Cybersecurity Advisory & Compliance Services

Cybersecurity Advisory
& Compliance Services

At its core, cybersecurity is the combination of People, Process and Technology working together to protect the Confidentiality, Integrity and Availability information assets that make your business function.

In 2016, nearly 25% of all cyberattacks* with confirmed data and financial loss impacted small and medium financial services companies. In each incident, the average cost of remediation was $154 for every compromised customer record.

Richey May’s cybersecurity advisory and compliance services help financial services organizations address their People, Process and Technology to achieve compliance and reduce risk.

 

*2017 Verizon Data Breach Report

Resources

Richey May is committed to staying on top of current trends and hot topics within your industry. As part of that commitment, we offer a number of resources to help our clients stay ahead of the competition.

 

 

  • WEBINAR: 2018 TRENDS IN CYBERSECURITY AND TECHNOLOGY

    In March 2018, we hosted a webinar to discuss the cybersecurity and technology trends for 2018, including what mortgage banking companies need to know to keep their financial and consumer data safe. Topics included: The current cybersecurity landscape, new compliance requirements impacting mortgage bankers licensed in the state of New York, combating e-mail phishing and wire fraud, security in the cloud (yours or theirs), and efficiency and enhancement trends in cybersecurity.

    Watch the recording

  • Richey May Articles

    CYBERSECURITY AND THE EVOLVING DEMANDS FOR CISOS

    Richey May’s cybersecurity advisory and compliance team developed a white paper to help mortgage lenders better understand the cybersecurity landscape, the regulatory and legal requirements impacting your business, and the critical role a qualified CISO plays in your comprehensive cybersecurity strategy.

    Download the pdf

  • CRYPTOCURRENCY, CYBERCRIME AND CLOUD SERVICES: SIMPLE MISTAKES CAN HAVE CONSIDERABLE IMPACT ON ORGANIZATIONS

    The rise of cryptocurrency has certainly not evaded the notice of cybercriminals. And while ransomware with the demand of payment in cryptocurrency had been the method of choice to benefit from the increase in these currencies’ values, tactics have evolved to include cybercriminals hijacking entire computer platforms to silently mine Bitcoin on victims’ cloud environments.

    Read our blog post to learn about this “cryptojacking” and the story of Tesla’s unfortunate attack.

  • FIRST DEADLINE APPROACHING FOR NYDFS CYBERSECURITY RULE

    For those lenders licensed to do business in the state of New York, the first deadline for the NYDFS Cybersecurity Rule is February 15th. Read our blog post to help you understand the standards set forth by the NYDFS and what you need to do to be in compliance.

  • MELTDOWN AND SPECTRE: ARE YOU AT RISK?

    On January 3, 2018, Google security researchers announced that they had discovered a number of cybersecurity vulnerabilities that impact machines using Intel and other hardware vendor devices, such as mobile devices running iOS and Android.

    Is your organization at risk? Read our blog post to learn more.

Services

Cybersecurity Assessment Services

  • Review of current policies and procedures
  • Review of current technical controls
  • Review of current staff
  • Review of alignment with regulations such as GLBA, NYDFS, GDPR, PCI-DSS
  • Third party vendor risk management, in alignment with FTC and CFPB guidelines
  • Cybersecurity maturity & posture review

 

Cybersecurity Security Awareness Training

Tailored remote and onsite training focused on:

  • Phishing
  • Mobile device security
  • Passwords
  • Malware
  • Regulations such as PCI-DSS, NYDFS, GLBA
  • Physical security
  • Trends and how to identify threats

Cybersecurity Policy Advisory and Audit Readiness

  • Development of policies and procedures to meet regulatory requirements
  • Development of cybersecurity strategy that aligns with business expectations and goals
  • Vulnerability assessments
  • Enterprise risk assessments
  • Alignment with regulations such as CFPB, GLBA, PCI-DSS, NYDFS, GDPR

 

Virtualized CISO Services

Great option for a company that is required to define a Chief Information Security Officer, but does not have enough full time work or desire to maintain that level of cost and overhead. Services include:

  • Creation of a baseline evaluation of cybersecurity posture
  • Development of strategic plan to reach and maintain maturity, while working with existing staff and vendors
  • Managed security subscriptions custom tailored based on the customer’s needs, focusing on alignment on NIST 800-30, PCI-DSS, GDPR, and New York State Department of Financial Services NYCRR

Request More Info

 

To speak to one of our cybersecurity professionals, please fill out the form and we will be in contact with you shortly.