We collaborate on design requirements in support of executing your plan.

How should I implement my plan?

Tailoring security requirements to fit the risk posture your organization has selected, we help design solutions you can execute.
Develop security requirements for new solutions
Assist with integrating security into your application development lifecycle
Review and assess technical requirements
Build user stories to integrate security into acceptance testing
Complete readiness assessments for production deployments

Implementation of the Pension Cybersecurity Framework

Properly defined sources of risk allow for improved development of security requirements. By understanding pension operations, we support you in limiting cyber risk exposure in every aspect of your organization.
Pension Cybersecurity Framework (PCSF)
Our approach to rapid security control deployment for pension organizations:
Pension Cybersecurity Framework (PCSF™)

Gain a holistic understanding of sources of risk specific to pensions. Evaluate your position against similar funds.


Develop industry best practices, training and access controls that enable the ability to meet member, employer and legislative needs with cybersecurity in mind.


Implement controls to have visibility to unauthorized self-service access, payroll irregularities and ensure member data privacy.


Build incident response plans that maximize business continuity to ensure key functions – such as payroll – continue to operate in the event of a breach.


Ensure that your fund has the necessary data and controls in place to confidently recover from a potential breach in not only fund data, but also member trust.

Risk Mitigation in Action

We ensure you are fully prepared to minimize your risk exposure by
Writing requirements for RFPs
Reviewing 3rd party vendor assessments
Developing compensating controls
Overseeing implementation of security tools
Evaluating cloud-service provider controls
Supporting DevSecOps
Advising on Authorizations to Operate (ATO)
Cyber Security Roadmap
Cybersecurity Maintenance