ESENTIRE RELEASES CYBERSECURITY DOCUMENTATION FRAMEWORK FEATURING INFOSEC POLICY, INCIDENT RESPONSE GUIDANCE
Culled from years of industry expertise, this Information Security Policy Framework provides Registered Investment Advisors the means to proactively document and manage their defense posture while responding to due diligence and regulatory requirements.
NEW YORK, Dec. 16, 2014 – eSentire, Inc., the leader in Active Threat Protection cyber-solutions and managed information security services, today announced general availability of its information security policy guidance and incident response documentation kit. The documents, available at no charge (under a Creative Commons Attribution/Non-Commercial License), provide a starting point for Registered Investment Advisors (RIA’s), allowing them to create an actionable framework for responding to and managing a more proactive cybersecurity defense posture.
Responding to pressure from boards of directors, investors, and a growing number of regulatory agencies, including the U.S. Securities and Exchange Commission, organizations today need governance frameworks that define pragmatic cybersecurity practices appropriate to their size, company culture, and risk surface. Organizations like the OCIE-SEC and American Bar Association, serve industries rooted in risk, and focus on today’s cybersecurity issues by providing the ‘what’ while delivering governance guidelines. eSentire’s Infosec Framework Documentation Kit provides the ‘how’ of defense, based on over a decade protecting these types of businesses from a continuous evolution and maturation of sophisticated cybersecurity threats and threat vectors.
“Increasing regulatory and due diligence demands, coupled with the barrage of threats and elaborate threat vectors, result in CTOs facing a bifurcated job of securing their environments and implementing cybersecurity defenses,” said eSentire Chief Security Strategist Eldon Sprickerhoff. “Since the SEC Risk Alert was released, I have seen several consulting companies ‘instantly’ become experts in Hedge Fund Cyber Security and offering consulting services to provide boilerplate information security policies to funds. My hope is that our release of both the information security policy and incident response starter kit will act as an antidote, and truly aid resource-constrained IT teams in answering inbound information security queries, particularly those referencing Question Two in the OCIE-SEC 28 Questions Risk Alert.”
Both documents are released under Creative Commons license with attribution to eSentire, permitting extremely broad non-commercial use of the source material. Sprickerhoff’s hope is that hedge fund technology groups, such as Alternative Investment Tech Executives Club (AITEC) and Hedge Fund Tech Connect (HFTC), are able to form sub-committees to help interested users to learn from each other while they fine-tune documentation for their own firms.
eSentire is the leading managed security service provider to more than 450 financial services firms, legal, extractive and healthcare organizations. The company pioneered Continuous Advanced Threat Protection, which leading analyst firm Gartner Research began covering in June 2014 as a best practices framework for defending against the most egregious cyber security attacks. eSentire delivers continuous monitoring, real-time threat detection and containment technology as a service with human threat analysts on a 24x7x365 basis. The company challenges legacy security approaches, combining behavior-based analytics, immediate mitigation and advanced threat intelligence.
eSentire® is the leader in Active Threat Protection solutions and services, the most comprehensive way to defend enterprises from advanced and never-before-seen cyber threats. eSentire’s flagship offering, Network Interceptor, challenges legacy security approaches, combining behavior-based analytics, immediate mitigation and actionable intelligence on a 24x7x365 basis. The company’s dedicated team of security experts continuously monitors customer networks to detect and block cyber attacks in real-time. Protecting more than $2.0 trillion in combined AUM, eSentire is the trusted choice for security decision-makers in financial services, healthcare, mining, energy, engineering and construction, legal services, and technology companies. Recently, eSentire was named the HFMWeek 2014 Best Hedge Fund Security Service Provider. In late 2013, eSentire was named to the Deloitte Technology Fast 50 Companies to Watch and cited as a Canadian Innovation Exchange CIX Top 20 most innovative Canadian company. For more information visit www.esentire.com and follow @esentire.