Cyber security compliance for financial institutions is of grave importance and a matter demanding continuous improvement against ever-evolving threats, requiring the implementation of the best practices and solutions possible. Senior management must be committed and involved in the ongoing maintenance and improvement of their Information Security Management System (ISMS), ensuring that security controls are operating properly, achieving their goal and driving their organization towards a level of constant awareness, where ongoing updates and improvements are made to the ISMS. Soteria conducts regular cyber security audits to certify that the ISMS controls are implemented correctly, operating as intended and achieving the required outcome with respect to the risks assessment, business environment and according to the applicable standards and regulations:

• General Regulation & Standards: ISO/IEC 27001, NIST 800, ITIL, GDPR, NIS Directive.
• GLBA: Requirements for information security training, specific policies, scanning and other activities. Virtually obliging all financial service companies and financial institutions. 
• PCI-DSS: Payment Card Industry Data Security Standard, for organizations processing financial transactions.
• Dodd-Frank: Sets the baseline for what is “reasonable and appropriate” security around consumer financial data to improve accountability and transparency in the financial system.
• SOX: To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to securities laws, and for other purposes obliging information systems to support accounting and oversight for the accuracy of reporting.

To conclude the evaluation, Soteria issues practical recommendations and an implementation plan to close the gap towards complete compliance, to meet business goals and mitigate risks; offering the required technology tools and procedures accordingly within the framework of SoteriaEPNP – End Point and Network Protection.

Soteria’s cyber training simulation platforms provide a competitive, real-world environment to train cyber analysts and ethical hackers against advanced attack-defense scenarios developed by field experts. Student activity and performance are monitored and analyzed allowing instructors to gain an understanding of student capabilities and progress. The platform enables the constant training against relevant attack scenarios and prepares personnel for the day after graduation. Scenarios are constantly updated according to client needs and industry trends. Training scenarios examples:

•  IT system: Bank Fraud Scenarios, hacking into bank accounts, hijacking user entity, etc.
• IoT systems: Simulation of a well-planned, coordinated bank robbery, simulating hacking scenarios on physical telecommunications, signaling and radio systems during a bank robbery (Tampering Traffic Light; Street Cameras, Police Radio etc.);

The financial sector is very challenging in terms of information security, demanding that financial institutions provide instant real-time data and services while dealing with ever-evolving cyber threats and hostile factors. This dynamic risk environment can only be met by overall employee awareness and well-trained dedicated personnel capable of dealing with creative attacks and developing ongoing solutions and controls to keep their information security systems valid against sophisticated attackers. We provide complete, turnkey solutions for the establishment of advanced cyber and technological academies in order to build the required HR to cope with sophisticated cyber-threats, giving essential qualifications and skills to: Security Analysts, Security Managers, Security Auditors, Intelligence Analysts, Threat Hunters, and Expert Investigators (CERT) in accordance with industry standards and regulations.

In order to achieve the critical demands for high credibility and integrity of customers sensitive data in financial institutes networks and to ensure top security of all aspects IT & Physical, overall 24/7 monitoring is essential to provide real-time rapid response against threats and attacks penetrating the network. Soteria provides best-practice methods and tools to cope with the latest attacks, allowing quick and effective response and remediation.

Complete projects for facilities and perimeters of the most sensitive nature, implementing advanced solutions such as 360˚ video vigilance, advanced access controls systems (e.g., two-factor authentication, biometrics, etc.), smart doors and gates, safe storage systems, security methodology and response training, according to overall safety and security survey to ensure compatibility with standards, regulations and associated risks.