Risk Management
Slants-Orange-16x16
SUCCESSFUL INITIATIVE
Project
CIS Risk Assessment for Enhanced Security and Compliance
Executive Summary
The client engaged Vanguard Technology Group to conduct a tailored CIS CSC Version 8 Risk Assessment to meet NYDFS compliance requirements and evaluate cybersecurity risks across three critical infrastructure scopes: Corporate Infrastructure, Hosted Third-Party Data Center, and Cloud Infrastructure. This comprehensive assessment provided a detailed analysis of the organization’s cybersecurity maturity, identified risks and gaps, and offered actionable recommendations for remediation, enabling the organization to strengthen their security posture and align with regulatory expectations.
Customer Overview
Our client provides mortgage insurance products and services and has compliance requirements such as SOC 2 and NYDFS.
The Situation
The client, a regulated organization under NYDFS, required a cybersecurity risk assessment to meet compliance requirements and evaluate vulnerabilities across its infrastructure. Their environment included a corporate network, third-party data center, and cloud-based production platform. To enhance security and ensure regulatory compliance, the client aimed to assess risks across People, Processes, and Technology, measure the Strength, Breadth, and Rigor of their controls against CIS safeguards, and evaluate overall maturity while identifying gaps in governance, technical controls, and operational processes.
The Solution
Vanguard Technology Group designed and conducted a customized CIS Risk Assessment tailored to the client’s infrastructure and regulatory needs. By leveraging the CIS Controls framework, the assessment evaluated 18 control families and 153 safeguards while incorporating enhanced metrics for Strength, Breadth, and Rigor. This multidimensional approach enabled an in-depth analysis of the organization’s People, Processes, and Technology across all three scopes. The assessment also measured governance maturity, process conformity, technical enforcement of controls, and overall cybersecurity maturity. A comprehensive report identified risks, provided insights into the client’s risk profile, and outlined actionable remediation strategies to strengthen cybersecurity defenses and align with NYDFS regulations.
Our Engagement
Advisory & Consulting Services:
  • Design Risk Assessment: Tailored the assessment to the client’s unique environment, regulatory requirements, and business objectives.
  • Conduct Assessment: Performed detailed interviews with key stakeholders across the three scopes to gather insights into existing cybersecurity practices and identify vulnerabilities.
  • Evaluate and Analyze: Assessed the collected data against CIS Controls, measuring the Strength, Breadth, and Rigor of security measures and identifying gaps in governance, technical controls, and operational processes.
  • Deliverable: Delivered a detailed report outlining their risk profile, identified gaps, overall maturity levels, and recommended remediation strategies.
Transformative Solutions for Your Secure Future.

Discover how Vanguard Technology Group can make a transformative impact on your business. Our “Showcase of Successful Initiatives” highlights real-world projects, case studies, and use cases that demonstrate the tangible results we’ve achieved for our clients. From comprehensive cybersecurity advising and consulting to expert security leadership, program development, and regulatory compliance services, our tailored solutions fortify your organization’s security posture and unlock a secure future.

 

Get in touch with us to explore how we can elevate your organization’s security and safeguard your valuable assets.

Slants-Orange-16x16
GET IN TOUCH
Unlock your secure future.
Take the first step towards enhancing your organization’s security. Contact us now or schedule an appointment for a consultation with our experts!

Security Leadership (Virtual CISO)

Program Development & Maturity

Compliance Services

Advisory & Consulting Services

    Name:
    Email:
    Phone:
    Subject: