847.221.0200  Main Office
800.925.0559  INCIDENT RESPONSE HOTLINE

SECURITY & RISK MANAGEMENT

by design is a continuous improvement process with Risk Management at the core.  

Learn More

COMPLIANCE

HALOCK will review all aspects of the environment that store, process or transmit cardholder data to ensure compliance with the PCI Data Security Standard. 

Learn More

PENETRATION TESTING

Performed on an external or internal environment. Our job is to exploit weaknesses and provide solutions.

Learn More

MALWARE DEFENSE

Advanced malware is a new breed of persistent cyber threat to obtain financial and personal information. 

Learn More

INCIDENT RESPONSE 

HALOCK provides comprehensive and discreet incident response handling services and forensic analysis.

Learn More

Information Security Consulting
You Can Trust

Companies can no longer afford to sideline IT security — the average cost of a data breach in the United States is $7.3 million*, and the consolidated cost of a data breach was almost $4 million. The result? Organizations need security measures that are proactive, intuitive and effective; but don’t hamper day-to-day performance or ROI. That’s where Halock Security Labs can help; as one of the leading security consulting firms, our Purpose Driven Security® offerings are custom-built to provide exactly the IT defenses you need, when you need them the most.

HALOCK Donates Prized IP to CIS®

 

CIS RAM

CIS (Center for Internet Security) and HALOCK Security Labs have co-developed the CIS Risk Assessment Method (RAM) to help organizations justify investments for "reasonable" implementation of the CIS Controls. CIS RAM helps organizations define their acceptable level of risk, and to prioritize and implement the CIS Controls to manage their risk.  CIS RAM is based on the Duty of Care Risk Analysis standard (DoCRA.org) and recognized by attorneys, regulators, and interested parties alike for its ability to demonstrate reasonable and appropriate implementation of controls. Learn more.


What is DoCRA?

The Duty of Care Risk Analysis Standard (“DoCRA”) presents principles and practices for analyzing risks that addresses the interests of all parties potentially affected by those risks.

PCI Deadline is Fast Approaching on June 30, 2018

The PCI Security Standards Council (PCI SSC) in PCI DSS v3.2 is requiring that all versions of SSL and TSL version 1.0 must be disabled.  In order to be PCI DSS compliant you must be utilizing TLS 1.1 at a minimum, (although TLS 1.2 is highly recommended).  

Top Threats

Threats to your network can come from anywhere, anytime. Popular examples now include:

  • Ransomware — What happens if critical systems are locked down and files encrypted?
  • Trojans — Is your current IT security system capable of detecting malicious code designed to activate on command and steal sensitive data?
  • DDoS Attacks — Technology evolutions such as the Internet of Things and cloud computing have enabled widespread and devastating denial-of-service attacks. Are you prepared?

Best Practices

Staying safe demands a balance of thought leadership and diagnostic capabilities; a security partner able to assess your current network needs, develop a custom-built plan, and then implement and monitor the impact and efficacy of this solution. It’s a combination of analysis and execution, the ability to both discover relevant data and act on it in a meaningful way. At Halock Security Labs, we believe this is the foundation of great IT security — your company is unique, and deserves defensive solutions designed from the ground up to both satisfy compliance requirements and exceed corporate goals.

The Purpose Driven Promise

Put simply, Purpose Driven Security® is a service philosophy that focuses on defining and implementing just the right amount of security; not too much, not too little. It’s striking the balance between keeping you safe and ensuring your company can conduct business as usual — we recognize that you operate your company in the real world, one filled with potential threats, emerging technologies and stakeholder expectations. It’s our job to ensure you can comfortably do yours; Purpose Driven Security® puts you in control and ensures you’re never without assistance in the event of a data breach, malware attack or DDoS attempt. Ready to evolve your IT security posture, empower corporate interests and minimize risk? As a leader in information security consulting, Halock Security Labs has you covered: Contact us today to learn more about our information security management services and discover the protection of Purpose Driven Security®.

*The Ponemon Institute (2017)




 

Recent Tweet