Case studies

Cybersecurity Risk Assessment for FinTech Management

Back

Cybersecurity Risk Assessment for FinTech Management

Overview

Salmon Software provides treasury management software to global-scale corporate companies and banks. Their clients use Salmon Software’s application to manage their treasury activities. The software is used by large banks to process statements from thousands of bank accounts with hundreds of thousands of transactions and payments. The system integrates with many third-party apps and banking systems. Being in the finance industry, they require very high levels of security to remain compliant with industry regulations. Their internal IT and development teams are located all over the world.

The Cyber Security Risk Assessment Challenge

Salmon Software is a small company providing software and services to very large finance companies. Their existing customers are increasingly more focused on cybersecurity. Their clients are actively evaluating their supply chains to assess their cyber risk levels against ever more stringent standards. To onboard new customers Salmon Software must pass their clients’ rigorous due diligence process that’s highly focused on their cybersecurity capabilities.

Salmon Software’s team quickly identified that they needed to work towards the internationally recognised cybersecurity standard – ISO 27001. Due to their limited knowledge of the complex ISO certification process, they realised they needed expert help and guidance. Stryve conducted an ISO readiness evaluation to map out the actions needed to achieve ISO 27001 compliance.

The Cyber Security Risk Assessment Solution

A risk assessment of all Salmon Software’s IT infrastructure and systems was conducted. The security levels of their IT estate were evaluated. Their team held meetings and calls with Stryve’s cybersecurity experts. They answered a series of questions, enabling Stryve to carefully map their cyber status and create a risk assessment.

Salmon Software’s ISO risk assessment reassured them that there were no gaping holes in their cybersecurity status and that its security foundations were good. They already possessed some strong cyber capabilities due to their reliance on Microsoft’s cloud and systems.

A comprehensive report was created from their risk assessment. Stryve’s cybersecurity experts took their team through the results, conducting training on the recommended action points. Their risk assessment was circulated internally, enabling them to clearly articulate the workload and justify the resources to make ISO compliance feasible. This created awareness among investors and stakeholders of what was required, how long it would take and which resources were needed to deliver highly secure systems. All recommended security remediations were prioritised using a traffic light system (Red Amber Green – RAG), signifying their urgency levels.

Cybersecurity Risk Assessment: The Benefits

Turnover Supported:

€21 billion

Average RPO

Average RPO:

8 Seconds

Downtime:

0%

Client Profile

  • Fintech provider to global scale companies and banks
  • They provide Financial Software to facilitate treasury management of organisations such as large banks to process thousands of statements
  • Multi-national based internal IT and development teams
  • Their systems integrate with third-party apps and banking systems

Client Requirements

  • Requires a high level of security to remain compliant with industry standards
  • Their current clients are becoming more cybersecurity-focused
  • Salmon needs to pass clients’ standards of high-level cybersecurity
  • The company needed to meet IS027001 standards
  • Required ISO readiness evaluation

Results

  • Risk assessment of client IT and Systems
  • Evaluation revealed no major weaknesses, solid cybersecurity foundation
  • Provided report and subsequent training regarding recommended action
  • Client prioritised actions to reach ISO compliance
icon user

“Our entire team have really valued Stryve’s experienced cybersecurity input and found them knowledgeable, very proactive and engaging. Their expert guidance has made our cybersecurity improvement process painless and achievable. Stryve has been helpful and positive from the beginning of our ISO 27001 journey. Their comprehensive ISO readiness plan has been critical to creating awareness of the resources required to achieve this and the importance of doing so. We hope our relationship with Stryve will continue for many years ahead.”

Peter Shea
Director at Salmon Software

Do you have 5 minutes for a quick chat?