As more organizations increase their digitization they simultaneously increase the threat to their operations from cyber attacks. We work with organizations to assess their cybersecurity posture, determine the risk of that posture for the business, and develop a plan to maintain a level of risk that aligns with the business strategy. We also help to develop governance structures and ongoing advisory in the manner of virtual CISO services to track ongoing progress and cybersecurity posture.
Cybersecurity Risk
We assess the information and cybersecurity risks in the organization, often together with the technology and operations risks, and to develop means for communicating these risks to management and the board. Determining risk requires working with the technical and with the business teams, since risk must be considered in terms of business impact and likelihood. We help to define the governance structure appropriate to a particular organization along with metrics and other possible measures of the status, performance and maturity of cybersecurity within the organization.
Cybersecurity Assessment
We help to assess the level of information and cybersecurity protection within the organization and the compliance of those protections compared to international standards and government requirements. We have worked to assess compliance with NIST, CIS, and ISO standards, as well as to government requirements such as those for financial companies stated by bodies such as the Monetary Authority of Singapore (MAS), Hong Kong Monetary Authority (HKMA), and the UK’s Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA).
Cybersecurity Services
Where desired we work together with partners to deliver cybersecurity services and solutions appropriate for a particular organization. We can assist in choosing particular vendors and for overseeing how those are implemented to achieve the desired results.