Cyber Security Assessment

With email hacking, website attacks, and identity theft happening by ever more sophisticated means, the importance of cyber security for financial institutions - banks, broker-dealers, financial planners and advisors has intensified. In response, the SEC has recently announced an initiative to assess risk in such organizations for their processes for protection of customer data.

La Meer Inc. can help you be prepared for Cyber security Examination with our comprehensive cyber security assessment services that cover the areas that OCIE (Office of Compliance Inspections and Examinations) has specified.

Our Cybersecurity assessment services cover the following. These can be done conducted as individual assessments or as a package based on your priority.

IT Infrastructure Assessment
  • Make an Inventory of Hardware , Software, Networks, Vendors and the application areas
  • Record your current process for management of the infrastructure, customer information, access rights, security management and identify gaps
IT Policies and Procedures Assessment
  • Assess current policies and procedures
  • Documentation of information gathered from Assessment
  • Provide a list of gaps, insufficiencies, lack of documentation that need to be corrected
Incident Management assessment
  • Assess your incident management process for Incident recording, escalation, response management for previous events, analyse types of incidents, frequency and remediation methods adopted
  • Documentation of information gathered from Assessment
  • Provide a list of gaps in the process
Business Continuity and Disaster Recovery Response Assessment
  • Assess all the systems and processes and their Business Continuity practices as well as their Disaster Recovery Management plans
  • Verification of knowledge of the disaster recovery plans and test actual readiness of the organization in case of a disaster
  • Documentation of information gathered from Assessment
  • Provide a lit of gaps where practices need to be updated, corrected
Client Data Management and Access Assessment
  • Assess all the systems and processes that handle client data
  • Record of access rights to different users, control mechanisms to manage / revoke access to information, logs of access, list of access to areas that are not connected with the users’ job role
  • Identify risk areas where client data can be taken out of the system thru downloads and other transmissions
  • Security for clients SSN and other personal data that could be misused in the wrong hands
  • Online security and protection practices
  • Documentation of information gathered from Assessment
  • Provide a lit of gaps where practices need to be updated, corrected
Outsourced Vendor Security and BCP Assessment
  • Assess all the vendors who handle client data
  • Assess their security management processes, user access, incidents and mitigation management processes
  • Verify Vendor’s Business Continuity Plans and Disaster Recovery Plans
  • Verify preparedness of vendors to manage Business Continuity issues
  • Verify preparedness of vendors to prevent network security issues
User Access Rights Assessment
  • Access Rights Policies and adherence to defined policy for access rights
  • Violations and resolutions management
  • Detection of Unauthorized activity
  • Customer Data protection assessment
Systems Vulnerability assessment
  • Network, hacking and protection in place