headProactiveRISK Consultants provide mission support services to global clients. Knowledgeable in the latest computer security and networking trends, ProactiveRISK Consultants are trained to advise clients how to get the most out of their technology investment. Several ways in which ProactiveRISK Consultants achieve this are as follows:

People1. Providing external, objective advice. An outside consultant can provide advice on how to proceed with various technological changes, upgrades and other choices that affect a business and its daily operations. A good outside ProactiveRISK Consultant does not bring to the table any bias or preference that may be seen with inside staff that may have personal reasons to cling to a given technology.

2. Offering specialized expertise. ProactiveRISK Consultants are trained to provide specialized expertise that may not be available within one’s own organization. Hiring an outside consultant gives access to his or her specialties without the costs involved with training in-house staff to perform the same duties.

3. Working as temporary staff. Businesses often have temporary, one-time project needs that do not require hiring staff on a full-time basis. Hiring outside ProactiveRISK Consultants for project work is typically more cost-effective than hiring permanent staff that may be underutilized in the future.

4. Outsourcing all or part of a company’s IT needs. Some companies may not have the budget nor the desire to hire in-house staff to provide for their IT needs. ProactiveRISK Consultants can make recommendations as to what can or cannot be outsourced; said consultants may also perform the services they recommend for outsourcing. For many businesses, outsourcing IT services allows them to focus on their core competencies instead of wasting time and effort on yet another infrastructure or security issue better suited to specialists.

Managed Services

Substantial service improvements and cost reductions are achieved through a proactive managed services model

Ethical Hacking

CATScan℠ (Comprehensive Accurate Testing & Scanning) is based on the co-authored Open Web Application Security Project (OWASP) Web Application Testing Methodology, National Institute of Standards 800-Series and exceeds the PCI Standards Council 3.0 Standards

Social Media Reporting

What are people saying about your company and brand? Are you the last one to know….. DON’T BE. Obtain Proactive awareness of Social Media exposure and risks to your business on Twitter, Facebook, Google+, Linked'IN and more!


Vote for Tom

*Updated* 25-Aug-2015 OWASP Foundation Inc., announced the 2015 International Board of Director candidates and I am throwing my hat in the ring again. I am requesting your support and vote this October 7th 2015 – WHY ME you ask…. BACKGROUND For over over 11 years I have been helping the OWASP Foundation and leading by example with adherence to policy, ethics and principals. Most recently I have served as OWASP’s Vice Chairman 2012-2014, I am asking for your vote and support for another 2 year term starting in 2016. When I first learned about OWASP it was 2001, I worked for an online

Read More…

Top Considerations for Incident Response

Being proactive about risk is taking the time to be concerned with the “what if” recently I contributed time to a collaboration to produce Top Considerations for Incident Response Incident response is a key part of any comprehensive security plan. However, many firms are not even sure where to begin to create an incident response process. This document provides a high level overview to get you started on preparing for incident response at your firm. IR Guidance

Top 10 Lists

I completed a presentation early this morning for the ILTA Legalsec conference exposing areas that law firms should pay closer attention to and found myself summarizing topics in to the Top 10 things you can do…  I blame this partially on David Letterman.  Seriously, when you have a large dataset it is usually the best way to summarize the message into a bite size chunk for the audience. If you spend time in software security you may already be familiar with the OWASP Top 10 of application security RISKS    The problem with Top 10 lists is the technology used by

Read More…

iGaming Online Gambling

Join Tom Brennan to discuss proactive security at the East Coast Gaming Congress Online gambling providers experienced an unprecedented number of adverse cyber events in 2014 represented an unprecedented number of adverse cyber events. Are these the growing pains of online gaming, or do these events signify a new frontier of casino risks? Industry leaders from the cybersecurity world will present a framework on avoidance and mitigation strategies against tomorrow’s digital adversaries. Wednesday & Thursday May 27-28, 2015 Casino & iGaming Industry Leaders Moderator: Williams Hughes, Esq., Partner, Cooper Levenson, Attorneys at Law Speakers: Tom Brennan, President, NYC Metro Chapter, Open Web

Read More…