Our cybersecurity and privacy team can support your organisation with our extensive experience in developing, implementing, and managing risk management programmes. The aim is to identify risks; monitor, manage, and remediate them; and – based on the organisation’s risk appetite and risk tolerance – properly determine what risks are acceptable.

We can help your organisation establish strong governance through policies and procedures that adhere to legal and regulatory requirements, as well as your firm’s defined objectives. Additionally, our team can establish and support compliance functions that will validate those controls, ensuring the policies and procedures are effective and efficient.

  • Programme Governance and Business Risk Assessments regarding cybersecurity and privacy – Crown jewels, threat actors, risk exposure, potential impacts, and risk tolerance (financial, business outage, legal, regulatory, and reputational)
  • Cybersecurity & Privacy Controls Maturity Assessments, utilising industry frameworks such as NIST, SANS, COBIT, ISO, etc.
  • Regulatory requirements that include, but not limited to:
    • Securities and Exchange Commission (SEC)
    • New York State Department of Financial Services (NYDFS)
    • EU General Data Protection Regulation (GDPR)
    • California Consumer Privacy Act (CCPA)
    • Financial Conduct Authority (FCA)
    • European Banking Authority (EBA)
    • US Department of Defense Cybersecurity Maturity Model Certification (CMMC)
    • Health Insurance Portability Accountability Act (HIPAA)
  • Penetration testing
  • Vulnerability scanning
  • Assessment recommendations (e.g., budgeting, risk management, policies and procedures, control testing and validation, etc.)
  • Strategic planning – roadmap prioritisation and implementation, recommendations and solution implementation
  • Board and leadership reporting
  • Ongoing risk management oversight – identification, remediation and acceptance
  • Ongoing programme support for compliance and regulatory requirements
  • Aviation safety management systems
  • Expert witness and testimony

Follow HKA on WeChat


HKA WeChat