NEW YORK--(BUSINESS WIRE)--Kroll (“the Company”), a global leader in risk mitigation, compliance, security, and incident response solutions, today announced that the Payment Card Industry Security Standards Council (“PCI SSC”) has certified Kroll as a Qualified Security Assessor (“QSA”) company in the United States. This designation affirms Kroll’s expertise and authority to, at a minimum, evaluate a client’s security infrastructure and procedures, policies, networks, and systems to ensure an organization is protecting clients’ payment data in compliance with the PCI Data Security Standard PCI DSS (“PCI DSS”).
The PCI SSC was founded in 2006 by American Express, Discover Financial Services, Japan Credit Bureau International, MasterCard, and Visa Inc., all of which incorporate the PCI DSS for their data security compliance programs. QSA certified companies perform onsite assessments for entities that store, process, and transmit cardholder data, and prepare appropriate compliance reports required by payment card brands and acquiring banks. There are only 356 certified QSA companies worldwide.
“This elite certification reflects Kroll’s dedication to providing clients across diverse sectors with the most comprehensive cyber security solutions,” said David Fontaine, Chief Executive Officer of Kroll and its parent, Corporate Risk Holdings. “For clients who handle payment card data, our QSA designation adds another dimension to the multifaceted cyber services we already offer in the marketplace that help organizations improve their information security while working to prevent, respond to, or remediate cyber-related challenges.”
Cyber Security and Investigations Practice Leader Erik Rasmussen holds QSA certification and heads the QSA program for Kroll. Based in Los Angeles, California, Rasmussen is a former Washington State prosecutor and U.S. Secret Service Special Agent. Prior to joining Kroll, Rasmussen served as Director, North America Cyber Security Intelligence, Payment System Risk, for Visa Inc., and as IT Security Manager, Security and Investigations for Fidelity National Information Services.
Kroll Cyber Practice Associate Managing Directors Marc Brawner, Luke Tenery, and Andrew Valentine all have obtained QSA certification and will be available to spearhead critical QSA engagements. Brawner, based in Nashville, TN has over 14 years of experience in information security, specializing in cyber risk, data breach investigations, forensics, and incident response. Tenery, based in Chicago, IL provides industry-leading secure information services, computer forensic, incident response and technology consulting services to law firms, corporations and government agencies. Valentine, based in Dallas, TX, is a highly accomplished practitioner, expert witness, thought leader, author, and speaker on computer crime and cyber security. In addition to holding QSA certification, Valentine is a PCI Council Qualified Incident Response Assessor (QIRA/PFI).
About Kroll:
Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security and data and information management services. Headquartered in New York with more than 50 offices across nearly 30 countries, Kroll has a multidisciplinary team of over 2,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies and individuals. For more information visit www.kroll.com.
Forward-Looking Statements
This press release may contain “forward-looking statements.” These forward-looking statements include, but are not limited to, statements regarding the Company’s performance and growth, and other non-historical statements. Forward-looking statements identify prospective information. Important factors could cause actual results to differ, possibly materially, from those stated in the forward-looking statements. In some cases you can identify forward-looking statements by words such as “anticipate,” “believe,” “could,” “estimate,” “expect,” “intend,” “may,” “plan,” “predict,” “potential,” “should,” “will” and “would” or the negatives thereof, variations thereof or other similar words. You should read statements that contain these words carefully because they discuss the Company’s future priorities, goals, strategies, actions to improve business performance, market growth assumptions and expectations, future business opportunities, capital expenditures, financing needs, financial position and other information that is not historical information or state other “forward-looking” information. Forward-looking statements should not be read as a guarantee of future performance or results, and will not necessarily be accurate indications of the times at, or by which, such performance or results will be achieved. Forward-looking information is based on information available at the time and/or management's good faith belief with respect to future events, and is subject to risks and uncertainties that could cause actual performance or results to differ materially from those expressed in the statements. Forward-looking statements speak only as of the date the statements are made. The Company assumes no obligation to update forward-looking statements to reflect actual results, changes in assumptions or changes in other factors affecting forward-looking information except to the extent required by applicable securities laws. If the Company does update one or more forward-looking statements, no inference should be drawn that the Company will make additional updates with respect thereto or with respect to other forward-looking statements.