Industry : Bank 
Location : USA
Cybersecurity Program & Remediation Strategy
The goal here was to help the client identify and mitigate potential cybersecurity risks in order to protect its information systems and assets
Foreign banking organization operating in NYC
-
32
Countries
-
€42.5B
Revenue (2018)
-
202K
Employees
-
600+
Branches & Business
A foreign banking organization was looking to strengthen their cybersecurity program to improve resilience and comply with US regulatory mandates (NYS DFS 23NYCRR 500).
A top-down approach was leveraged to assess business risks of a cyber event by identifying top threats and loss event scenarios Non-Public information (NPI) usage at the organization was then recorded. This was followed by reviewing applicable cybersecurity controls for design and operating effectiveness to determine the path of remediation initiatives required to fulfill regulatory requirements and reach the client’s target risk profile.
An enterprise-wide cybersecurity program was built out to align with industry leading practices and frameworks and increased the client’s cyber resilience through enhancements in management oversight, operational processes and technology.
Impact
- Insight into Non-Public information (NPI) usage at the organization
- Alignment on cyber risk scenarios relevant across the different functional units
- Improved security posture through an actionable remediation roadmap
- Improved business continuity
- Compliance with regulatory requirements
Fortify with Modern Security
Talk to ExpertsCase Studies
Control Assessment & AFIS and IRIS-based forensic product review
The engagement involved evaluating the client's security controls and policies, as well as assessing the effectiveness of digital forensic products based on Automated Fingerprint Identification System (AFIS) and Iris Recognition Integrated System (IRIS) technologies.
Forensic analysis of GDPR breach & Annual audit of control readiness
The engagement involved investigating and analyzing a security incident to determine the cause and extent of a potential data breach while the annual audit of control readiness involved reviewing the client's security controls and policies to assess their effectiveness in addressing potential security risks and compliance with relevant regulations.
Cybersecurity Technology Evaluation & Design
The engagement involved evaluating different vendors of intrusion detection and prevention systems and selecting the best solution to meet the client's specific security requirements.
Cyber Risk Map
The goal here was to develop a visual representation of the client's cyber risk exposure.
Cybersecurity Policies & Procedures Review
The goal here was to help the client identify gaps and areas for improvement across their existing cybersecurity policies and procedures.
Compliance Assessments
The goal here was to help the client comply with applicable cybersecurity and privacy regulations while ensuring secure handling of credit card information that aligns with PCI-DSS requirements.
