Photo Credit: © VIGE.co - stock.adobe.com
The following article originally appeared in Hedgeweek and was written by James Williams.
Read on for exclusive insights from Vinod Paul, chief operating officer of Align, and John Araneo, managing director, Align Cybersecurity, and general counsel of Align.
In the past year, Align has been able to successfully transform its offerings by combining its robust Managed IT and Cloud Services solutions with a pioneering and comprehensive Cybersecurity Risk Management Solution.
“2018 has been an explosive year for Align due to our unprecedented approach to delivering Cybersecurity Advisory Services,” explains Vinod Paul, chief operating officer of Align. “The cybersecurity offering is a powerful and elegant complement to our Managed IT Services solution. Align uses a multidisciplinary approach that addresses the regulatory, technology and day-to-day operational challenges to building a model cybersecurity program. These solutions are symbiotic and in some cases, our clients are engaging us to be their managed services provider because of the stand-alone cybersecurity services that we offer.”
“2018 has been an explosive year for Align due to our unprecedented approach to delivering Cybersecurity Advisory Services.” — Vinod Paul, chief operating officer of Align
Align Cybersecurity is an autonomous team of subject matter experts that provide advanced Cybersecurity Advisory Services and Align itself has been around for 30 years and has a thriving outsourced managed services/IT business.
“We are easy to work with because typically a client will need to develop a working relationship between its current MSP on the one hand and its cyber advisor on the other hand; however with Align, they can keep everything under one roof, given that both IT and cyber functions are inextricably linked,” comments John Araneo, managing director, Align Cybersecurity, and general counsel.
It doesn’t help that there are no strict guidelines for fund managers to follow to right-size their cybersecurity program relative to the size of their business. The SEC’s approach to cybersecurity has been very principals-based and as Araneo says:
“They have not provided investment advisors with any sort of checklist or bright-line rules of what constitutes an unimpeachable cybersecurity program.
“However, having worked with start-ups through to multi-billion dollar managers, we have a good barometer as to what constitutes an appropriate best cybersecurity program. We can help our clients demonstrate they are engaged in the process and are taking a methodical, rational approach to building a cybersecurity program.”
Although there is no silver bullet approach to cybersecurity, Align has been successful in engaging with its clients to help them navigate the changing landscape in terms of understanding what the latest threats are.
“We can help our clients demonstrate they are engaged in the process and are taking a methodical, rational approach to building a cybersecurity program.” — John Araneo, managing director, Align Cybersecurity, and general counsel of align
“The human is the first line of defense. One way to do this cost-effectively is by having a robust educational system in place,” says Paul.
“We’ve put together a proprietary, secure cybersecurity portal for each client that centralizes all the output that is generated in a cybersecurity program i.e. reports on employee training, reports on monitoring network traffic, penetration tests and vulnerability scans and so on.”
The benefit to this is that if the client has an SEC examination or an ODD request they can point to the portal and demonstrate the full anatomy of their cybersecurity program, and show the investor or regulator what they are doing on a daily basis.
“The portal is a great metaphor for what our differentiator is in the market because it centralizes all the otherwise dislocated functions and disparate data pools that must be brought together to determine your cybersecurity posture. As the only cybersecurity firm that has expert teams in all three areas of IT/technology; legal, regulatory and compliance; and security, we are able to deal with any sort of cybersecurity issue for our clients,” concludes Araneo.
“The next Cybersecurity Risk Management Solution isn't a solution. It's all of them, united.” — Katie Sloane, Head of Marketing of ALIGN