About 2-sec

2-sec provide a specialist range of security testing and consultancy services.  Our ethos is to employ the best, deliver the best and never to oversell or promote services that you simply do not need, or cannot support.  We have assisted a number of clients in the finance, retail, health, service provider and hospitality sectors, from small medium enterprises to FTSE-100 companies, and specialise in risk reduction and data loss prevention, through the implementation of risk, security and compliance initiatives.  Our ongoing mission is to deliver cost-effective, honest and independent advice, through superior quality and consultant-led services.

Through our pioneering Virtual CISO service, 2-sec ensures you have regular access to highly skilled and in-demand security professionals, anywhere, anytime, whom will help drive your security posture forward in the most cost-effective and efficient way possible.

An experienced name you can trust

2-sec are one of Europe’s leading QSA / PA-QSA companies and have worked with PCI DSS since 2004.  We bring very strong experience to the table and blend with a pragmatic approach, understanding full well that some security implications and controls can bring business to a standstill if implemented with academic intent.

  • Information and Data Security consulting since 1998
  • Professional penetration testing since 2000
  • PCI DSS audits since 2004
  • PA DSS audits since 2008

Security should not be an unsurmountable obstacle and there are many positive ways in which information security can bring business benefits to a company, improving reliability, integrity and uptime as well as providing cutting-edge data protection and a functional cyber defence strategy.

Why choose 2-sec as a QSA?

We have had solid experience of PCI DSS since it hit Europe and indeed the world in 2004.  Before that, we have worked on Visa CISP, MasterCard SDP and American Express DSOP standards (which combined to form PCI DSS when their respective card scheme owners formed the PCI SSC).

What sets us apart from other QSAs?

  • We will give you upfront, straight and unambiguous answers
  • We can offer a flexible risk based approach to compliance
  • We’ve been working with PCI DSS for 8 years
  • We save you time, money and minimise the impact of compliance on your internal resource
  • We enjoy what we do and take great pride in customer satisfaction and service

We have been on the PCI DSS “journey” longer than most banks, service providers and merchants, having helped hundreds of entities meet their compliance objectives and converting many along the way to live and breathe information security, instead of just paying lip service.  We help entities close the compliance and security gap.

Our manifesto

We guarantee:

  • You get the best possible value out of your existing systems, policies, processes and suppliers.
  • The impact of projects on your staff is minimized.
  • Through Constant Project Management, an updated status of your project at any point in time.
  • That we help you build the most efficient, solid and resilient security framework.
  • The greatest level of support you would receive from any consultancy anywhere.

We won’t:

  • Rewrite your rulebook from scratch.
  • Make empty promises of grand results if we are not positive we can live up to them.
  • Sell or recommend you anything that does not truly integrate with your business and risk profile.

Our history

2-sec was founded by Tim Holman, whom has over 16 years experience in the industry and has managed security practices at Dimension Data and Top Layer Networks prior to involvement in Europe’s first QSA, One-SEC in 2005.  Following One-SEC’s successful acquisition by Trustwave, Tim has set up security practices at QCC and Blackfoot and now takes the helm of 2-sec as CEO.  Tim is very active in the security community and is also current President of ISSA-UK (Information Systems Security Association), the UK’s largest independent association of security professionals (over 1,700 members).  The ISSA-UK run 30-40 events each year, to help members stay up to date with emerging threats, new technology and learning about alternative ways to solve the security paradigm.  He has held the Microsoft MVP award for 3 years running and holds an honours degree in Environmental Science.