Our Expertise in Cybersecurity 

Through our advisory and integration services, we assess, manage, and mitigate risk, while helping our clients to maintain alignment with regulatory requirements, protect their cloud-based data, eradicate security flaws, and monitor potential security incidents. 
People icon

Cyber Risk Management

We support our clients in assessing their security posture, develop an integrated cyber security strategy and control framework, and respond to regulatory requirements in order to mitigate risks and threats. Our expertise in risk modelling, assessment and cyber risk op models and controls means they can be proactive and reactive when required.
Read more
People icon

Cyber Resilience

When it comes to cyber security, firms must prepare for worst-case scenarios and establish strong resilience measures. We help conduct robust resilience assessments, provide strategic advice on areas of improvement, and implement the latest technology with rapid and customized response frameworks to enhance preparedness.
Read more
People icon

Cloud Security

Holding valuable and sensitive data on cloud platforms is convenient – but increases the risk of data leaks, breaches, and attacks. To ensure data is managed securely on the cloud, we provide end-to-end cloud security, from cloud resource assessment and configuration audits through to application performance monitoring and container vulnerability management.
Read more

Success Story

Secure & Sustainable Cloud Eco-system

A client partnered with Capco to architect and design a cyber security strategy for their cloud environments to build in security from day 1. Together, we:

  • Designed and implemented a cloud security strategy for launching a Digital Bank on AWS, aligning with regulatory and industry best practices
  • Delivered an AWS security architecture 
  • Defined governance, processes, controls and playbooks to ensure usage of services is secured, monitored and controlled
  • Executed and tested cyber security controls to identify cyber risks, supporting the bank’s launch sign-off
  • Performed a cyber assessment as part of vendor risk management for the “of the Cloud” section of the AWS shared responsibility model
 

Success Story

Multi-Cloud Security Compliance

A client requested our support to address a range of cyber security critical compliance gaps across multi-cloud environments. Together, we:

  • Developed, implemented and operationalized Compliance as Code for Cloud Security Baseline Configuration compliance
  • Secured privileged access in the cloud by enabling Just-in-Time access and Privileged Usage Gateway
  • Secured and operationalized AWS and Azure Data Classification Solutions for structured and unstructured data
  • Designed and implemented security alert notifications for AWS, Azure AD, Sentinel to monitor workloads and applications across multi-cloud environments.
 

Success Story

NYDFS Part 500 Compliance

A client requested our support to implement NYDFS500 regulation and meet their regulatory deadlines. Together, we:

  • Reviewed the firm’s cyber security program, with heightened focus on key domains included in the NYDFS Part 500
  • Identified gaps, prioritized risk and developed action plans and project roadmaps to remediate risk
  • Defined methodology to demonstrate compliance in preparation for the regulator’s review

The client completed remediation and met NYDFS deadlines.


Success Story

Cyber Risk Assessment Framework Definition

A Bank requested our support to build a repeatable cyber risk assessment methodology to maintain compliance with regulations. Together we:

  • Developed the cyber risk management lifecycle and governance framework
  • Defined the cyber risk taxonomy and assessment framework, and aligned with industry standards
  • Identified a list of cyber risk scenarios and evaluated the residual risk and improvement opportunities 

The client achieved a comprehensive view of inherent and residual cyber risks for each of its entities.

 

Success Story

Threat-Based Strategy Development & Implementation

A client requested our support to mitigate the risk of a widespread ransomware attack by maintaining essential operations and preserving financial stability. Together, we:

  • Identified key business services and their associated critical activities to streamline minimum viable operations taxonomy development
  • Established alternative operating methods and deployed technologies aligned with business objectives
  • Developed playbooks with communication strategies and escalation protocols for business continuity and regulatory compliance

The client achieved enhanced resilience against cyber threats and ensured continuity of critical operations.

 

Success Story

Cyber Resilience strategic direction

A client requested our support to develop a resilience strategy and target state maturity. Working closely with the client, we:

  • Benchmarked the client against industry peers and frameworks using our maturity models
  • Created a resilience gap roadmap with short-term tactical enhancements and long-term strategic developments

The client achieved an enhanced cyber resilience posture and upgraded capabilities.

 

Latest Thought Leadership

Our domain expertise, disruptive thinking and creative culture help our clients transform and reinvent their businesses.

Meet our team

Jamilia Parry

Global Cybersecurity lead

Julien Bonnay

US Cybersecurity lead

Marija Devic

UK Cybersecurity lead

James Musgrave

Canada Cybersecurity lead