INFORMATION SECURITY PROGRAM DEVELOPMENT
Our advisors base their guidance on publications from the FFIEC IT Handbooks, NIST security controls, and over 25 years of combined experience in managing Information Security Programs that have been examined by the FDIC.
TECHNOLOGY ASSESSMENTS & AUDITS
We provide detailed technology risk assessments that give you common-sense and actionable guidance for improving the security of your organization in accordance with GLBA.
TECHNOLOGY GOVERNANCE
An informative technology governance program will help your Board of Directors to make sound technology decisions. We can help enhance your governance program to give them the information they need.
CYBERSECURITY SOLUTIONS
In addition to Cybersecurity Program Development services, we offer technical solutions like Security Awareness Training, NOC/SOC monitoring, managed security services, cybersecurity consulting, and SIEM logging solutions.
Not sure where to start with Cybersecurity?
Read the FFIEC Cybersecurity Resource Guide for links to information and resources to help you get started.
At RankinCo Services, we are experts at utilizing these resources to help community banks achieve a better understanding of their cybersecurity posture and helping you reduce your risk through actionable solutions.
Let’s connect and discuss how we can help you achieve better technology risk management.
FFIEC Cybersecurity Resource Guide
Read the guide
Below is a link to the FFIEC’s website. After reading the guide, we are available if you have questions about how it impacts your organization.
Have you made your 2024 Board IT Governance Schedule yet?
Your bank should be reviewing more than IT policies, risk assessments, and your business continuity plans. Are you reporting on employee training, audit remediation status, and IT alignment with the bank’s strategic goals?
If you are looking for a place to start, connect with us and we’ll send you a template you can customize.
Our Services
Prepare your organization today for tomorrow’s security challenges.
INFORMATION SECURITY PROGRAM CONSULTING
Per FFIEC Interagency Guidelines Establishing Information Security Standards, each financial services organization must maintain an Information Security Program and test key controls by an independent third party.
Our consultants have direct experience managing IT departments in community banks and understand the challenges you face. Our services are based on a pragmatic approach to enhancing your Information Security Program.
BOARD PRESENTATIONS and training
Board training in cybersecurity is a critical component to a robust Information Security Program. If your Board of Directors requires additional training on particular topics, like cloud computing, ransomware, trends in technology, or trends in cybersecurity, we offer a Board training program that you can use throughout the year. We can also appear via video conference to answer specific and direct questions from your Board.
CYBERSECURITY TECHNOLOGY IMPLEMENTATION
Our technology consultants can help you implement specific technology such as firewalls, SIEMs, end-point protection, and help secure your cloud resources in Azure or in AWS.
VIRTUAL CISO
All organizations could benefit by having regular advice about Information Security and Cybersecurity from someone that understands their particular environment. Our vCISO’s will be your trusted partner in helping you provide cost-effective security leadership.
CYBERSECURITY AWARENESS TRAINING
Training your employees on cyber security best practices is key to protecting your environment. Typical failure rates for phishing tests are 32.4% according to the 2022 KnowBe4 benchmark report. Our customized security awareness training and testing programs can get you to 5% or below.
CYBERSECURITY TECHNOLOGY ASSESSMENTS
Annual Risk Assessments and Technology Audits can have a big impact on validating the security of your organization. Our experienced consultants take a common-sense approach to evaluating your technology and making recommendations that are actionable and effective at reducing your risk.