Mobius recently completed a Cyber Security Capability and Risk Assessment for a leading financial services organisation. The assessment was based on the NIST Cybersecurity Framework and included both a risk-based and capability maturity based assessment. The project included the development of a cybersecurity Future State Roadmap for risk reduction and improved security capability.
The key objective of the assessment was to determine areas of improvement within processes, capabilities and technology in order to improve the overall security maturity and address risks related to cyber threats. Based on the outcome of the assessment, Mobius then developed a Future State Roadmap to address capability gaps and minimise risks identified. The assessment, and resulting roadmap, covered all aspects required to improve the client’s capability to identify, protect, detect, respond and recover from cyber-related attacks and incidents. The roadmap included practical solutions across governance, organisation, policies, standards, roles and responsibilities, operations process as well as security technology improvements.
The outcome of the engagement was that the client was enabled to:
Improve overall risk reduction related to cyber threats
Adopt a roadmap and plans to improve Cyber Security capability
Make use of a prioritised approach to cybersecurity that included quick wins and planning for longer-term initiatives
Make use of high-level plans for each project within the roadmap to get started
Mobius used a practical, interactive approach to understand the organisation’s business environment and ensure that the appropriate stakeholders were identified and engaged throughout the project. As a result, areas that required remediation were identified and practical recommendations were put forward to assist the organisation to improve their overall cybersecurity posture.