Challenge
Today, M.A. Polce works hand in hand with Adirondack Bank as their vCISO. Adirondack Bank employs an Information Security Officer (ISO) who was going on military leave for a year. Management was looking to fill the void they had for a seasoned, high-level security resource. M.A. Polce’s vCISO was able to assist them by strengthening their existing security initiatives while creating a short-term and long-term roadmap for their security and compliance program.
Solution
M.A. Polce’s cybersecurity experts have significant experience across diverse information security programs, in both strategic and tactical roles. Our highly experienced, industry-certified experts worked together to ensure that Adirondack Bank received cutting-edge cybersecurity guidance in every part of their business.
Knowing that cybersecurity needs vary over the course of time, M.A.Polce tailored services to help Adirondack Bank achieve both its short-term and long-term goals by focusing on four core tenants of cybersecurity: compliance, cyber threats and security, information systems, and risk.
Through a strong familiarity with bank IT regulatory requirements and experience in working with IT auditors and examining agencies, M.A. Polce helped Adirondack Bank navigate through the completion of two audits along with any subsequent mitigation steps. M.A. Polce also helped to identify gaps in existing compliance programs for banking regulations such as FFIEC and NYS DFS.
Working with existing security and information system employees at Adirondack Bank, M.A.Polce put an emphasis on understanding the threat actors, motives, and techniques our experts see in the financial industry today. By understanding and having more insight into the activity on a network and its associated systems, Adirondack Bank is able to employ the proper compensating controls to combat such attacks.
Through intimate knowledge of and experience with networking, servers, applications, and other bank-specific systems, M.A. Polce was able to assist Adirondack Bank with strengthening the security of its infrastructure. This was accomplished through identifying necessary policies and procedures, advising on security tools, and employing industry benchmarks on existing and new systems
Business Outcome
M.A.Polce worked with the Adirondack Bank information security team to identify and prioritize threats and vulnerabilities based on the likelihood and impact of a given event. Through the use of the FFIEC Cyber Assessment Tool, the team aided in identifying the inherent risks and maturity levels to present the Board of Directors with more actionable insight into the bank’s overall risk so they can make effective decisions to further their’ goals and objectives.
By partnering with M.A. Polce as a strategic security advisor via our vCISO services, Adirondack Bank gained the leadership and expertise of experienced security professionals along with an outside, independent perspective on their security and compliance program. Adirondack Bank now has a more comprehensive security program that is operationalized and managed by their internal team now that their Information Security Officer has returned. They also achieved immediate impact in terms of the most pressing issues plaguing their information security program and were able to fill in the gaps on their information security team—all for a fraction of the cost of hiring a full-time CISO.
