US Compliance SolutionsUS Cyber Security SolutionsCyber Security Annual Services
Cyber Security Annual Services
Waystone Compliance Solutions offers clients the strongest, independent cyber security and data protection services globally and works with them to embed a security culture within an organization. Our aim is to assist asset managers and the public and private sector to assess information security threats, identify weaknesses and implement a sustainable and pragmatic program of information security improvements.
All of our services are tailored to meet the specific needs of each client, taking into account their unique requirements, risk appetite and culture.
Our Cyber Security Annual Services
Waystone Compliance Solutions can provide clients with a Cyber Security Annual Services solution that includes the following:
| Institutional | Professional | Emerging Manager | |
|---|---|---|---|
| Technology and Cyber Security Risk Assessment (Annual Report)* | ✔ | ✔ | ✔ |
| Weekly external network vulnerability scan | ✔ | ✔ | ✔ |
| Internal credentialed vulnerability scan (once per contract year) | ✔ | ✔ | ✔ |
| Written information security program (information security, vendor management, incident response) | ✔ (bespoke) |
✔ (bespoke) |
✔ (templates only) |
| Table Top Exercises (TTE) (replaces WISP on subsequent years) | ✔ | ✔ | ✔ |
| Staff cyber security training | ✔ (live or WBT) |
✔ (live or WBT) |
✔ (WBT only) |
| Staff phishing tests | ✔ | ✔ | ✔ |
| Regulatory exam support (two days onsite), ADV-C support, SEC incident reporting | ✔ | ✔ | ✔ |
| Industry news and cyber security notifications | ✔ | ✔ | ✔ |
| Vendor diligence | ✔ (20) |
✔ (5) |
✔ (1) |
| External penetration test | ✔ | ✔ | |
| Spam and spoof testing | ✔ | ✔ | |
| DNS and dark web monitoring | ✔ | ✔ | |
| Advisory hours (VCISO) | ✔ (4 hours per quarter) |
✔ (2 hours per quarter) |
|
| Technology maturity assessment | ✔ | ||
| Board documents and PowerPoint decks | ✔ |
Optional add-on annual cyber security services include (each at an additional cost):
- mock regulatory cyber security exam
- Business Continuity Plan (BCP)/disaster recovery plans/business impact analysis
- internal penetration test
- privacy review
- vendor contract reviews
- cloud assessment: Office 365 assessment, Google Workspace assessment, Azure assessment and AWS assessment
