Challenge
The firm wanted to understand its information security posture and enhance its ability to protect its most valuable assets in light of the media coverage of the increasing focus on investment management firms as targets for cyber crime. It also wanted to prepare for upcoming scrutiny based on the cybersecurity Risk Alert issued by the SEC’s Office of Compliance Inspections and Examinations (OCIE).
Solution
UnitedLex deployed a team of cyber risk experts to perform a Critical Data Asset Risk (CDAR) Assessment consisting of three phases:
-
Phase I – Strategic Collaboration
-
Phase II – Critical Data Asset Identification
-
Phase III – Assess Vulnerabilities and Threats to Critical Data Assets
Impact
UnitedLex identified the critical data assets within our client’s technical infrastructure and delivered a detailed analysis of the client’s current security posture including:
-
Susceptibility to social engineering attacks due to their increased use in the financial services sector
-
Contextual analysis from internal and external vulnerability scans
-
Documentation of, controls for and compliance to, information security processes and procedures
We provided customized information security awareness program based on the results of the CDAR Assessment.