SecurTec.Net

len.sutton@securtec.net   –   (480) 442-2249

 

 

 

Founded in 1996 by Len Sutton, Secure Technology Systems has assisted clients in planning, implementing, managing, and protecting their investments in information and information technology.  SecurTec has worked closely with organizations in the electronic payments, financial, manufacturing, distribution, utility, and government sectors in developing and implementing information systems, and management controls over the Information Technology function. 

 

Much of the company’s work is sold, managed, and performed by Len Sutton, however Len often partners with clients own management and staff, or with other professionals with whom he is personally familiar.

 

Our Services and Experience Include:

Security, Privacy, Compliance

  • Information Security Programs – developing, establishing operational effectiveness, evaluating, and improving information security programs for internal, hosted, and cloud-based IT infrastructures.
  • Managed Security Services – assisting clients in selecting, implementing, and managing MSS/MSSP operations and related service providers.
  • Payment processing - successfully assisted client in developing and operating secure payment solutions, and in implementing and validating security programs that successfully protect sensitive information assets and comply with leading credit card associations’ security programs, including PCI .
  • Security/Privacy laws – implemented and maintained compliance Federal (US and Canada) and state  regulations regarding information privacy – e.g., Gramm-Leach-Bliley, Sarbanes-Oxley, Patriot Act, and Canada's Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA).
  • Compliance Programs– Implementing and validating corporate-wide compliance programs in large public companies – i.e., SSAE/SOC 1/SOC 2//SOX/PCI/NIST.
  • IT Assessment, Strategic Planning, and Realignment - assisted clients in optimizing existing investments while positioning the IT resource to effectively support the business.
  • Internal Compliance and Augmentation – develop and improve compliance and internal control programs to meet the requirements of management, regulatory agencies, and key trading partners.
  • Third party/service provider management programs establish programs to manage organizational risks related to external services and providers.
  • Mobile Payment, e-Wallet, and Consumer Applications – provided oversight and validation of security and privacy-related features and requirements for highly successful mobile application products.

Disaster and Business Continuation Planning (DRP/BCP) - successful development of corporate-wide disaster recovery and business continuity plans for their IT infrastructure, and for all major business process.

 

 

Contact us and let us help:

SeurTec.Net

3960 Stilesboro Rd NW

Kennesaw, GA 30152

Len.Sutton@Securtec.net

(770) 380-2249

 

 

 

 

 

 

 

 

 

 

 

 

 

Len Sutton  - President

Secure Technology Systems

For over twenty years Len has assisted numerous large and medium-sized organizations in planning, implementing, managing, and protecting their investments in information and information technology.  He has held significant responsibilities in both Management and Consultant positions, while working with large-scale enterprises in a broad range of industries to address technology, organizational, procedural, and both security and overall quality assurance issues.  Mr. Sutton has significant experience in major corporate initiatives involving information privacy and data security, as well as Business Continuity Planning and Compliance. 

Len holds the certifications of Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA).   He has assisted numerous organizations in the electronic payments, financial, manufacturing, distribution, utility, and government sectors in developing and implementing information systems, and management controls over the Information Technology function.  Mr. Sutton has held senior management positions with broad responsibilities in large, publicly owned financial organizations. 

Recently, Mr. Sutton has been directly involved in successful, large-scale initiatives in the credit card, merchant acquiring, and merchant services sector - serving as Chief/VP of Security, Risk, and Compliance for some of this sector’s most established and successful providers.  During his tenure in this capacity, none of Mr. Sutton’s companies experienced a single incident involving the compromise or breach of their systems and networks, nor a failure to comply with the various government and industry regulations related to privacy and data security.

Before founding Secure Technology Systems, Mr. Sutton successfully served a large US Bank as VP of Information Technology - responsible for planning, implementing, and supporting the corporation’s entire IT infrastructure, and including 200+ retail banking locations, and 120 independent community banking companies located throughout the Southeast U.S.

 Mr. Sutton provided consulting services within the information technology consulting and audit practices of one of the world's largest professional services firms, Coopers & Lybrand (now PricewaterhouseCoopers/PWC).  Representative engagements include assisting over fifty organizations in defining and implementing effective management and security controls, and in re-aligning information systems infrastructures and business processes.

PROFESSIONAL EXPERIENCE HAS INCLUDED

Security, Privacy, Compliance

·                   For two major payment processors, successfully developed and oversaw all data security, privacy, and risk programs.

·                   Developed programs to assure corporate compliance with state and Federal (US and Canada) regulations regarding controls and information privacy, including Gramm-Leach-Bliley, Sarbanes-Oxley, Patriot Act, and Canada's Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA).

·                   Worked with Executive management, Internal Audit, and line management in developing policies and programs to implement, communicate, and administer compliance and security programs for the corporation, its clients, and its business partners.

·                   Responsible for developing and administering business processes to translate and communicate the numerous payment industry requirements to over seventy large retail merchants and payment gateways, for assisting these parties in their efforts to comply with these requirements, and for tracking and reporting of their progress.

·                   Worked closely with Federal law enforcement in numerous successful investigations and prosecutions of criminal activities involving computer systems.

·                   Led software and business process developments in the areas of security, risk management, and anti-fraud.  Developed functional requirements and defined business process in financial and payment transaction processes to assure the inclusion of adequate functionality and effective controls.

·                   For a major Regional Bell Operating Company, Mr. Sutton managed an extensive review of the internal controls over thirty accounting department sub-units, located throughout the company's nine separate state operations.

·                   For a large publicly held electric power utility, Mr. Sutton managed a review of the information security of all computing systems throughout the company's four-state region.  This review included assessing information security and general information technology controls of fourteen mainframe data centers, fifty minicomputer systems, and over one hundred local area networks.

Disaster and Business Continuation Planning

·                   For a large publicly held power utility, assisted in the successful development of a corporate-wide disaster recovery and business continuity plan

·                   Developed and administered a corporate business continuation program for six major business offices and operations facilities located throughout the U.S. and Canada.  The project also included the implementation of two concurrently operated processing facilities capable of providing assured availability of payment processing services to over 700,000 merchant locations.

IT Assessment, Planning, and Realignment

·                   For a multi-billion dollar chemicals manufacturer, Mr. Sutton led the development of an information technology plan to replace mainframe systems with significantly more cost-effective, distributed systems.

·                   Assisted a multi-billion dollar telecommunications corporation in developing plans to operate more effectively by converting their consolidating four regional data processing facilities into a client-server architecture with a single large central system serving user-located distributed systems.

 

·                   Performed technology assessment and assisted in developing a strategic business plan for a Banking sector data processing services organization serving the banking community in New York.  Project identified and assessed opportunities to leverage existing systems and infrastructure toward implementing additional services.

·                   For a major international telecommunication client provided IT consulting and project management for year 2000 compliance projects in the US and its international divisions.

·                   Assisted a mid-sized manufacturer of large industrial specialty vehicles in a project to review the adequacy of its current IT systems and operational procedures.  Project resulted in significant improvements in controls over inventory and procurement, and in the accuracy of accounting systems.

·                   Directed technology planning for a $1.5 billion textile and garment company in a project to integrate a major, newly acquired division.

Government and Public Sector

·                   For the State of Georgia, conducted engagements to review and improve the IT systems and management controls in several major state agencies, including the Department of Revenue, Department of Health and Human Services, Department of Transportation, and Board of Regents.  Projects resulted in significant steps to improve effectiveness of governmental systems and operations.

·                   Assisted a large municipal utility in developing a comprehensive information systems plan addressing all major services and functions of the organization, including customer billing, electric generation and sales, water and wastewater operations.

·                   Assisted both public and private higher education clients in assessing and planning and implementing campus-wide systems.

Professional

·                   Certified Information Systems Auditor - CISA.

·                   Certified Information Systems Security Professional  - CISSP

·                   Lead Editor and Contributing Writer - Handbook of IT Auditing  Warren, Gorham, & Lamont - publisher

·                   Information Systems Audit and Control Association (ISACA)- Member

ISACA is a globally recognized professional organization, whose membership are professionals in information security and controls.  http://www.isaca.org

·                  InfraGard – Member - InfraGard is an information sharing and intelligence program jointly sponsored by the US Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS).

 

 

Contact us and let us help:

SeurTec.Net

3960 Stilesboro Rd NW

Kennesaw, GA 30152

Len.Sutton@Securtec.net

 

(770) 380-2249