TMCnet News

Rook Security Certified As PCI Security Standards Council Qualified Security Assessor
[December 09, 2014]

Rook Security Certified As PCI Security Standards Council Qualified Security Assessor


Rook Security, a provider of global IT security solutions protecting sensitive data against dynamic, emerging threats, has successfully completed the PCI Security Standards Council Qualified Security Assessor (QSA) Company testing process and is validated to perform Payment Card Industry Data Security Standard (PCI DSS) assessments.

The PCI DSS, endorsed by American Express (News - Alert), Discover Financial Services, JCB, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process or transmit customer payment card data to adopt information security controls and processes to ensure data integrity. Participating payment brands require PCI (News - Alert) DSS compliance reports by a certified third-party assessor for on-site audits of merchants and service providers that process payment card transactions.

"There are 170 companies that are certified to provide this assessment in the United States," said J.J. Thompson, CEO and Managing Director, Rook Security. "What differentiates Rook Security is our ability to identify, inform and help our clients manage residual risk while providing real-time managed security services and information security consulting experience. With our PCI QSA certification, Rook Security takes compliance assessment a step further by providing continuous compliance and in-line remediation programs with supporting security services from a single trusted provider."

As a Qualified Security Assessor, Rook Security plays a vital role in protecting payment card environments by assessing and advising on client data security strategy. Rook Security is certified to evaluate the security of merchant systems that store payment account data, help merchants manage data security risks, and assist them in achieving compliance with the PCI DSS. In an era of increasingly sophisticated attacks on systems, the PCI DSS certification reassures merchants that they are being assessed accurately and fairly against the most current payment industry requirements designed to protect their payment card data.

"The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data," said Bob Russo, general manager of the PCI Security Standards Council. "By participating in the QSA certification process, Rook Security demonstrates they ae playing an active part in this important end goal."



Rook Security's certification comes soon after the hire of Lead Security Consultant Jeff Foresman, who is independently certified as a PCI QSA. Foresman leads Rook Security's PCI and HIPAA Compliance Practice and oversees additional security programs to protect sensitive data for Rook's clients.

"For retailers and other businesses conducting payment processing, achieving industry compliance is simply not enough to ensure a solid security posture," said Jeff Foresman, Lead Security Consultant, Rook Security. "While PCI DSS compliance is a critical component of a successful information security program for merchants, it is still just a component. Rook Security delivers comprehensive programs which are designed to breed PCI compliance not as the goal of a periodic checklist, but as the outcome of a robust security strategy."


In recent months, several awards and accolades have highlighted Rook Security's continued service expansion and thought leadership in the information security market. This September, Rook Security was recognized as the most innovative managed security service at the Golden Bridge Awards. In August, Rook Security earned a coveted spot on the renowned Inc. 500 list, and was also recognized by TechPoint as the fastest growing technology company in Indiana. In July, the Indiana Office of Small Business and Entrepreneurship (OSBE) and the Indiana Small Business Development Center (ISBDC) honored Rook Security as one of the 2014 Indiana Companies to Watch.

About the PCI Security Standards Council
The PCI Security Standards Council is an open, global forum that is responsible for the development, management, education and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard (News - Alert) Worldwide and Visa Inc., the Council has more than 700 Participating Organizations representing merchants, banks, processors and vendors worldwide. To learn more about playing a part in securing payment card data globally, please visit: pcisecuritystandards.org.

Connect with the PCI Council on LinkedIn and join the conversation on Twitter.

About Rook Security
Rook Security is a provider of global IT security solutions protecting sensitive data against dynamic, emerging threats. Rook's consulting and managed security services deliver visibility, intelligence, and response® in security operations to overcome the complex problems that continue to plague most organizations. As an integrated extension of their internal team, Rook helps organizations achieve a mature security and risk management program. Rook's consulting and managed security services have helped to improve the way organizations from start-ups to Fortune 100 firms protect their data and manage their risk.

For more information, join us on Twitter (News - Alert@RookSecurityFacebook, LinkedIn, or http://www.rooksecurity.com.

Rook Security and the Rook Security logo are trademarks, registered trademarks, and/or service marks of Rook Security in the United States and other countries. All other names are trademarks or registered marks of their respective owners.


[ Back To TMCnet.com's Homepage ]