Solutions That Evolve With Your Business

With rapid adoption of new technologies, increasing regulation, and near daily well publicized, ​damaging cyber-attacks, cybersecurity and privacy have risen to the top of every executive and board’s agenda.​

Why your Board should be concerned about Cybersecurity

With security incidents increasing in sophistication, number and size, it’s important to ensure your organization is prepared, to avoid financial losses, operational disruption, loss of customer trust and confidence, and lasting reputational damage.

We believe in using a comprehensive end-to-end control framework highlighting prevention, detection and response.This offers our clients substantial benefits

Gain insights into the design and effectiveness of your Cybersecurity program and align with your business goals and risk appetite.

Our Solutions

Cybersecurity Business Risk
  • Identify firms’ “Crown Jewels” – most sensitive data, key systems, and critical business processes
  • Assess and manage cybersecurity risks relevant to specific threat sources, their likelihood, and potential impact
  • Provide Board and Executive Leadership visibility on cyber program governance, compliance, and strategy
Security and Privacy Maturity
  • Assesses key security and privacy domains
  • Actionable maturity scorecard with key observations and recommendations
  • Outlines a strategic roadmap of initiatives
  • Regulatory Assessments; NYDFS, EU-GDPR, California Privacy Act of 2018, SEC-OCIE, FFIEC, NAIC, and other global regulations
Threat and Vulnerability Management
  • Threat identification and information sharing
  • External and internal vulnerability assessments
  • External and internal pen testing
  • Identify configuration weakness, and provide recommendations and remediation support

TRAINING AND AWARENESS
  • Email phishing exercises
  • Targeted spear phishing and social engineering
  • Physical intrusion and employee deception
  • Employee end-user and role based training
Incident Response Forensics
  • Provides on call response
  • Delivers expert forensics support
  • Offers root cause analysis
  • Recommended actions
  • Dcouments incident reporting for various stakeholders
Incident Response Assurance
  • Evaluates readiness
  • Assesses incident response policies
  • Cyber incident scenario playbooks
  • Real World Tabletop exercises

As the levels of regulatory scrutiny, technical complexity, and business threats surge, so too do the risks and compliance-related issues associated with day-to-day business activities. Management should ask these key questions:

The Questions

  • Has senior management and the board quantified your Cybersecurity Business Risk covering the sensitive data, key systems, threats, likelihood and impact of a breach?
  • Does senior management and the board know the current maturity of the Cybersecurity & Privacy program and how mature it needs to be?
  • Has a threat modeling assessment been performed and how does the organization manage against those threats and make those efforts and results transparent?
  • What assurance does senior management and the board have on the preparedness and effectiveness of its Incident Response Program?
  • You have been hacked – now what?
  • How is the company protected against Phishing and business email compromise scams that attempt to trick the recipient into providing confidential information?

The Action

  • We partner with our clients, providing specialized and cost-effective resources while being agile.
  • We learn your risk appetite, gauge current program state and leverage industry standards and best practices to improve your posture.

The Impact

  • Exceed key stakeholder expectations
  • Greater risk optimization / mitigation
  • Increased regulatory readiness
  • Improved cost / benefit results
  • Stronger control posture

Benchmarking Surveys

Organizations today are faced with difficult challenges surrounding Risk & Regulatory, Cybersecurity, Privacy, & Technology Risk and Board Reporting and Board Reporting. As a result, practitioners are asking: “How are these risks being addressed by Internal Audit, IT audit, and the IT / Security Groups in other organizations like mine?”

In order to effectively answer this question, Accume Partners developed the below surveys. The surveys collect relevant data points from similar organizations from around the comparable industry (ies) and benchmarks them against Best Practices. Anyone who completes the survey will receive the results and can see how their organization is performing among its peers. It then can become a very effective planning tool!

  • IT Internal Audit

Michael Corcione

Managing Director
Practice Leader
Cybersecurity & Privacy
646-546-7871

Michael has advisory experience in Cybersecurity Business & IT Risk Assessments, Cyber Threats and Incident Response, Regulatory Compliance, and Third Party Due Diligence. Prior to Accume, Michael was a leader at Cordium.

Read More

LET’S GRAB COFFEE

contact us