Credentials

Industry Experience

Risk Based Security consultants have a vast range of real-life industry experience including: Financial – Credit Cards; Financial – Banking/Credit Unions; Financial – Insurance; Manufacturing; Technology and Staffing Services. We are security and risk specialists experienced in leading organizations to ISO/IEC 27001 certification. 

We are sought after to present at many well-known security conferences including RSA, CISO Executive Summit, EntNet IEEE GlobeCom, CanSecWest, DEF CON, Metricon and SyScan. RBS consultants have published several books including Security in an IPv6 Environment, Francis and Taylor, 2009, Information Technology Risk Management in Enterprise Environments, Wiley, 2010 and The Chief Information Security Officer, IT Governance Publishing, 2011.

Featured as security industry experts by CNN, BusinessWeek, Information Week, eWeek, Processor.com, Federal Computer Week, Government Computer News, CNET, SC Magazine, Banking Systems & Technology, Wall Street & Technology, IT*Security and CFO Magazine

RBS consultants are the founders and experts behind the Open Security Foundation (OSF), a non-profit organization that oversees the operations of the Open Source Vulnerability Database (OSVDB.org), DataLossDB.org, Cloutage.org and SECore.info.   OSF has been recognized as world-wide experts in the information security industry and was awarded SC Magazine’s Editor’s Choice Award in 2009.

Certifications

Risk Based Security, Inc. consultants are well qualified and hold a variety of industry certifications. You can rely on the RBS team for assistance that meets industry best practices.

 CISSP Certified Information Systems Security Professional – A vendor-neutral certification governed by the ISCI. CISSP certification demonstrates both expertise and experience in ten security domains which are accepted as a compendium of industry best practices for information security.
 CISM Certified Information Security Manager – Our security professionals have managed, designed, and assessed enterprise-wide information security systems. We are experts in understanding the interdependency between business needs and IT security by focusing on risk management and organizational security issues.
 ITIL Certified ITIL Foundation Professional – Certification as an ITIL Foundation Professional assures that our consultants are well-versed in the best practices for IT Service Management, as defined in the Information Technology Infrastructure Library (ITIL).
 ISO Certified 27001:2005 Lead Auditors and ISMS Implementer– Our security professionals have provided training, consulting and advisory services to multiple organizations resulting in certification to ISO/IEC 27001:2005. We are one of the few consulting firms with a proven track record of leading organizations through successful certification audits.
 cgeit Certified in the Governance of Enterprise IT – The CGEIT designation recognizes professionals for their IT governance-related experience in managing, providing advisory and assurance services and who support the governance of an enterprise’s IT.
 CISA Certified Information Systems Auditor – The Certified Information Systems Auditor (CISA) program is the globally accepted standard of achievement among information systems audit, control and security professionals.
 nsa-iam Certified to NSA’s INFOSEC Assessment Methodology – Certification to NSA’s IAM assures that our consultants fully understand the depth and breadth of the standardized set of assessment activities that must be performed properly complete an INFOSEC assessment.
 cippus_seal_web Certified Information Privacy Professional/United States
The CIPP/US credential demonstrates a strong foundation in U.S. private-sector privacy laws and regulations and understanding of the legal requirements for the responsible transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions.