Black Hills Information Security: One-Stop Information Security Shop

Black Hills Information Security: One-Stop Information Security Shop

CIO VendorJohn Strand, Owner & Security Analyst
Breaches of valuable information within the financial sector and capital markets have become a nearly daily occurrence. Now more than ever, companies are looking for firms to forestall risks and help predict security vulnerabilities. BHIS, a firm based in the beautiful Black Hills of South Dakota is well positioned to address these needs by predicting attacks and educating customers on their risk factors and how they can mitigate future losses. Likely areas of compromise are uncovered when BHIS simulates sophisticated attacks targeting the company. These attacks are called penetration testing. Even if a company has trained security and IT staff, these attacks help a company understand just how easily they can be compromised.

BHIS takes the automatic reports that many penetration-testing companies often give to the customer alone and supplement those results with a reproducible methodology for IT team and a readable executive summary for decision-makers. “We invest time and effort in doing penetration testing and removing all the vulnerabilities that organization needs to address,” says John Strand, Owner and Security Analyst, BHIS. By implementing automated tools with the client’s architecture, BHIS performs full in-depth analysis and high-quality work for every single customer. “We perform overall gap analysis as well as invent and implement various custom hours,” adds Strand. The company offers a full report stating what components of the customer’s architecture are effective and ineffective while also suggesting the next step to forestall the advanced attacks. Their focus is predominantly evaluating IT infrastructure to understand and mitigate their vulnerabilities.

In addition to the industry recognition for raising the bar on pen-testing standards, BHIS also continues to work on research and developing non-standard defensive technology that is effective in stopping highly targeted attacks.


We invest time and effort in doing penetration testing and removing all the vulnerabilities that organization needs to address


More information about these different pieces of software is available on their website and also available for use free of charge.

BHIS’s Real Intelligence Threat Analysis (RITA) project is a new initiative in the defense technology arena through which the company works to stop real world attackers. “We develop cyber deception technologies and offer products that enable our consumers to make their network a difficult target as well as track the attackers,” explains Strand. In addition, the firm offers Active Defense Harbinger Distribution and Reader (ADHD) stack, which comprises of various tools that are aimed at active defense and is built with the purpose of assisting defenders with the befitting products and solutions.

BHIS’s Red Team Engagement Module helps organizations that are fairly mature in their security development lifecycle process. “We perform Black Box Testing for these organizations and they benefit a lot from the Red Team,” says Strand. “We do this assessment for companies to help them learn important lessons and quickly implement them in their security measures.”

BHIS has served many organizations across the globe ranging from financial institutions, government agencies, healthcare services providers, and a large percentage of Fortune’s top 100 companies. The company’s laudable clientele adds credence to its business philosophy— giving exclusive attention on a customer at a time to deliver high quality solutions based on their specific needs. “The key behind our success as a security company is to effectively communicate the risks to our clients and assist them to understand where they need to be in security development lifecycle,” concludes Strand.