Cyber Security Advisory
There was a time when cyber-attacks were rarely heard of and we knew of only a handful of companies who were victims.
In today’s time, cyber-attacks have become very common. Almost every week we read about a company’s data being breached and sold on the Dark Web or the systems being hacked and hackers extorting ransom to give the controls/data back to the company.
Why Cyber Security Framework are Unique
1. Each industry and each enterprise within it will have differing priorities..
2. Each Application and each database/server is uniquely configured
3. Each hacking technique is unique in some way.
4. BFSI should adopt leading framework to evaluate their preparedness
➢ Example RBI directives to Banks in India.
➢ Cyber Security must be DIFFERENT & SEPARATE from the banks regular Technology & IT Security.
5. ISO 27 K best practices. ISO 31000 implementation or COSO 2013 guidelines adherence, as you move towards certification
Riskpro has a team of more than 12 information security professionals who have deep cyber security and information security experience. Riskpro has done more than 150+ SSAE/SOC1 and SOC 2 audits, all of which require assessment of a company’s security practices. Riskpro and its team members have executed several Information Security, Data Protection Assessments. Riskpro has adopted AICPA, CSA, NIST and other leading framework to evaluate and assess cyber security measures. Our risk management experience helps to identify security loop holes and to help mitigate these.
Cyber Security Risk - How Riskpro can help
AICPA Cyber Security Risk Management Framework
Cyber Security Policy
- Develop board approved Cyber Security Policy and Cyber Crisis Management Policy
- Establish governance to address cyber risks
- Align to Best practices
Inventory of Cyber Risks
- Develop Risk register specific to cyber threats
- Identify gaps in network security and IT access control risks
Continuous monitoring (SOC)
- Perform independent Cyber-Risk audit services assessment
- Support on SOC operations.
- VA/PT services
NIST Cyber Security Risk Management Framework
Cyber Crisis Management Plan
- Board approved CCMP
- Testing of CCMP on an annual basis
- Diagnostic gaps in Crisis Management Framework
Cyber security indicators
- Develop Key Risk Indicators to track risks and preparedness
- Periodic audit of cyber threats and report testing to Risk Committees
Cyber-security awareness Trainings
- 2 Days awareness trainings across Institution
- Online E Learning modules for mass awareness
- Reasonable training fees per participant or per day rates
What and Why of Cybersecurity Audit
WHAT IS CYBERSECURITY AUDIT
- 2-3 days comprehensive review of your cybersecurity controls to determine gaps in your cybersecurity framework
- We use leading frameworks such as NIST, CAIQ, AICPA, RBI etc to determine your maturity level.
- Gaps are highlighted to the management along with recommendations
- Two readiness / compliance audit report are issued
- Summary Report that can be shared with customers
- One page certificate for customers
- Detailed for internal use
HOW DOES IT HELP YOU
- For a small fee, you get a full visibility in the gaps that your systems
- You get to benchmark yourself to global standards
- You get a tangible report / certificate that you can share with your clients.
- You proactively manage cyber risks and prevent cyber security incidents
To know more contact us at firstname.lastname@example.org