We take pride in protecting the customers, assets, and systems of our Financial Services clients.

Financial Services Information Security

Critical Informatics has a proven record of protecting the customer data, financial systems, and networks of financial services organizations. Through our managed cybersecurity services and consulting, we become an extension of our customers’ teams and technologies, targeting three basic goals: data security and privacy, continuity of operations, and regulatory compliance.

Our core Managed Detection and Response (MDR) service provides both the technology and the human expertise to detect, investigate, respond, and recover from IT security threats and intrusions.

Our Information Security Consulting Services help our customers uncover, and then shore-up, cybersecurity threats, gaps, and vulnerabilities. These services provide the basis for monitoring financial information infrastructure and access to Personally Identifiable Information (PII) through a fiscally-responsible Managed Security Service (MSS) and executive IT Security communication strategy.

Sign up for our weekly Financial Services Cybersecurity Briefing to stay up to date on the Information Security news that you need to know.

We may also occasionally send you information about Critical Informatics products and solutions; you can unsubscribe at any time if desired.

Managed Detection and Response

Our Managed Detection and Response (MDR) service provides financial service organizations with accurate security monitoring and rapid incident response. We combine unique detection analytics with deep human expertise to detect, investigate, confirm, respond, and recover from a compromise and prevent it from becoming a major breach. Critical Informatics helps Banks, Credit Unions, Registered Investment Advisors (RIAs), Broker Dealers, and Insurance Companies and Agencies meet their mission, in a world of quickly-evolving threats. Purpose-built for highly-regulated networks, our MDR service is designed to facilitate rapid and accurate confirmation of compromised assets while ensuring only incidental access to PII and financial information.

Our algorithms process network event data to identify:

  • Statistical anomalies
  • Interaction with known malware distribution or criminal command and control sites
  • Signature-based events from the intrusion detection Critical Insight Collector
  • Correlation of multiple suspicious events
  • Significant periodicity in signals

Our machine learning “remembers” every question asked of the data, and this is used to automate those queries that yield results.

Utilizing elastic scalability, machine learning, and advanced data indexing algorithms, we are limited only by the amount of data you can provide to us. We grow as large as we need to be, and we do not lose processing capabilities as we scale. Our machine learning approach allows Critical Insight to become continuously more powerful, accurate and faster as data is ingested and processed.

Our promise to you is to only provide actionable alerts, not false positives. Our security experts investigate each incident to confirm which are true threats. Once confirmed, the analyst prepares and communicates a customized Incident Action Plan (IAP) and interfaces with your staff in a pre-designed incident response process to quickly address the compromise. Incidents are addressed quickly so that actual damage and loss are averted or minimized. This process eliminates false positives and gives you an actionable plan for confirmed threats.

The availability of full packet capture at the collector allows our analysts to “replay” events under investigation for 100% incident confirmation and 0 false positives while ensuring only incidental access to sensitive information. Once an incident has been confirmed, we can go “back in time” and determine if any other compromises occurred prior. We can replay all that happened, often down to the mouse-click.

Contact us to learn more about integrating our MDR Service into your cybersecurity strategy.

Information Security Consulting

Financial organizations are regulated by multiple regulatory bodies and SROs. In the common interest of protecting customer and financial information, firms must comply with a broad set of security requirements. In addition to our Managed Security Services, we offer our financial service clients a full set of cybersecurity consulting services that ensure regulatory compliance. These services include:

  • Information Security Assessment
  • Wireless Security Assessments
  • Financial Systems Penetration Testing
  • PCI and GLBA Compliance Assessments
  • OCC, FDIC, SEC, and FINRA Rule Compliance

Contact us to learn more about how our Financial Service Security Consulting can help protect your customer and financial data and ensure your organization remains in compliance.

“Critical Informatics served a pivotal role as the City positioned itself to receiving a successful Level 1 Report of Compliance. Critical Informatics brought a passion and professionalism to this project that was much appreciated!”

– Teri Allen, Treasury Manager, City of Seattle

Learn how to navigate the Information Security regulatory environment in Financial Services

Our financial services team is led by our CEO, Garrett Silver.

Garrett Silver, CFA, has nearly 20 years of leading teams and technologies in the financial sector. He has extensive experience protecting customer assets and has overseen the same risk-based decisions faced by Critical Informatics customers every day. Formerly the Divisional CIO of ING DIRECT ShareBuilder, and later Capital One Investing, Garrett oversaw broad technology initiatives, including information security practices, regulatory audits, and third-party management programs.  Later, as Managing Vice President of Digital Products, Marketing, and Business Analysis, Garrett sat on the Investment Risk Oversight Committee, chaired the Investment Committee, and performed duties as the Divisional Data Risk Officer. Garrett now brings his technical, management, and financial experience to Critical Informatics, keeping a keen focus on the needs of our customers.

Past Financial Services News Blasts

November 3, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 11-03-2017

Malware That Can Empty Bank Accounts CERTCC has reported that the downloaded file is named ‘E-Dadsara’ (e-judiciary in Persian). When users click on the file, without […]
October 27, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 10-27-2017

Today’s Bank Heists Aren’t What They Used to be With the Battle Now Fought Out in Cyberspace  “Attacks used to be very crude misspelled [emails], now […]
October 20, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 10-20-2017

White Paper: Navigating the Regulatory Environment of Information Security in Financial Services Information technologies are rapidly changing. The players who collect, access, and maintain customer and […]
October 13, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 10-13-2017

Your Secrets Are Wearing Emperor’s Clothes Institutions which rely on customer identify-proofing and authentication need to shift their thinking on what constitutes identity – and you, […]
October 6, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 10-06-2017

Weaponizing Equifax Data It’s already been suggested that this is a state actor (with no more specificity than that), and the desire to create financial impact […]
September 29, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 9-29-2017

Equifax Breach is a Reminder of Society’s Larger Cybersecurity Problems Several major problems need to be addressed before people can live in a truly secure society: […]

Critical Informatics has successfully completed a Type 1 SOC 2 examination, performed by an independent CPA firm. The examination report is available to current and future customers upon request. We are committed to performing ongoing Type 2 SOC 2 examinations in future years.

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc.
All other brand names, trademarks, service marks
 and copyrights are the property of their respective owners.

© 2017 Critical Informatics, Inc. All Rights Reserved.

//]]>