Cyber Security Consulting for Large Financial Institutions

Cyber Security Consulting for Large Financial Institutions

About Our Cyber Security Consulting for Large Financial Institutions Practice

Law & Forensics Large Financial Institutions Cybersecurity Practice goes beyond the organization’s IT department and works with stakeholders across your organization. Our cybersecurity consulting practice for large financial institutions provides consulting services on cybersecurity strategy to large financial institutions to ensure they align with the US and international regulatory and program requirements.

Our firm’s advanced knowledge of US and international industry-standard frameworks such as FFIEC, NISO, EBA, ISO, and SANS, alongside our legal engineering experience of over 20+ years, allows us to craft customized controls, policies and programs to mitigate risks faced by financial institutions.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Third Party Risk Management Cybersecurity Consulting Cybersecurity Legal Engineering Cybersecurity Tabletops

Third Party Risk Management

Work with senior IT, cyber, compliance and procurement stakeholders to evaluate and identify gaps in third party risk management frameworks and implement solutions to addresses and mitigate gaps identified.
Collaborate with internal audit, legal, and technology leadership to remediate issues identified by internal audit or regulatory examinations.
Evaluate the effectiveness of internal policies, controls, and assessments of cyber, risk, and audit efforts at an organization. Efforts include performing an independent review of internal audits review of either cyber or risk programs, analyzing effectiveness of info sec risk and audit organizations and identify potential gaps and weakness, and working at the direction of the Audit Committee to independently evaluate the effectiveness and independence of an organization information security and risk programs.

Cybersecurity Consulting

Provide consulting services on cybersecurity strategy to large financial institutions to ensure that they are aligned with the US and international regulatory and program requirements.
Deliver customized solutions to implement corrective measures that result from findings that are identified in the process of regulatory activity by the US and international regulators.
Review and analyze organizations cybersecurity response plan and implement effective controls that can be followed through when hit by a crisis.

Cybersecurity Legal Engineering

Collaborate with the executive leadership and board members on cybersecurity risk management, governance, and business resiliency.
Work with key IT, legal, and business stakeholders to harness the expertise of your organization’s IT department, we craft policies around vulnerability and patch management, network management, and data management to set in place corrective measures, so that the entire organization meets regulatory compliance.

Cybersecurity Tabletops for Large Financial Institutions

Use our team of cybersecurity specialists and legal engineers to offer simulations to assess any potential unexpected losses that can arise from inadequate system management policies, misaligned internal controls and standard operating procedures, fraud or operational problems.
Deliver tabletop exercises that are vendor agnostic, allowing financial institutions to work better with the systems already used by the organization; the tabletops offer an opportunity to enhance the `muscle memory` necessary to withstand a cybersecurity attack.

Case Studies by Industry

Wealth Management Institution

Industry/Sector: Finance

Type of Case: Matter Requiring Attention (MRA) and Matters Requiring Immediate Attention

Description: Hired by large institution wealth management leadership to assist in responding to multiple MRAs and MRIAs issued to the institution looking at various IT issues covering the business continuity and IT system resiliency. Efforts included:

- Worked with key stakeholders to review controls, processes, and systems relating to IT system recovery.
- Identified specific gaps in controls, policies, and systems that needed to be addressed.
- Worked with internal and external IT, compliance, and legal vendors to remediate the MRIAs and MRAs. Our efforts were critical to delivering a positive outcome for our client.

Commercial Banking

Industry/Sector: Banking

Type of Case: Matter Requiring Immediate Attention.

Description: Hired by a large institution compliance team to address multiple MRIAs that arose from an examination and inspection performed by the Federal Reserve that was determined to need to be addressed immediately. Efforts included:

- Our team analyzed multiple system failures that were found to present a significant risk to the safety and soundness of the banking organization.
- A couple of significant non-compliance with applicable laws or regulations relating to cyber and IT controls.
- A finding by the regulator that the organization had failed to take appropriate and sufficient action. Our team worked with lawyers, technologists, compliance, and business stakeholders to create and execute a series of engagements to address these matters that leveraged the existing lawyers, consultants, and vendors. Our efforts were critical to delivering a favorable outcome for our client.

Investment Banking Group

Industry/Sector: Banking

Type of Case: Matters Requiring Immediate Attention

Description: Retained by the senior leadership and the Board of a large financial institution to address several MRIAs around the management of cyber risk and controls. Efforts included:

- Worked with technology, compliance, risk, and legal senior management to develop a roadmap presented to the regulator to remediate the MRIAs.
- Worked with the Board and senior leadership to monitor the process and correct issues as they arose.
- Advised counsel and senior IT leadership on the message and presentation to the regulators (e.g., Federal Reserve, Office of the Comptroller of Currency, SEC, etc.).

Dozens of Third-Party Vendor

programs assessed

Dozens of Investigations

conducted

100’s of Banking Devices

scanned

50.3k Mailboxes

examined

3.3k Social Media Accounts

analyzed

453 Expert Reports

written

Cyber Security Consulting for Large Financial Institutions Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders

Capabilities

Our veteran lawyers, consultants, legal engineers, and technologists with decades of experience in their respective fields are a sought-out team for global banks and financial institutions. Law & Forensics’s advanced knowledge of US and international industry-standard frameworks such as FFIEC, NISO, EBA, ISO, and SANS, alongside our legal engineering experience of over a decade, allows us to craft customized controls, policies and programs to mitigate the specific risks faced by financial institutions.

Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Decades of experience working with large financial institutions to address a wide range of legal and regulatory issues with favorable outcomes for many of our clients. Our team has a experience working in environments where cultural awareness is imperative to ensuring a successful result. We also have a rich set of experience working with regulators to address issues and concerns identified in the assessments they perform and/or execute.

Review of Alternative Dispute Resolution Case Law in 2018

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.

Cyber Security Consulting for Large Financial Institutions

About Our Cyber Security Consulting for Large Financial Institutions Practice

Third Party Risk Management

Cybersecurity Consulting

Cybersecurity Legal Engineering

Cybersecurity Tabletops for Large Financial Institutions

Capabilities

Competitive fees

Expertise

Quality Control

Newsletter

Contact Us

CYBERSECURITY PRACTICE

EDISCOVERY PRACTICE

DIGITAL BANKING

FORENSICS PRACTICE

ARTICLES

WEBINARS

RESOURCES