Maximising investment in cyber security
The board of a multinational financial services company was struggling to evaluate how effective their cyber security investment had been. They needed a methodology which showed what was needed to achieve a more advanced level of maturity in their cyber security which was adapted to their needs. Worried by growing reputational risks associated with client data loss from cyber breaches, the board needed reassurance that its cyber security was the best it could be.
Control Risks' approach
Our cyber security experts provided an evaluation of the client’s cyber security against three benchmarks: their peers’ security; the threat and their own risk appetite. We conducted a threat assessment, identifying likely attack scenarios, reviewed documents and carried out interviews to plot the company’s cyber maturity against the three benchmarks.
The assessment led to recommendations for specific measures to bring security up to a more advanced and company specific level. The methodology developed by our experts can be repeated to consistently measure the effectiveness of future investments in cyber security. The board was now satisfied that it had a full appreciation of the company’s cyber threat landscape.