SiamSecure Consulting: Managed Security Services for Continuous Compliance
It is no surprise that countless organizations till date have experienced the horrors of cyber-attacks, and strive to implement significant changes in their cybersecurity measures. But a few months after an attack, organizations lapse into a comfortable state, and the new cybersecurity procedures and compliance requirements are left unchecked. This leaves them wide open to future cyber threats and attacks. What the organizations now need is continuous compliance to ensure they effectively meet the industry and regulatory demands whilst maintaining proactive cybersecurity. However, maintaining a continuous compliance status is no cakewalk given the hassle of appropriately allocating limited resources. Guided by a vision to be a trusted cybersecurity service provider for smart businesses, SiamSecure Consulting is changing this narrative by streamlining the implementation of continual compliance.
Founded in 2008 by a group of experienced consultants and specialists in information security, the Bangkok-based SiamSecure Consulting combines professional and managed security services into “Compliance as a Service” to help organizations maintain a continual compliance status. Initially started as a security outsourcing and security operation center (SOC) service provider, SiamSecure Consulting partnered with one of Thailand’s biggest internet service provider and data center to assist small and large organizations to comply with the Computer Crime Act. Today, the company leverages its deep technical background, R&D, and the diverse experience of its certified security experts to provide comprehensive IT security services. From security design and implementation to security management, and professional services such as training, business risk assessment, audit, vulnerability assessment, and penetration testing, SiamSecure Consulting covers it all.
SiamSecure Consulting primarily assists organizations that employ the ISO/IEC 27001 standard to be in compliance with the Payment Card Industry Data Security Standard (PCI DSS) and consistently maintaining it. The company offers a managed PCI DSS compliance for endpoint service to help organizations meet the PCI DSS requirement for: one, the endpoints that process, store or transmit cardholders’ payment card data, and two, the endpoints delivering security functions. SiamSecure Consulting fortifies the protection on these endpoints with robust data encryption, secure data erasure, and data loss prevention features. Apart from the traditional security controls like malware protection, audit logging, and monitoring, system hardening, and file integrity monitoring, the company’s managed service covers the implementation, management, and support for numerous security controls required by PCI DSS.
SiamSecure Consulting’s uniqueness stems from its client-oriented approach to providing comprehensive IT security services and maintaining continual compliance status through proven methodologies, techniques, and tools based on industry-recognized standards. Recently, SiamSecure Consulting was approached by one of the largest merchants in Thailand’s retail industry who strived to achieve PCI DSS compliance well within a tight deadline set by the retail merchant’s card brand. In a dire need for compliance service, the retail merchant accepted the recommendation from one of the biggest Thai acquirers/banks to utilize SiamSecure Consulting’s PCI DSS compliance service. Along with delivering a reliable PCI DSS compliance service, SiamSecure Consulting enabled the retail merchant to reduce their scope of efforts and meet the compliance requirements. The client is expected to be awarded a PCI DSS certification before September 2019.
SiamSecure Consulting boasts of a spectrum of successful projects under its belt—from major MSS contracts to ISO/ IEC 27001 implementations. In addition to partnering with the best User and Entity Behavior Analytics (UEBA) and SIEM vendors, SiamSecure Consulting has transformed its SOC services to next-gen S-SOC for providing efficient managed detection and response (MDR) service. “We plan to implement Security Orchestration Automation and Response (SOAR) and big data technologies with our managed security monitoring services that allow clients to efficiently fend off, and accelerate response to emerging cyber threats and data breaches,” Janchavee concludes.