Privacy Industry Index (PII): Vendors
The privacy industry is young and fast moving. What used to be the fascination of academics has become a business pursuit. Protecting data has value and you have to invest to make sure that data is properly protected. Businesses must work with a large collection of vendors from a variety of disciplines to reach their privacy goals. From the legal advisors to the insurance companies to the IT services and software, the IAPP has sought to wrap its arms around the industry of privacy to get a handle on the universe of privacy vendors. This is a first attempt at defining a subset of the industry, step one of many, and we did our best to identify vendors that IAPP members are working with. This is a work in progress. There is much more that needs to be done. Rest assured that the IAPP is hard at work on dynamic new projects to help you as a privacy professional and to expand the industry of privacy.
Thanks to Andrew Clearwater, CIPP/US, Dennis Holmes, Adam Quinlan and Katie Audet for help in compiling these lists.
Find a Vendor
2B Advice offers integrated solutions for all issues related to privacy and data protection: privacy advice, privacy software and privacy certification. We operate at the interface between technology and law. Our team consists of IT experts, software developers and lawyers. With 2B Advice, not only do you know what the legal requirements are, you also receive support in the technical and organizational implementation thereof. 2B Advice's explicit goal is to rise to become the leading international consulting firm specializing in data protection.
Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations.
We develop and implement technology solutions to improve our clients’ productivity and efficiency—and may run parts of their operations on their behalf. Ultimately, we enable our clients to become high-performance businesses and governments.
Established in 1998, Acumin is a cyber security and information risk management recruitment specialist with a global reach. We have developed an extensive breadth of knowledge across all requirements in our space, encompassing end user, consultancy, systems integrator, and vendor organisations.
Our recruitment services can be completely tailored to your business needs, with our core offerings comprising of permanent, contract, and retained search. Beyond this we have worked with clients to provide team moves, European market entry, and outsourced recruitment services.
Joyce Brocaglia founded Alta Associates in 1986. Today Alta is the most prominent boutique executive search firm specializing in Cyber Security, IT Risk Management and Privacy. Alta has established an unparalleled track record for placing key C-level executives, and building world class teams in various industries throughout the US.
“Most of our clients are seeking an executive who can increase the credibility of their department, influence the culture of the organization and effectively partner, sell and deliver their initiatives globally to diverse businesses with varying risk tolerances. Finding this new breed of executive and building the teams that support them is difficult and that is why companies retain Alta”, says Joyce Brocaglia, CEO of the company.
The ACLU works to expand the right to privacy, increase the control individuals have over their personal information, and ensure civil liberties are enhanced rather than compromised by technological innovation.
Strategically-focused, result-oriented lawyer with over 20 years unique public- and private-sector expertise in health information privacy and security, domestically and globally.
Specialties: Practical, real-world solutions that maintain privacy compliance, while at the same time ensuring that business/program objectives are met.
Our global privacy practitioners understand the interplay of privacy requirements with labor and employment laws, consumer protection laws and other local laws. We advise on privacy policies, data storage, retention and destruction, privacy complaints and investigations, disputes, data access requests and transfer and disclosure agreements. We also conduct multi-jurisdictional reviews of the collection, use and transfer of data.
Established in 1989, Barclay Simpson is the leading corporate governance recruitment consultancy. Throughout the UK, from our office in London, we recruit permanent and interim internal and IT audit, risk security and resilience, compliance, legal, and treasury professionals across all economic sectors.
Our strength lies in the degree of understanding and depth of experience of our consultants in these distinct but interrelated disciplines. Our consultants are specialists who build their knowledge on a long term basis. This enables us to provide a uniquely informed and consultative recruitment service.
Back in May 2011 Baycloud Systems introduced the original tool for helping websites comply with Do-Not-Track and the Data Protection and ePrivacy Directives, backed by a cost-effective and exhaustive website auditing service.
Fast track to 2016 and we are now the leading provider to multi-national companies of multi-language and multi-compliance systems, capable of actively managing storage in a secure way, not only to protect website visitors’ personal data but also clearly giving them control over its collection and use.
The Baycloud Consent Platform manages the consent request process, presenting information on usage commitments and user benefits in any language, with a per-site customised user experience and ensuring their choice is continuously available. We ensure that tracking and storage consent policies are properly adhered to, with users' consent capable of being revoked at any time and automatically after a configurable "sunset" period.
We believe that publishers and brands that respect and offer a straightforward choice to their customers will earn their trust and loyalty.
Advanced PII Discovery
- Get beyond dated DLP technology.
- Leverage machine learning to find PII accurately.
- Identify data sensitivity and uniqueness.
- Uncover dark data.
- Inventory PII by individual subject.
Automated Data Mapping
- Bring data science to data privacy.
- Replace unreliable interviews and surveys with automated data mapping.
- Track data lineage.
- Simplify data audits.
- Resolve flows across apps, data centers and countries.
Actionable Privacy Risk
- Measure risk by data sensitivity, location, access and consent.
- Customize one or more risk models.
- Get actionable recommendations for minimization, tokenization, anonymization, encryption.
- Bubble up top focus items.
- Assign investigation & remediation tasks.
- Quickly test compliance with regulation.
- Validate compliance against consent.
- Manage subject access requests.
- Simplify regulator reporting.
- Collaborate on investigations.
BORDC is a national non-profit, non-partisan organization working to restore the rule of law and our constitutional rights and liberties. We aim to make police and intelligence agencies accountable to we, the people whom they serve. We support an ideologically, politically, ethnically, geographically, and generationally diverse grassroots movement, focused on educating Americans about the erosion of our fundamental freedoms; increasing civic participation; and converting concern and outrage into political action.
Systems Delivery | Engineering and Sciences | Cyber | Analytics | Consulting
We live to solve problems. It’s just that simple. And we are not afraid of the unknown. For more than 100 years, we have been one step ahead, solving challenges where there were no roadmaps, and investing in the right capabilities, markets, and talents to tackle the emerging issues of our time. Our solutions help clients combat global terrorism, strengthen cyber defenses, transform healthcare, improve efficiency, and manage change.
Cyber Fraud and Risk Management
Ensure regulatory compliance and stop fraudulent activity and data theft with protection against cyber-attacks, insider threats, web and mobile fraud, payment fraud, and money laundering.
Healthcare privacy and data security
Following HIPAA and HITECH mandates, create a full cross-application audit trail of end-user access to protected health information, detect unauthorized user behavior in real-time, and replay interactions when needed to help detect and prevent fraud.
The Cato Institute is a public policy research organization — a think tank – dedicated to the principles of individual liberty, limited government, free markets and peace. Its scholars and analysts conduct independent, nonpartisan research on a wide range of policy issues.
At the CDT, we believe in the power of the Internet. Whether it's facilitating entrepreneurial endeavors, providing access to new markets and opportunities, or creating a platform for free speech, the Internet empowers, emboldens and equalizes people around the world. As a 501(c)(3) nonprofit organization, we work to preserve the user-controlled nature of the Internet and champion freedom of expression. We support laws, corporate policies, and technology tools that protect the privacy of Internet users, and advocate for stronger legal controls on government surveillance.
The CDD is recognized as one of the leading consumer protection and privacy organizations in the United States. Since its founding in 2001 (and prior to that through its predecessor organization, the Center for Media Education), CDD has been at the forefront of research, public education, and advocacy protecting consumers in the digital age.
Consentua is a consent management system from KnowNow Information that helps organisations to achieve data protection compliance, and gives individuals choice and control over how their personal data is used.
Consentua is currently in closed beta but get in touch to find out more.
Consumer Action seeks to create an environment in which individuals have the right to be protected by strong privacy laws, control their personal information and make meaningful choices in their interactions with corporations and government.
Consumers have a fundamental right to the privacy and security of their personal information. These rights extend to collection and control of personal data, limits on commercial and government surveillance, prohibition of discriminatory data practices, and safeguards for consumers’ personal information from unauthorized exposure and use. CFA promotes consumers’ privacy rights by advocating for strong laws and regulations, encouraging fair and effective data practices, and supporting vigorous enforcement to curb privacy abuses.
Consumer Watchdog is a nonprofit organization dedicated to providing an effective voice for taxpayers and consumers in an era when special interests dominate public discourse, government and politics. We deploy an in-house team of public interest lawyers, policy experts, strategists, and grassroots activists to expose, confront, and change corporate and political injustice every day, saving Americans billions of dollars and improving countless lives.
Consumers Union is the policy and action division of Consumer Reports. We work with our million plus activists to pass consumer protection laws in states and in Congress. We hammer corporations that do wrong by their customers, and encourage companies that are heading in the right direction.
- Cyber Security Strategy & Advisory
- GRC Implementation and Controls
- Regulatory & Statutory Compliance Management
- Policy and Process
- 3rd Party Assurance & Risk Assessment
- Pre-Audit Posturing & Preparation
- Post-Audit Findings Remediation
- Vulnerability Assessment & Penetration Test
- Security Architecture Transformation
- Organizational Change Management
- Resource Optimization
- Platform Standardization
- On-Demand Leadership
- IT Service Management Maturity
- Security Awareness and Training
- Secure SDLC Program Implementation
Recruitment solutions for the Data Privacy and Information Governance recruitment market. Data Privacy Recruitment Ltd has leading ability and experience to identify the best talent for both private and public sector organisations in all geographies. We service the UK, Europe and all other international geographies as required.
Investments in security are at an all-time high, yet successful cyber-attacks are still on the rise, both in number and sophistication. While today’s fast-paced technology innovation powers new strategic initiatives, it also opens new doors for cyber criminals. They target financial assets and personal data, but also intellectual property and critical infrastructure. Our Secure.Vigilant.Resilient. approach helps you get ahead of cyber risk so your business can keep moving forward.
Demand Progress is 501(c)4 entity, with 501(c)3 sponsorship from the Citizen Engagement Lab Education Fund. Demand Progress is a national grassroots group with more than two million affiliated activists who fight for basic rights and freedoms needed for a modern democracy.
To simplify, clarify, and unify the ECPA standards, providing stronger privacy protections for communications and associated data in response to changes in technology and new services and usage patterns, while preserving the legal tools necessary for government agencies to enforce the laws, respond to emergency circumstances and protect the public.
DPO Network Europe is a boutique company exclusively specialized in the recruitment of data protection and privacy professionals across Europe. With ever-increasing demand, we are privileged to work for a broad range of industries, from large multinationals to medium-sized organizations all of which strive for successful privacy compliance programs. Thanks to our domain expertise and our growing network of high-calibre candidates at all seniority levels, we have become the trusted recruitment partner to many renowned businesses for their in-house and external privacy job assignments based in Europe. The foundation of our success is our people who are privacy-savvy and who deliver!
EFF is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development. We work to ensure that rights and freedoms are enhanced and protected as our use of technology grows.
EPIC is a public interest research center in Washington, DC. EPIC was established in 1994 to focus public attention on emerging privacy and civil liberties issues and to protect privacy, freedom of expression, and democratic values in the information age. EPIC pursues a wide range of program activities including policy research, public education, conferences, litigation, publications, and advocacy. EPIC routinely files amicus briefs in federal courts, pursues open government cases, defends consumer privacy, organizes conferences for NGOs, and speaks before Congress and judicial organizations about emerging privacy and civil liberties issues. EPIC works closely with a distinguished advisory board, with expertise in law, technology and public policy. EPIC maintains one of the most popular privacy web sites in the world - epic.org.
Enforcive is a leader in developing comprehensive security solutions to help businesses reduce workloads, satisfy auditors, and improve responsiveness to security threats. Enforcive enables System Administrators to easily manage security and compliance tasks efficiently and effectively.
As many organizations have learned, sometimes the hard way, cyber attacks are no longer a matter of if, but when.
For EY Advisory a better working world means solving big, complex industry issues and capitalizing on opportunities to help deliver outcomes that grow, optimize and protect our clients' businesses.
Our global mindset and collaborative culture across our diverse team of consultants and industry professionals inspire us to ask better questions about the cybersecurity challenges you face. We then team with you to co-create more innovative answers – to activate a foundation that protects the business as it is today, adapt that foundation as the organization and threats change, and anticipate attacks that may be coming.
Exonar discovers what enterprise information is critically important, where it is located and who has access to it. We use enterprise scale big data architecture and machine learning technology to power real-time data classification and document search. Exonar understands the intent and characteristics of information, enabling it to be discovered, understood and acted upon.
Fight for the Future is a non-profit organization founded in 2011 whose mission is to ensure that the Web continues to hold freedom of expression and creativity at its core. We seek to expand the Internet’s transformative power for good, to preserve and enhance its capacity to enrich and empower. We envision a world where everyone can access the Internet affordably, free of interference or censorship and with full privacy.
We're working to create a world where people have the information and opportunities they need to tell their own stories, hold leaders accountable, and participate in our democracy. We fight to save the free and open Internet, curb runaway media consolidation, protect press freedom, and ensure diverse voices are represented in our media.
FPF is a Washington, DC, based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups.
Glenmont Group is a full-service executive search firm offering an array of recruiting solutions to its law firm, corporate and professional services clients. Our objective is to help our clients to strengthen and improve their organizations by maximizing their most valuable asset, their human capital. Glenmont Group's talent acquisition strategy is a combination of our ability to recruit talent, leverage the latest technologies and effectively use social media. This proven approach equates to a smooth hiring process and successful placements.
Harris, Wiltshire & Grannis LLP provides comprehensive privacy and cybersecurity representation for communications, information technology, digital marketing, aerospace, defense, health care‐related, and internet‐enabled‐product businesses. Our experienced team draws on years of senior government service as regulators, trade negotiators, and prosecutors, in addition to in‐depth corporate transactional experience, for a comprehensive understanding of the privacy and data security landscape.
The HPE Security Services team and security partner ecosystem can help support your business goals with a 360 degree cyber risk assessment. Our IT protection services cover infrastructure, software, networks, storage and data.
such as HPE ArcSight SIEM give you powerful detection and response capabilities. Use our tools, methodologies and analytics to conduct predictive security, analyze logs and prioritize security events.
HPE backup and recovery solutions protect your information intelligently across physical, virtual and cloud infrastructures. You get visibility, access and control of information via any endpoint device.
Whether it’s personally identifiable information, payment or healthcare information, or your intellectual property, your data means money to cybercriminals. Imperva protects cloud applications, websites, web applications, critical databases, files and Big Data repositories from hackers and insider threats—ultimately protecting your data—the one thing that matters most. Imperva market-leading cyber security software products include:
- Incapsula and SecureSphere for DDoS Protection
- Incapsula, SecureSphere and ThreatRadar for Application Security and Threat Intelligence
- SecureSphere, Skyfence, and CounterBreach for Data Security and Breach Prevention
Indigo Security AS is a small consulting company located in Norway. We provide information security and privacy services to our customers.
Investigative Due Diligence
Using a combination of public domain sources, reliable business and industry contacts and prudent analysis, IPSA’s comprehensive due diligence services add value to corporate decision makers by providing crucial information and intelligence about prospective partners, clients, distributors, vendors, competitors, employees, board members or litigants. Read More
Enterprise Risk Management
IPSA’s Enterprise Risk Management group helps organizations to be more resilient, endure challenging times and to capitalize on opportunities within apparent crises. Our integrated consulting services are created to help clients mitigate risk and enhance systems and processes in place to improve long-term performance.
The Litigation Support Group has an intimate knowledge of the processes required to design, manage and conduct comprehensive investigative solutions, evaluate the results and produce detailed reports enabling clients to address existing problems and mitigate future risk.
root9B, IPSA International's sister company, is an internationally recognized firm with experts dedicated to the delivery of solutions and services based on cutting edge technology, advanced cyber tactics and deep mission experience.
Services by Location
IPSA has conducted a range of services globally.
Improving business performance, turning risk and compliance into opportunities, developing strategies and enhancing value are at the core of what we do for leading organizations.
Helping transform risk and compliance efforts into competitive advantage by applying a risk lens to corporate strategy to improve risk intelligence and decision making, protect financial and reputational assets, and enhance business value.
PREPARE & PREVENT
Kroll can help you plan and create a customized prevention program that integrates industry-leading best practices, innovative technological solutions, and insights from working on the front line of cyber security.
INVESTIGATE & RESPOND
Kroll’s investigative experience in complex risk management challenges is the heart of our cyber security practice. Our multi-disciplinary expertise goes beyond the technical answers to deliver actionable intelligence.
REMEDIATE & RESTORE
Kroll brings extensive resources in breach notification, remediation, and identity monitoring to help you support individuals impacted by a breach and restore trust in your organization.
LenznerGroup Ltd. is a premier leader in executive search services, dedicated to Global Security, Technology Risk Management, Cyber Defense, and Digital Transformation arenas. Established in 1997, our firm is recognized for its success in advising and connecting a prestigious clientele, with leading talent from Global 500, Fortune 1000, Big 4, professional services, government, R&D, venture capital and high growth markets. Our clients include some of the world’s most recognized and prestigious organizations.
Our candidates include top Chief Security Risk Officers, Cyber Leaders, Enterprise Technology, Privacy, Law and Compliance practitioners from private and public sectors. Our team of search specialists, proprietary database and business intelligence, coupled with vetted industry advisors and relationships worldwide, enables LenznerGroup to deliver superior services and predictive, value-driven results.
Established in 1982, Major, Lindsey & Africa is committed to meeting the ever-evolving legal search needs of law firms and corporate legal departments. To truly understand the career aspirations of those in the legal field – as well as the needs of the firms and companies that hire them – a recruiter must have experience, focus and in-depth market knowledge of the legal profession. By being committed specialists, our information systems, networks, search and qualification processes – everything we do – is aligned with the legal profession. We know more people in the profession and we know them better than anyone else in the industry. This knowledge has helped us to expand our recruiting service offerings to bring more comprehensive legal recruiting solutions to both law firms and corporate clients. Our deep understanding of our clients' ever-evolving staffing and recruiting needs has led us to launch successful practices in law firm management recruiting (non-legal positions at law firms) as well as the Solutions Practice Group, which focuses on the entire realm of legal human capital and staffing solutions for companies and law firms. Trends in client needs have also led us to open successful legal recruiting practices in London and Asia, servicing the EMEA and Asia Pacific regions, respectively.
Only MarkLogic provides a unique multi-model operational and transactional database that automates the discovery of personal data from all data sources. We empower organizations to meet EU GDPR imperatives, including secure storage and appropriate usage of EU citizens’ personal data. By leveraging multi-lingual full-text search, you can manage the data over time with the right security controls, providing quick responses to EU citizens. The result is better data governance as well as the flexibility needed for continually evolving regulatory rules.
Mobius Consulting offers a range of services designed to meet your information risk management requirements. We have invested extensively in our frameworks and methodologies to enable us to guide clients effectively and efficiently. From assessments and roadmap development to designing processes and developing the necessary artefacts, we use a holistic approach to deliver sustainable and targeted solutions.
- IT governance
- Information risk management
- Information privacy
- Information security
- Identity and Access Governance (IAG)
- Third party risk management
Nicholson is a specialist technology recruiter, we work with clients ranging from some of the biggest software companies in the world to niche E-commerce start ups. With multi-lingual teams in each of our specialist markets based in London, Warsaw and Poznan we are well placed to support the international growth of our clients and to provide global opportunities for our candidates.
Founded in 2005, Nicholson International was re-launched and re-branded as Nicholson Search & Selection in 2013 to focus exclusively within the Software, E-commerce and Digital markets. The Nicholson name has long been associated with excellence in the Search & Selection market and we have an exceptional track record. Since 2005 we have supported our technology clients in hiring over 1300 sales, marketing and technical professionals.
Operationalize Compliance & Privacy by Design
Automate the creation, distribution, and analysis of PIA, DPIA, Vendor Risk Assessments, etc.
Maintain a central evergreen register of processing activities and data flows with actionable reporting.
Comply with EU Cookie Laws by automatically scanning websites for tracking technologies and managing consent from visitors.
Certify to Privacy Shield and APEC CBPR to publicly show your commitment to strong privacy practices.
Ponemon Institute conducts independent research on privacy, data protection and information security policy. Our goal is to enable organizations in both the private and public sectors to have a clearer understanding of the trends in practices, perceptions and potential threats that will affect the collection, management and safeguarding of personal and confidential information about individuals and organizations. Ponemon Institute research informs organizations on how to improve upon their data protection initiatives and enhance their brand and reputation as a trusted enterprise.
In addition to our research, Ponemon Institute provides strategic consulting to private and public sector organizations interested in establishing or enhancing their privacy, data protection, and security practices. To ensure that their goals are achieved, organizations engage us to assess their practices and conduct workshops and training programs.
Ponemon Institute is the parent organization of the Responsible Information Management (RIM) Council. The RIM Council draws its name from the practice of Responsible Information Management, an ethics-based framework and long-term strategy for managing personal and sensitive employee, customer and business information.
PwC provides industry-focused services for public and private clients. Our experienced staff, combined with our global network, allow us to provide the support you need—wherever you need it, at home and abroad, whatever the size of your organization.
Prifender is using artificial intelligence technology to map all personal information across networks (structured and unstructured), while associating identities with their respective obligations.
Using Prifender, organizations can better manage privacy and demonstrate accountability and compliance.
At Prifender, we developed capabilities that go to the heart of privacy management -- the control of the identities (data subjects) that make up the privacy obligations for the organization.
Prifender provides users with a practical way to view, control, report and query data to meet privacy obligations, key performance indicators, and review the activities that take place over millions of identities.
Using Prifender, enterprises can prove their regulatory compliance, avoid fines and improve customer satisfaction.
We are a London-based charity. We investigate the secret world of government surveillance and expose the companies enabling it. We litigate to ensure that surveillance is consistent with the rule of law. We advocate for strong national, regional, and international laws that protect privacy. We conduct research to catalyse policy change. We raise awareness about technologies and laws that place privacy at risk, to ensure that the public is informed and engaged. To ensure that this right is universally respected, we strengthen the capacity of our partners in developing countries and work with international organisations to protect the most vulnerable.
Dedicated resources to assist clients in development or enhancements of their privacy and data protection programs. We specialize in areas such as GDPR, HITECH and GLBA preparation, defining metrics and measurements based on your company's operations, locations and type of personal data collected.
International data transfers are a function of many business operations, Privacy International, LLP has extensive experience to achieve or enhance organizational compliance and improve the customer experience. Our methodology is that every client shall be treated with integrity, dedication and awareness of the business goals.
The Privacy Laws & Business Recruitment Service has been running since 1997 with an unrivaled success rate. It was established in response to clients who were unable to source specialist data protection and privacy professionals through generalist recruitment agencies. Now many organizations with data protection and privacy vacancies come straight to Privacy Laws & Business.
Privacy Laws & Business specializes in placing skilled data protection and privacy staff in permanent or contract positions, including short term projects. We can recruit for all types of vacancies ranging from global, Europe, Middle East & Africa and UK roles.
Having established a leading presence in the data protection and privacy recruitment market we offer an unrivaled service to our clients. We have become market leaders because unlike other recruitment agencies, we understand data protection and privacy.
PRC is a California nonprofit corporation with 501(c)(3) tax exempt status. Our mission is to engage, educate and empower individuals to protect their privacy. We identify trends and communicate our findings to advocates, policymakers, industry, media and consumers.
Privasee Ltd is the UK subsidiary of Privasee EU an exciting and innovative GDPR and Data Protection compliance solutions provider. GDPR is a favourite buzzword for many vendors and consultants, but where are the practical plans? Privasee has a great answer. A critical gap that Privasee intimately understands and fills, with expertly designed Privacy Impact Assessment tools, templates and processes, partnered with flexible SCORM compliant training. Most importantly, Privasee solutions enable you to quickly show concrete progress towards compliance, but also flex your approach as UK Data Protection requirements and GDPR benchmarks crystalize.
Promontory’s privacy and data protection team draws upon a unique combination of regulatory, industry, and consulting expertise, resulting in practical, workable solutions that will allow your organization to meet regulatory requirements. We advise clients on the collection, use, transfer, and storage of data — across multiple jurisdictions and industry sectors.
RADAR is an award-winning incident response management SaaS solution used by leading organizations to reduce risk and simplify compliance with data breach laws.
Reduces Breach Risks
RADAR reduces breach risks across your organization by identifying and analyzing where and how incidents are occurring.
Ensures Consistent Assessments
RADAR uses its patented Breach Guidance Engine™ to help you decide whether an incident is a notifiable breach.
RADAR streamlines how you manage security incidents by creating a more efficient workflow that allows multiple users across the organization to collaborate.
RADAR stores documentation and reports in a central repository, so you can easily access information for regulators and senior management.
RELX Group is a world-leading provider of information and analytics for professional and business customers across industries.
Our goal is to help our customers make better decisions, get better results and be more productive. We do this by leveraging a deep understanding of our customers to create innovative solutions which combine content and data with analytics and technology in global platforms. These solutions often account for about 1% of our customers’ total cost base but can have a significant and positive impact on the economics of the remaining 99%.
The Group serves customers in more than 180 countries and has offices in about 40 countries. It employs approximately 30,000 people of whom half are in North America.
The Resilient Incident Response Platform (IRP) enables faster and more effective response through the orchestration and automation of IR processes. It works seamlessly with the prevention and detection systems you use today to create a central hub for IR management.
With Resilient, your team is proactive, coordinated, and intelligent. Whether you’re in a complex Security Operations Center or small to mid-sized team, you’re well-prepared to manage and resolve security incidents and business crises every day.
Resilient is an IBM company.
Consultancy in privacy, assessment, audit and declaration of compliance within EU privacy directive, ISO 2700x-standards and more. REVI-IT is a state authorized accounting firm, specializing in audit work within IT.
root9B’s product technology provides real-time hunt, assessment, and analytic capabilities crucial to breach prevention, predictability, and defense. Our products, services, and platforms are a vital and empowering complement to a complete, proactive information security solution.
ORION is root9B’s Active Adversary Pursuit (HUNT) operations platform. The ORION platform has been deployed in Fortune 500 networks to conduct global HUNT operations. Based on a strategy of active network defense, adversary pursuit, and threat deterrence, this platform provides cybersecurity professionals with an aggressive capability to conduct remote active defense operations throughout a client network.
ORKOS is root9B's credential assessment capability. ORKOS identifies exposed credentials that can lead to major network breaches by allowing an attacker who compromised one system to take over many more. ORKOS combines comprehensive data collection, advanced logic, and cutting-edge visualization to identify the critical links attackers will exploit during a breach. It characterizes both the immediate risks and higher-order effects to show the total impact of credential theft within a network. ORKOS can also simulate a client’s network environment to support pre-exploitation remediation and mitigation actions.
DAEDALUS is root9B’s advanced cybersecurity training, exercise, and development environment. The DAEDALUS cyber operations range is a robust simulation platform supporting comprehensive cyber force training, tactics development, and capability testing. This tailored, agile, and modular platform supports complete cyber force certification and validation of full spectrum courses of action driven by the specific needs of commercial, government, and critical infrastructure market segments.
Parent company: root9B Technologies
Secure Digital Solutions is a private consulting firm that helps companies build strong information security and privacy programs around clear priorities—for confidence that can be measured. Based in Minneapolis with certified experts in privacy, security and compliance, SDS serves clients across the nation in highly regulated industries including health care, financial services, energy, government services, food distribution, and education.
SecurityHeadhunter.com is an Executive Search Firm specializing in the recruitment and placement of Information Security and Risk Management talent with clients throughout the U.S.
Whether you are an Employer in need of security talent or a Security Professional looking to develop a confidential relationship with a Security Recruiter, we encourage you to discover how our 10+ years of Security Recruitment experience can work for you.
SecurityRecruiter.com specializes in direct security recruiting for Global Information Security, Cyber Security, Corporate Security, High-Level Physical Security, Converged Security, Risk Management, IT Audit, Global Privacy and Global Compliance talent.
Discover the security posture of any third-party vendor or business partner. Validate vendor security questionnaires, prioritize onsite visits and penetration tests. Receive immediate alerts when new risks occur in your vendor ecosystem. Collaborate with your vendors to remediate their security issues.
Security Ratings For Your Entire Business Ecosystem
- Harness data breach predictive capabilities
- Improve your ability to meet regulatory requirements
- Measure the impact of your security investments
- Broaden risk analysis beyond IT infrastructure
- Track third-party SLA adherence
- Receive Complete Visibility Into Third- and Fourth-Party Risk
signatu.com is currently in beta.
Legal advisor for cybersecurity and personal data protection.
SmartDraw helps you create over 70 different types of diagrams. SmartDraw contains all the needed data flow diagram symbols and easy-to-use templates that help you get started. Stamp shapes to your drawing area and connect them easily with keyboard shortcuts or intuitive commands located on the SmartPanel to the left of your drawing area.
You can even nest different levels of data flow diagrams by using SmartDraw's hyperlink function.
State Farm is a family of insurance and financial services companies that together serve tens of millions of customers in the U.S. Our many lines of business together offer over 100 products.
Teleperformance connects the biggest and most respected brands on the planet with their customers by providing customer care, technical support, customer acquisition, digital solutions, analytics, back-office and other specialized services to ensure consistently positive customer interactions. When your customers contact you or vice versa, we are there to support them and make sure they have a unique experience with your brand in all channels.
By bringing together technology, advanced statistics and customer interactions, we transform data into opportunities. Our smart and tailored solutions predict customer behavior and define the best strategy for your company.
Teleperformance Internet Interactions offers a comprehensive suite of services that are fully customizable and capable of fulfilling client requirements by lines of business, segmentation, operating systems and devices.
e-Performance is Teleperformance’s solution to engage, interact and connect your brand with your customers using all social media channels. We help you get the most out of social media. We help drive customer satisfaction Using a combination of customer knowledge and engagement, our 3-part solution helps drive customer satisfaction.
Lauren Reid of The Privacy Pro is a global privacy compliance expert, providing a range of services to clients around the globe with a focus on BCR and GDPR. Lauren has over 10 years in privacy and data protection, in client service and as an in-house privacy officer. She has in-depth knowledge of privacy laws, as well as technical expertise and the operational experience to implement programs. Lauren is the co-author of the leading methodology for privacy accountability reporting (Nymity Privacy Management Accountability Framework™ and Data Privacy Accountability Scorecard™); and frequently speaks and publishes thought leadership on demonstrating compliance and operationalizing privacy. Lauren is based in Toronto and London; she is available for short or long term consulting projects anywhere in the world.
Responding to a Data Breach
If an organization has been the victim of a data breach, we provide rapid and comprehensive incident response under the protection of the attorney-client privilege. Our firm will triage the incidents to counsel clients on the appropriate response. Often an organization will be able to resolve data security incidents without litigation or even public disclosure, through experienced understanding of applicable statutes or through strategic engagement with regulators. The legal components of post breach response are varied and complex and may include:
- Notification of Affected Individuals
- Law EnforcementForensic Investigation
- Notifying Insurer
- Public RelationsLitigation
A ProactiveApproach to Cybersecurity - Privacy, Information Security and Cybersecurity Posture Improvements
Trenam offers clients a comprehensive look at the organization’s information management and security practices, and recommends necessary steps to not only comply with the law but to ensure greater protections by implementing best practices for the organization’s particular business sector. This includes design of protocols for data security, sharing and use of data, e-discovery readiness, and records retention, among other things. We can help organizations formulate or revise privacy policies to comply with new laws or adjust to new technologies or changes in operations. Most importantly, we can act as a vital part of an organization’s team that includes C-level, technology, human resources, and public relations professionals.
TRUSTe powers privacy compliance and risk management with comprehensive technology, consulting and certification solutions.
We have nearly 20 years’ experience across all industries and a team of more than 150 professionals developing innovative solutions to address global regulatory and data protection requirements that govern the use of customer and employee information.
Our award winning Data Privacy Management Platform addresses all phases of privacy management including program development, data inventory, risk assessments, monitoring, and compliance reporting.
Companies worldwide rely on TRUSTe to demonstrate compliance, minimize risk, and build trust.
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, we enable businesses to transform the way they manage their information security and compliance programs.
Military Grade Encryption Meets Consumer Ease of Use
Virtru integrates strong encryption directly with the applications you use every day to make it easy to protect your information. Whether for regulatory compliance, security, or corporate privacy, Virtru Pro is the easiest way to secure your data.
With Virtru, you can choose when to keep your digital content private and secure even after it’s shared online. Manage and revoke access to emails, photos, files and other content at any time, right from within your favorite programs like Gmail and Outlook on your desktop or on your iOS or Android smartphone.
The TDF is an open standard for securing content of all kinds. Virtru gives everyone the power of the TDF by integrating it with the tools you use every day, like Gmail and Outlook.
Unlike traditional processes which may simply move data effectively, Wizuda moves data effectively and with GDPR compliance built-in to its core. Wizuda also delivers the vital reporting layer that proves GDPR compliance has been achieved, and in line with the overall GDPR culture of accountability.
Wizuda is a fully market-ready, off the shelf SW solution, with rapid implementation timescales (10-15 days), total backwards compatibility with legacy systems, and full training and configuration support provided during the setup project.
Join the Index
Don’t see yourself on the list? This is truly an early effort at recording the players in the field of privacy and we would appreciate to hear from anyone who would like to be included. If you are interested, please send an email to IAPP Publications Director Sam Pfeifle at email@example.com.
Locations have been determined by location information on company websites. If your organization operates in countries not included here, please email a complete list to firstname.lastname@example.org.