GRIMM Discusses Enterprise-Wide Threat Assessments and Consulting Services to the Financial Services - Information Sharing and Analysis Center (FS-ISAC) 2017 Summit
The Financial Sector is serious about defending its institutions from cyber attack; GRIMM is here to help
Arlington, VA, May 4, 2017 (Newswire.com) - Grimm was an Innovation Sponsor at the Financial Services - Information Sharing and Analysis Center (FS-ISAC) Annual Summit earlier this week in Florida. GRIMM, a security engineering company based out of Arlington, VA, is a leader in offering specialized security services for financial institutions since 2013.
The Iranian DDoS of American banks in 2012 was a great awakening for the Financial Sector in knowing they need to defend their enterprises against cyber attack. But knowing is only half the battle. “The bottom line is that financial institutions are still at risk of serious security issues,” said Bryson Bort, Founder and CEO of GRIMM. “Malicious account takeovers, ATM transaction interception, fake or deceptive wire transfers — the list of possible attacks against financial institutions is only limited by the imagination. We need to stop defending against the exercises and assessments and begin defending against the threats.”
GRIMM’s worked with the Financial Sector, conducting comprehensive enterprise-wide security reviews for financial institutions for several years now. Through these reviews, GRIMM provides a true understanding of security vulnerabilities, a solution to fixing the vulnerabilities, and trains the workforce to defend against them. These reviews are appropriate for firms that already have an internal, risk-based approach for addressing cybersecurity but need a “SWAT” team of experts to test their systems, find the holes, and help them fix the holes before their attackers find them. But what about firms that don’t know “where to begin” when it relates to developing and implementing a process for addressing, measuring, and tracking enterprise cybersecurity? Developing an internal, risk-based approach to address cybersecurity tends to be chaotic, resource intensive, and cumbersome — an overwhelming issue for small to mid-sized financial institutions."We need to stop defending against the exercises and assessments and begin defending against the threats."
Because of these gaps, last summer, GRIMM expanded its Financial Sector services by offering consulting to financial institutions in order to provide them a starting point — so they have a customized repeatable plan to know how to address key cybersecurity issues that arise, and clearly understand roles and responsibilities. Also, GRIMM, working with a Fortune 50 company with a need for a more rigorous assessment, co-developed the first true enterprise risk and threat assessment framework, “CROSSBOW.” CROSSBOW assesses an enterprise at scale with complete threats made of communications, capabilities, deployment methods, and the attacker’s tactics, techniques, and procedures (TTP) rolled into one. The Financial Sector is consistently going to be at high-risk for cyber attacks — and raising the barrier of entry to attacking these smaller financial institutions is the first step toward better defending the sector as a whole.
About GRIMM: GRIMM offers security engineering and consulting services backed by research and development in delivering the art of the possible in cybersecurity. The team services government and commercial clients from a diverse range of industries. For more information about our application security or consulting services, please contact firstname.lastname@example.org.
Source: GRIMM (SMFS, Inc.)