The Silicon Review 50 Best Companies to Watch


June 2016 Issue

Exceeding Client Expectations with Innovative, Cost-Effective Security Solutions: BAI Security

silicon-review-michael-bruck

“With well over a thousand customers in highly regulated industries around the country, BAI Security is a trusted resource in the banking and finance, insurance, healthcare, utility, and other key sectors.”

Founded in 2007, BAI Security is a privately-held Illinois corporation with a long-standing track record of helping organizations identify their security risks, meet their compliance requirements, and protect their confidential information and intellectual assets.

Under the leadership of its founder, President and Chief Technology Officer, Michael Bruck, the company has grown to be one of the premier IT and Compliance Auditing firms with the United States. “The combination of superior methodologies, industry-leading technologies, and exclusively utilizing seasoned in-house auditors yields a level of exceptional depth and accuracy in our audits that competitors can rarely match,”
said Michael.

Working directly with board members within its client’s organization, security officers, as well as various industry regulators directly, BAI Security clearly understands the requirements of these various groups and tailors their cybersecurity solutions to their exact needs. This ensures the organization is not only compliant, but truly secure.

A Pure-Play Security & Compliance Firm

BAI Security is a pure-play security auditing and compliance firm. “What we are not is a consulting company with a broad range of services trying to be everything to everyone,” emphasized Michael. This allows BAI Security to be focused on being the best, most innovative, cost-effective solution in the industry. It’s this focus combined with its dedication to exceeding client expectations and innovative style that propels BAI Security as a leader in the field.

With well over a thousand customers in highly regulated industries around the country, BAI Security is a trusted resource in the banking and finance, healthcare, insurance, utility, and other key sectors. “At BAI Security, our mission and goals revolve around the customer experience. We want to ensure that organizations of all sizes, that are keenly serious about their security posture, have access to truly top-shelf audit and compliance services in the most cost-effective manner possible,” he added.

Service Offerings

BAI Security offers a plethora of services and they are as follows:

Breach Risk Assessment

The Breach Risk Assessment identifies potential weaknesses of the technology, policies/procedures, and/or personnel that could lead to system compromise and, ultimately, a data breach. The process to determine these weaknesses is an extension of core audit components, such as external penetration testing, email and phone-based social engineering, as well as in-person social engineering and physical access. However, the goal of the Breach Risk Assessment is not just to report on these vulnerabilities, but to combine these threat vectors to penetrate the environment, compromise front-line systems, and use those systems as pivot points to compromise other, more sensitive, systems and their data. This provides the organization with a better understanding of their true security posture and their potential exposure during a targeted attack.

IT Security Assessment

The security posture of a company is never static, because new threats are discovered throughout existing systems daily. Whether you’re bringing on a newly acquired organization, implementing a new application platform, implementing a new virtual environment, simply adding computers to the network or even leaving systems “as is”, new vulnerabilities constantly present themselves.

BAI Security’s IT Security Assessment options include:

  • Vulnerability & Penetration Testing
  • Social Engineering Evaluations
  • Firewall & Wireless Evaluations
  • Antivirus Protection Evaluations
  • Network Best Practice Evaluations
  • End-point Compromise Detection Evaluations
  • Rogue Device Detection Evaluations

Controls Audit
BAI Security’s Controls Audit verifies an organization’s existing controls against specific compliance standards. It has developed multiple controls testing methodologies based on industry standards, upcoming regulations, as well as industry best-practices.

Compromise Assessment
The company’s Compromise Assessment helps your organization to determine what malicious code exists within the enterprise through a short term deployment of highly-specialized, nonintrusive forensic software on all endpoints.

Threat Radar
Threat Radar is a 24/7 managed service that can find malware in real-time; even malware that is undetectable by traditional antivirus systems. It’s based on a new behavioral approach and can dramatically reduce the detection time of malware, so a breach does not have time to occur.

Social Engineering
Easily one of the most common ways organizations get breached is via Social Engineering. This is a critical component of any quality IT Assessment. As a nationally-recognized audit firm, BAI provides one of the most robust offering in the industry. The company has dozens of real-world scenarios used in actual breach activity or custom scenarios can be created to collect all types of sensitive data or where the end goal is to actually compromise an employee’s workstation and the network itself.

Key Differentiating Factors

The company stands apart from its competitors due to the following factors:

  • Thorough audits, leading edge security capabilities
  • Quality executive summary and technical reports, thorough and easy to understand
  • Competitively priced
  • In-house audit team – in-house experts rather than outsourcing work
  • Strong communication with clients, flexible service and helpful communication beyond the audit

Client Verticals & Big Clients

BAI Security’s major client verticals are Healthcare, Banking, and Finance. Some of its big clients are Boeing Employees Credit Union, SunTrust National Bank, Peoples Bank, Edwards Hospital, etc.

Client Speaks

“BAI Security has been our security consultant since 2004. They have worked with our company to ensure we are compliant and secure in areas of our network infrastructure, vulnerability management, best practices and social engineering. The BAI Security team has been professional, interactive with our teams and positively impacting to our growth. We highly recommend them.” – An Executive VP of IT

Present & Future Focus Areas

The company is currently focused on the best of breed IT Security audit tools and techniques while bringing emerging Cyber Security solutions and services to customers and the industry verticals of banking/finance and HeathCare.

Future focus areas include data storage assessment services and solutions, full-fledged IT Security plan consultation and development services, HIPPA Controls Evaluation and PCI compliant services.

Knowing the Key Executive

Michael Bruck, President and CTO – Michael has served as BAI’s President and CTO since forming the company in 2007. Under his leadership, the company has become a trusted security partner to more than a thousand organizations in regulated industries with the US alone. Specializing in governance, risk, compliance, and auditing services BAI Security has developed a solid reputation for cost-effective, market-leading, security services for the banking & finance sector, as well as many other regulated industries.

With more than 20 years of IT, business development, and customer relationship expertise, Michael has brought BAI Security from a fledgling IT services firm to a Cybersecurity Solutions innovator. Mr. Bruck has a passion for listening to the specific needs of his clients and combining that with his expertise with modern-day threats to develop industry-leading services that exceed those available in the marketplace today.

By still maintaining an active role in the field, working directly with BAI’s client base, Michael continues to look for new ways for his firm to help organizations protect themselves from modern Cybersecurity threats and exceed customers’ expectations.

“As a pure-play security services firm, we are focused on being the best, most innovative, cost-effective solution in our industry.”