Profile: As the leading player in a field your firm created, it's important to find ways to continue standing out above the also-rans. Leveraging technology to ensure that your client's critical financial data is as secure as possible is a potentially critical business differentiator when evaluating service providers. With this in mind, this New York City based financial organization engaged with CIS to provide quarterly security audits and remediation supervision.
Technical Challenge: Provide regular top down security audit services and play a supervisory role while the in-house team remediates discovered flaws. Then re-test.
Solution: CIS' team of Network Security subject matter experts performs a white-hat security analysis on a quarterly basis, from which a broad report is created using an actionable prioritized list of findings, as well as a detailed non-technical summary. CIS provides a unique deliverable by including not only findings, but analysis of why a finding is critical, and the necessary steps to eliminate the problem.
CIS' Security Audits typically include both internal and external network penetration testing and vulnerability scanning, as well as more entertaining efforts such as end-user "spear-phishing" simulation testing and physical security breach testing on a periodic basis. End-user facing best practices seminars are conducted bi-annually to help reinforce security policies and proper procedures.