About AWA
AWA, a division of I.S. Partners, LLC serves as an extension of the controls-based CPA auditing firm and was formed in response to the growing market need for specialized information security services provided by skilled professionals with technical expertise.
Our IT security professionals have practical experience as leaders in the information technology field. They have worked hands-on as CISOs, information security managers, network engineers, IT project managers, as well as security and help desk professionals. AWA International Group utilizes cutting-edge methods and tools to keep your organization secure.
Visit AWAinfosec.com
Why Choose AWA?
The pentesters and cybersecurity professionals at AWA provide guidance in using a range of security frameworks and implementing controls that are best suited for your environment. We aim to fortify your organization’s risk posture and security standards. In conjunction with IS Partners, LLC’s established SOC practice, AWA and ISP offer a streamlined path to audit compliance and/or certification.
Examples Of Our Work
- Credit Card Payment Channels
Assessing Effectiveness & Efficiency of Credit Card Payment Channels
A leading North American insurance provider wanted AWA to do an analysis on multiple payment card channels used by the organization. The company wanted to integrate automated payment processes after making multiple acquisitions both domestically and internationally. AWA met with business process owners to understand the scope reduction efforts, such as network segmentation and tokenization. We also analyzed how payment cards are stored and identify strategies to narrow the scope and effort of complying with PCI. AWA also evaluated its technical security architecture and capabilities against best-practice controls used among cross-division security leaders. The results uncovered a suggested integration path and many previously unreported insights about the payment processes throughout the company’s technology landscape.
- Information Security Management System
Evaluating & Transforming the Information Security Management System
As a part of a security transformation, we helped the chief information security officer of a North American financial institution to evaluate their information security management system (ISMS) against the ISO27001 framework as well as their industry peers. The ISMS review was conducted through a series of interviews with key control process owners, walkthroughs of control processes, and review of policies, standards, and control artifacts to determine if key control processes were being performed. The recommendations provided from the assessment helped the company assess the maturity of their controls based on industry peers and improve their overall security posture.
- AWS Cybersecurity Breach
Rapid Response to AWS Cybersecurity Breach
One of our global clients, with headquarters in North America, had a data breach that contained card holder data (CHD). Attackers used a malicious JavaScript code (magecart) to skim and capture the client CHD. Logging and versioning were enabled, which helped the company identify the timeframe when the malicious scripts were in place and which sites were infected. AWA ensured that the incident response policies was followed to contact all affected parties by the company, as well as notifying and working with authorities. AWA worked with the company to establish a process to audit and alerts their Security Operations Center (SOC) when S3 buckets are setup.
