Every week, we hear about a new cyber attack on an organization’s technology infrastructure costing billions in repairs, lost business, reputational damage, and stolen client data.
Regulators concerned about the danger posed to clients, firms, and the broader economy are weighing in with new cyber risk rules and frameworks at both national and local levels. This means cyber risk is no longer the sole responsibility of the IT department, but one that belongs to risk and compliance teams as well.
Cordium’s team of experts can assist organizations and private equity firms looking to manage portfolio cyber risk in a number of different ways:
Every week there is a new headline about a cyber event – in the news and social media. These attacks on the technology infrastructure of organizations cost billions in repairs, lost business, and reputational damage. The target may be money or data – or both.
Regulators — concerned about the danger posed to clients, firms, and the broader economy – are weighing in with new cyber risk rules and frameworks at both national and local levels. This means cyber risk is no longer the sole realm of the IT department. Risk and compliance teams must step up to the challenge.
Cordium helps organizations manage the risks they face through their use of technology and use of third parties. Cyber risk is now a part of normal regulatory compliance – from data protection rules to third party relationship requirements.
Private equity organizations now need to better understand the cyber risks inherent in the portfolios of companies they invest in, as well. These companies may be from a wide range of industries, and face a variety of different kinds of cyber threats.
Cordium’s team of experts can assist organizations in a number of different ways:
- Vendor Selection
- Vendor Ranking
- Due Diligence
- Performance review
- SSAE 16/18 Review
- Application Policy
- Application Standards
- Code Review
- Application Security
- Mock Regulatory Exam
- Incident Response
- Cyber Resiliency
- Ongoing Support
- Strategic Plans
- Awareness Training
- Security Program
- Security Policy
- Security Procedures
- Security Standards
- NIST Cybersecurity Framework
Cordium helps organizations better understand their cyber risks and vulnerabilities, and develop a practical and achievable Cybersecurity Strategic Plan to mitigate them.
Cybersecurity Risk Assessment
Cyber risks, threats, and potential impacts are assessed through key leadership team interviews – either individual or workshop-based. The organization’s information security policies are reviewed against the NIST Cybersecurity Framework, applicable regulatory requirements, and leading practices.
Cybersecurity Controls Analysis
Cybersecurity Strategic Planning
GDPR - General Data Protection Regulation
The European Union’s General Data Protection Regulation (GDPR) comes into force on May 25, 2018. It will have a significant impact on any organization housing or servicing data of European residents, irrespective of where that institution is based.
PRIVATE EQUITY SERVICES
Cordium’s experts will assess the cyber risk programs of private equity portfolio companies and provide a report for the investment portfolio.