efficiently and cost-effectively.
Learn about:
- Enterprise Compliance Assessments
- Security Certification Program
- Compliance and Your Business
- Healthcare Success Story
Life Sciences Companies Earn Compliance with FDA 21 CFR Part 11
Compliance with FDA 21 CFR Part 11 - which governs how information is transmitted to the FDA - is essential to pharmaceutical and life sciences companies. Our focus on helping companies comply with government regulations enables us to provide efficient solutions - solutions that not only ensure you address regulatory requirements but that also serve your business.
Learn about:
- Enterprise Compliance Assessments
- Security Certification Program
- Compliance and Your Business
- Life Sciences Success Story
Retailers Turn to Us for Visa CISP and MasterCard SDP Compliance
VeriSign was one of the first authorized assessor and scanning providers for Visa’s Cardholder Information Security Program (CISP) and MasterCard’s Site Data Protection (SDP) program. Our assessments also cover the data security standards published by American Express. We’ve evaluated the security of retailers - both large and small. We’ve helped them improve their security so they can meet cardholder information security requirements and network security best practices set by Visa and MasterCard. Our services also allow retailers to assess their compliance with any credit card association that recognizes the Payment Card Industry (PCI) standards
Learn about:
Manufacturers Find Security and Reliability Serve Profitability
Security and Reliability Serve Profitability
The manufacturers that we work with are typically concerned with intellectual property - which they share extensively in the manufacturing process. They’re also concerned about the availability of systems to conduct business. They use information technology to manage much of the production process - so they’re concerned that they systems are available and reliable. Access to confidential information is also a concern since most manufacturing companies operate on small margins with tight competition. Often a product has a shelf life of only a few months as a the leading product before a competitor introduces a similar product. If a competitor were to get access to marketing and development plans, the shelf life could be cut - and profits and market share reduced significantly.
Security Is as much Organizational as Technical
We typically perform an enterprise assessment that focuses as much on business process as it does technology implementation. We’re careful to assess vulnerabilities in policies and practices - not just in systems. We’ve discovered that the majority of problems we uncover aren’t just technical problems, they’re organizational problems.
We Rank Recommendations by Cost and Effort
We know everyone has a limited security budget. We search for the improvements that are best suited to achieving he business and security objectives our clients identify - and rank our recommendations accordingly. We help clients prioritize spending: we do a cost-benefit analysis of each recommendation and identify which are easiest and least expensive - and will produce the most effective results.
Learn about:
We Guide Public Sector Organizations through IA Certification and Accreditation
We Help Meet Government IA Demands
We work with organizations in the public sector to help bring them in line with government information assurance (IA) demands. We help them identify requirements that cover key government regulations, including the OBM A-130 and DoD Information Technology Security Certification and Accreditation Process (DITSCAP).
We Make Sure the Certification and Accreditation Process Is Successful
Our approach is to determine which U.S federal guidelines are applicable for your agency. We then make a thorough assessment, and prepare the necessary documentation. We prepare a security accreditation package that documents the applicable certification process: what has been changed, what was currently within certification, and what the plans are for ongoing compliance. We deliver the package to the appropriate authorizing official. We then work with that official as needed to make sure that the certification and accreditation process is successful.
We Offer Greater Confidence and Full Compliance
The result is greater confidence that information is safe and full compliance with government regulations.
Learn about:
