Choose Country

Case Study

Cybersecurity 1: Finance

The Challenge

The US Financial Services Industry is subject to numerous overlapping and at times conflicting cybersecurity regulations within the US and globally. Members of the industry must demonstrate compliance by producing different types of evidence for similar activities.

The Process

BCG Platinion validated and expanded extensive mapping of over 20 different documents to a global standard, ISO/IEC 27001, Information Security Management System Requirements and NIST Framework for Critical Infrastructure Cybersecurity. Our team then used data analytics to visualize the redundancies and developed an overarching visual depicting duplication and overlaps. Finally, we collaborated with the industry to develop a Financial Services Industry Profile that harmonizes the regulations to be consistent with NIST and ISO frameworks.

Cyber Vendor Product and Market Strategy

The Results

Publically available product

BCG Platinion created a public product for the US Financial Services industry to use in their cybersecurity policy, risk management, and measurement activities.

Increased industry and regulatory bodies awareness

Regulatory challenges are addressed for the industry from using a de facto standardized industry-wide resource.

Future cost savings

Overly complex compliance activities detract from securing the enterprise and incur substantial costs.

Increased efficiencies

Regulatory reconciliation addresses inefficiencies and harmonizes compliance activities.