About Our Cyber Security Consulting for Large Financial Institutions Practice

Working with stakeholders across your organization, Law & Forensics Large Financial Institutions Cybersecurity Practice raises the profile of cybersecurity beyond the organization’s IT department. Our cybersecurity consulting practice for large financial institutions provides consulting services on cybersecurity strategy to large financial institutions to ensure that they are aligned with the US and international regulatory and program requirements.

Our firm’s advanced knowledge of US and international industry-standard frameworks such as FFIEC, NISO, EBA, ISO, and SANS, alongside our legal engineering experience of over 20+ years, allows us to craft customized controls, policies and programs to mitigate risks faced by financial institutions.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Third Party Risk Management

  • Work with senior IT, cyber, compliance and procurement stakeholders to evaluate and identify gaps in third party risk management frameworks and implement solutions to addresses and mitigate gaps identified.
  • Collaborate with internal audit, legal, and technology leadership to remediate issues identified by internal audit or regulatory examinations.
  • Evaluate the effectiveness of internal policies, controls, and assessments of cyber, risk, and audit efforts at an organization. Efforts include performing an independent review of internal audits review of either cyber or risk programs, analyzing effectiveness of info sec risk and audit organizations and identify potential gaps and weakness, and working at the direction of the Audit Committee to independently evaluate the effectiveness and independence of an organization information security and risk programs.

Cybersecurity Consulting

  • Provide consulting services on cybersecurity strategy to large financial institutions to ensure that they are aligned with the US and international regulatory and program requirements.
  • Deliver customized solutions to implement corrective measures that result from findings that are identified in the process of regulatory activity by the US and international regulators.
  • Review and analyze organizations cybersecurity response plan and implement effective controls that can be followed through when hit by a crisis.

Cybersecurity Legal Engineering

  • Collaborate with the executive leadership and board members on cybersecurity risk management, governance, and business resiliency.
  • Work with key IT, legal, and business stakeholders to harness the expertise of your organization’s IT department, we craft policies around vulnerability and patch management, network management, and data management to set in place corrective measures, so that the entire organization meets regulatory compliance.

Cybersecurity Tabletops for Large Financial Institutions

  • Use our team of cybersecurity specialists and legal engineers to offer simulations to assess any potential unexpected losses that can arise from inadequate system management policies, misaligned internal controls and standard operating procedures, fraud or operational problems.
  • Deliver tabletop exercises that are vendor agnostic, allowing financial institutions to work better with the systems already used by the organization; the tabletops offer an opportunity to enhance the `muscle memory` necessary to withstand a cybersecurity attack.

Case Studies by Industry

Industry/Sector: Finance

Type of Case: Matter Requiring Attention (MRA) and Matters Requiring Immediate Attention

Description: Hired by large institution wealth management leadership to assist in responding to multiple MRAs and MRIAs issued to the institution looking at various IT issues covering the business continuity and IT system resiliency. Efforts included:

    • Working with key stakeholders to review controls, process, and systems relating to IT system recovery,
    • Identifying specific gaps in controls, policies, and systems that needed to be addressed,
    • Working with internal and external IT, compliance, and legal vendors to remediate the MRIAs and MRAs. Our efforts were critical to delivering a positive outcome for our client.
Dozens Of third party

vendor programs assessed

Dozens Of investigations

conducted

100’s Of banking devices

scanned

50.3k Mailboxes

examined

3.3k Social media accounts

analyzed

453 Expert reports

written

Cyber Security Consulting for Large Financial Institutions Practice Edge

Capabilities

Our veteran lawyers, consultants, legal engineers, and technologists with decades of experience in their respective fields are a sought-out team for global banks and financial institutions. Law & Forensics’s advanced knowledge of US and international industry-standard frameworks such as FFIEC, NISO, EBA, ISO, and SANS, alongside our legal engineering experience of over a decade, allows us to craft customized controls, policies and programs to mitigate the specific risks faced by financial institutions.

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Decades of experience working with large financial institutions to address a wide range of legal and regulatory issues with favorable outcomes for many of our clients. Our team has a experience working in environments where cultural awareness is imperative to ensuring a successful result. We also have a rich set of experience working with regulators to address issues and concerns identified in the assessments they perform and/or execute.

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.