We take pride in protecting the customers, assets, and systems of our Financial Services clients.

Financial Services Information Security

Critical Informatics has a proven record of protecting the customer data, financial systems, and networks of financial services organizations. Through our managed cybersecurity services and consulting, we become an extension of our customers’ teams and technologies, targeting three basic goals: data security and privacy, continuity of operations, and regulatory compliance.

Our core Managed Detection and Response (MDR) service provides both the technology and the human expertise to detect, investigate, respond, and recover from IT security threats and intrusions.

Our Information Security Consulting Services help our customers uncover, and then shore-up, cybersecurity threats, gaps, and vulnerabilities. These services provide the basis for monitoring financial information infrastructure and access to Personally Identifiable Information (PII) through a fiscally-responsible Managed Security Service (MSS) and executive IT Security communication strategy.

Sign up for our weekly Financial Services Cybersecurity Briefing to stay up to date on the Information Security news that you need to know.

We may also occasionally send you information about Critical Informatics products and solutions; you can unsubscribe at any time if desired.

Managed Detection and Response

Our Managed Detection and Response (MDR) service provides financial service organizations with accurate security monitoring and rapid incident response. We combine unique detection analytics with deep human expertise to detect, investigate, confirm, respond, and recover from a compromise and prevent it from becoming a major breach. Critical Informatics helps Banks, Credit Unions, Registered Investment Advisors (RIAs), Broker Dealers, and Insurance Companies and Agencies meet their mission, in a world of quickly-evolving threats. Purpose-built for highly-regulated networks, our MDR service is designed to facilitate rapid and accurate confirmation of compromised assets while ensuring only incidental access to PII and financial information.

Our algorithms process network event data to identify:

  • Statistical anomalies
  • Interaction with known malware distribution or criminal command and control sites
  • Signature-based events from the intrusion detection Critical Insight Collector
  • Correlation of multiple suspicious events
  • Significant periodicity in signals

Our machine learning “remembers” every question asked of the data, and this is used to automate those queries that yield results.

Utilizing elastic scalability, machine learning, and advanced data indexing algorithms, we are limited only by the amount of data you can provide to us. We grow as large as we need to be, and we do not lose processing capabilities as we scale. Our machine learning approach allows Critical Insight to become continuously more powerful, accurate and faster as data is ingested and processed.

Our promise to you is to only provide actionable alerts, not false positives. Our security experts investigate each incident to confirm which are true threats. Once confirmed, the analyst prepares and communicates a customized Incident Action Plan (IAP) and interfaces with your staff in a pre-designed incident response process to quickly address the compromise. Incidents are addressed quickly so that actual damage and loss are averted or minimized. This process eliminates false positives and gives you an actionable plan for confirmed threats.

The availability of full packet capture at the collector allows our analysts to “replay” events under investigation for 100% incident confirmation and 0 false positives while ensuring only incidental access to sensitive information. Once an incident has been confirmed, we can go “back in time” and determine if any other compromises occurred prior. We can replay all that happened, often down to the mouse-click.

Contact us to learn more about integrating our MDR Service into your cybersecurity strategy.

Information Security Consulting

Financial organizations are regulated by multiple regulatory bodies and SROs. In the common interest of protecting customer and financial information, firms must comply with a broad set of security requirements. In addition to our Managed Security Services, we offer our financial service clients a full set of cybersecurity consulting services that ensure regulatory compliance. These services include:

  • Information Security Assessment
  • Wireless Security Assessments
  • Financial Systems Penetration Testing
  • PCI and GLBA Compliance Assessments
  • OCC, FDIC, SEC, and FINRA Rule Compliance

Contact us to learn more about how our Financial Service Security Consulting can help protect your customer and financial data and ensure your organization remains in compliance.

“Critical Informatics served a pivotal role as the City positioned itself to receiving a successful Level 1 Report of Compliance. Critical Informatics brought a passion and professionalism to this project that was much appreciated!”

– Teri Allen, Treasury Manager, City of Seattle

Learn how to navigate the Information Security regulatory environment in Financial Services

Our financial services team is led by our CEO, Garrett Silver.

Garrett Silver, CFA, has nearly 20 years of leading teams and technologies in the financial sector. He has extensive experience protecting customer assets and has overseen the same risk-based decisions faced by Critical Informatics customers every day. Formerly the Divisional CIO of ING DIRECT ShareBuilder, and later Capital One Investing, Garrett oversaw broad technology initiatives, including information security practices, regulatory audits, and third-party management programs.  Later, as Managing Vice President of Digital Products, Marketing, and Business Analysis, Garrett sat on the Investment Risk Oversight Committee, chaired the Investment Committee, and performed duties as the Divisional Data Risk Officer. Garrett now brings his technical, management, and financial experience to Critical Informatics, keeping a keen focus on the needs of our customers.

Past Financial Services News Blasts

January 19, 2018
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 01-19-2018

Cyber Security is Not an Option: Five Industries Most Vulnerable to Attacks Online ·       Healthcare ·       Financial Services ·       Government agencies ·       Businesses ·       Transportation   […]
January 12, 2018
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 01-12-2018

Wary Businesses Test Fixes for Chip Flaws Before Installing Banks and other financial institutions spent much of the week studying the vulnerabilities, said Greg Temm, chief […]
January 5, 2018
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 01-05-2018

17 Things We Should Have Learned in 2017, but Probably Didn’t Chances are, you make similar resolutions every January 1st. Each year the infosec headlines flood […]
December 29, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 12-29-2017

Korea-linked Hackers are Attacking Banks WorldwideBanks and security researchers have previously identified four similar cyber-heists attempted on financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam. […]
December 22, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 12-22-2017

The C-Suite Needs Cyber Bootcamp Not only are financial executives highly likely to become a target, the risk associated is greater. Financial executives in particular have […]
December 15, 2017
Weekly FS Cybersecurity Blast

Financial Services Cybersecurity Weekly Briefing 12-15-2017

NewsJacker #4 In this 3+ minute NewsJacker episode, Mike shares his opinions on the most recent news in IT security: Net Neutrality The vote is imminent, […]

Critical Informatics has successfully completed a Type 1 SOC 2 examination, performed by an independent CPA firm. The examination report is available to current and future customers upon request. We are committed to performing ongoing Type 2 SOC 2 examinations in future years.

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc.
All other brand names, trademarks, service marks
 and copyrights are the property of their respective owners.

© 2017 Critical Informatics, Inc. All Rights Reserved.