Publicly Traded REIT
Security Governance, Risk & Compliance
Client Overview
The client is a publicly traded Real Estate Investment Trust (REIT) based in the New York Metro area. They are subject to perform annual audits to meet regulatory compliance standards. The REIT also recognized the increasing threat vectors and the potential impact of publicly announcing a security incident. They required a partner that could not only help maintain and modernize their infrastructure but also support, improve, and modernize their security posture.
Challenge
The challenge for the REIT was to identify a Technology Service Provider that has a proven track record of helping its customer successfully achieve IT Security Compliance. In the ever-evolving world of Cybersecurity, the Service Provider would need to provide sound advice and be able to complete mutual goals and tasks. They required a close working relationship with a partner who could improve their security posture and ensure compliance across all domains. The end goal would be to improve on previous audits done in the past.
Solutions
Five Rivers IT provided a comprehensive Integrated Risk Management (IRM) program that worked in close collaboration with their infrastructure Managed Services to ensure a complete solution not only to plan but to execute on all the compliance and security needs. The IRM program included a Risk Management, Business Impact Analysis, IT Disaster Recovery, Vulnerability Management Program, penetration testing, Written Information Security Program (WISP), Incident Response Plan & Tabletop exercise, Vendor Risk Management Platform, and fractional CISO services. This allowed Five Rivers to ensure compliance across all domains and greatly improve the security posture for the REIT.
Results
After implementing several policies and security measures, the security posture for the REIT has greatly improved. The results of the annual independent security audit have dramatically improved, and there is a continued push to implement more measures as they are identified. The comprehensive solution highlighted by the Third-Party Risk Management, proactive compliance and governance are what have allowed the REIT to be an industry leader far exceeding previous audit scores.
Summary
Five Rivers IT provided a complete solution for the REIT's security, governance, risk, and compliance needs. They helped the REIT meet regulatory compliance standards, improve their security posture, and reduce exposure to security incidents. The IRM program allowed Five Rivers IT to ensure compliance in all domains and collaborate with the professional services division to greatly improve the REIT's security posture. The results have been a significant improvement in the REIT's security posture and successful annual security audits.