In the past year, Align has been able to successfully transform its offerings by combining its robust Managed IT and Cloud Services solutions with a pioneering and comprehensive Cybersecurity Risk Management Solution.
“2018 has been an explosive year for Align due to our unprecedented approach to delivering Cybersecurity Advisory Services,” explains Vinod Paul (pictured), chief operating officer of Align. “The cybersecurity offering is a powerful and elegant complement to our Managed IT Services solution. Align uses a multidisciplinary approach that addresses the regulatory, technology and day-to-day operational challenges to building a model cybersecurity programme. These solutions are symbiotic and in some cases, our clients are engaging us to be their managed services provider because of the stand-alone cybersecurity services that we offer.”
Align Cybersecurity is an autonomous team of subject matter experts that provide advanced Cybersecurity Advisory Services and Align itself has been around for 30 years and has a thriving outsourced managed services/IT business.
“We are easy to work with because typically a client will need to develop a working relationship between its current MSP on the one hand and its cyber advisor on the other hand; however with Align, they can keep everything under one roof, given that both IT and cyber functions are inextricably linked,” comments John Araneo, managing director, Align Cybersecurity, and general counsel.
It doesn’t help that there are no strict guidelines for fund managers to follow to right-size their cybersecurity programme relative to the size of their business. The SEC’s approach to cybersecurity has been very principals-based and as Araneo says: “They have not provided investment advisors with any sort of checklist or bright-line rules of what constitutes an unimpeachable cybersecurity programme.
“However, having worked with start-ups through to multi-billion dollar managers, we have a good barometer as to what constitutes an appropriate best cybersecurity programme. We can help our clients demonstrate they are engaged in the process and are taking a methodical, rational approach to building a cybersecurity programme.”
Although there is no silver bullet approach to cybersecurity, Align has been successful in engaging with its clients to help them navigate the changing landscape in terms of understanding what the latest threats are.
“The human is the first line of defence. One way to do this cost-effectively is by having a robust educational system in place,” says Paul.
“We’ve put together a proprietary, secure cybersecurity portal for each client that centralises all the output that is generated in a cybersecurity programme i.e. reports on employee training, reports on monitoring network traffic, penetration tests and vulnerability scans and so on.”
The benefit to this is that if the client has an SEC examination or an ODD request they can point to the portal and demonstrate the full anatomy of their cybersecurity programme, and show the investor or regulator what they are doing on a daily basis.
“The portal is a great metaphor for what our differentiator is in the market because it centralises all the otherwise dislocated functions and disparate data pools that must be brought together to determine your cybersecurity posture. As the only cybersecurity firm that has expert teams in all three areas of IT/technology; legal, regulatory and compliance; and security, we are able to deal with any sort of cybersecurity issue for our clients,” concludes Araneo. n