The financial services industry is the second most targeted industry by hackers. It is also one of the most highly regulated. The huge amount of customer data and assets are tempting targets. Considered a critical infrastructure sector, the financial services industry is also a target of those who would like to disrupt the U.S. economy. The threat landscape continues to shift and evolve, as do regulations for banks, credit unions, insurance companies, lenders, investment managers, and financial advisors. Both Federal and state regulations require technical, administrative and physical safeguards to protect non-public information. Increasing scrutiny comes at the hands of the FFIEC, FDIC, NCUA, OCC, CFPB, SEC, FINRA and other regulatory bodies plus individual industry and state mandates and regulations such as the NAIC Insurance Data Security Model Law and 23 NYCRR 500.
As websites and mobile devices become the preferred service delivery platforms and more data is stored and accessed in the cloud, it is critical to consider the interdependencies of applications, third parties, and the security risks they may present. Securing and defending information and information systems increases in complexity as the environment changes. Simply meeting compliance requirements is not enough to address data and technology risks. A comprehensive approach is needed to manage the people, processes, and technologies that might compromise sensitive information.
We offer a wide range of security assessment and compliance services to help you take the proactive steps needed to secure and defend your organization and meet regulatory requirements.