Achieving Cyber Security Compliance & Maturity for Technology Service Provider (Securities Market)

The Customer: – Leading Trading Platform and Managed Services Provider for Securities Market.

Overview: The customer had recently acquired a managed services company which provided trading platform services to brokers. Being a critical and regulated environment, it was essential to implement appropriate cyber security controls and mature them to ensure:

  1. Effective protection from cyber-attacks.
  2. Compliance with SEBI requirements.

The Challenge: The environment consisted of brokers with high trading volumes. The key requirement was to identify gaps & enforce cyber security controls with zero impact to production systems.

Considering it was a new acquisition, it was particularly challenging to understand the scope and coverage. There were also several unknowns which had to be addressed on the go. Simultaneously, new systems were being rolled out into production and secure by design processes had to be implemented in an agile manner.

Our Solution: Triflo started with a detailed architecture review and performed a gap assessment based on our comprehensive cyber security assessment framework and threat model specifically created for the customer.

Our framework and methodology have been developed using inputs from NIST, SANS & ISO and fine-tuned using our decades of experience in cyber security.

The findings of the assessment were used as a reference to create an implementation roadmap consisting of strategic, tactical & operational cyber security objectives.

We provided the customer with flexible & customized packaging of our offerings consisting of a combination of one-time projects and 24×7 managed services for meeting these objectives. This helped the customer in making informed decisions thus optimizing their cyber security investments.

As a result of the significant value delivered by our expertise, the client chose us as their preferred cyber security partner and entered into a multi-year contract with us.

Over a period of several months, we created a blueprint of cyber security controls and implemented a strong governance structure and associated processes, thereby helping the customer achieve continuous improvement and mature their cyber security posture.

Benefits:

  • Performed a comprehensive evaluation of cyber security risks and countermeasures.
  • Implemented a framework for IT Risk Management, Vulnerability Management and Security Posture Management.
  • Setup 24×7 security monitoring and incident response via a shared SOC.
  • Defined Metrics, KPI’s and dashboards to track effectiveness and provide visibility to management.
  • Introduced user awareness trainings and put in place a comprehensive information security program.
  • Further matured the information security program for obtaining ISO 27001:2022 & SOC2 certification.

Here’s what our customer has to say:

As our trusted partner, Triflo Technologies has been instrumental in augmenting our cyber security posture and helping us meet the compliance requirements of our customers. Their consultants are reliable, have deep expertise and have provided excellent delivery. I would highly recommend their services.
Share this case study: