Cybersecurity Regulation

Information is one the greatest assets for businesses, ranging from intellectual capital to financial operations. Today, businesses spend precious dollars on assessment, audits, and remediation to respond and mitigate risks.  

The evolution of information from paper to digital medium precipitated the need to connect financial information to technology. This evolution is forcing the assessors and regulators to extend the investigation reach into IT and cybersecurity to properly measure the risk involved. Most firms deploy internal and external audit teams for financial response today. However, the IT and cybersecurity response is fractured with many vendors and often orphaned from financial analysis. 

This is evidenced by how organizations spend on their IT, including security projects today. Much of the IT governance and spending are not aligned because Financial and IT risk are assessed separately. 

The business or the governing board should have access to risk information that incorporates
financial, IT, and cybersecurity. The information should enable the board to either accept risks or align the spending of IT to remedy the risks that are not acceptable.

FGMK’s approach is simple. Integrated IT and financial assessments to provide front end response to regulations including Commodity Futures Trading Commission (CFTC) and National Futures Association (NFA) regulations. FGMK will assist with response and maturity program to satisfy regulations as well as IT spending governance. IT Security project spends should not be separated from business risks and ROI.