Contact
raveneye Services | Security Awareness Training | Case Studies | Social Engineering | Incident Response | Professional Certifications | PCI Audit
«Back to Media Page

RavenEye selected by Visa USA Inc. as qualified data security company

Companies that handle Visa data may now use RavenEye to assess their security standards and practices

TAMPA, Fla. October, 2005 - RavenEye, an information security consulting company based in Tampa, has been selected by Visa USA Inc. to provide security standards and practices assessments for companies that handle significant Visa transactions.

RavenEye becomes one of only about 30 such companies recognized by Visa as qualified to handle security assessments for the credit card services provider under its Cardholder Information Security Program (CISP), according to Joseph Kirkpatrick, RavenEye’s president.

Companies that do a large volume of business involving Visa transactions are required to retain the services of qualified assessors who make sure they are in compliance with Visa’s rigorous business standards. To become qualified, those assessor companies must complete a demanding Visa training program. If they complete the program successfully, Visa adds them to a limited list of qualified vendors. A list of those qualified assessor companies is maintained by Visa USA on its website.

“RavenEye has successfully completed the rigorous training program that Visa requires of its security assessment providers,” Kirkpatrick said. “Since there are tens of thousands of companies which are required to have independent security assessments performed on a regular basis, this new qualification should result in significant new business for RavenEye – we are projecting that several hundred of these companies will be added to RavenEye’s client roster.”

Visa implemented its Cardholder Information Security Program (CISP) in 2001 as a means of protecting cardholder data from security breaches. Breaches involving the theft of critical financial data regularly make the evening news reports.

"… it's important that every entity that handles payment card information adhere to the highest data protection standards such as the Payment Card Industry...standard, to protect the security and privacy of their customers,” Visa has said following a number of such security breaches. “Visa is aggressively partnering with entities across the nation to broaden adherence to these standards."

The CISP standards require companies to build and maintain secure networks; protect stored data; maintain vulnerability management programs; implement strong access control measures; monitor and test networks; and maintain information security policies.

An information security company, RavenEye provides security assessments and other consulting services

About RavenEye

Based in Tampa, Fla., RavenEye provides information security consulting services for businesses seeking to verify compliance with federal and state information security laws. Certified information security professionals conduct independent assessments and audits to test policies, procedures and incident response in order to prevent information leaks and security breaches.