Overview

A Cybersecurity Framework is a group of controls that, when met, represent a comprehensive cybersecurity program that addresses risk within a specific organisation. Several frameworks exist are implemented based on size, industry, and location, including NIST, ISO, CIS, and COBIT. As part of the overarching cybersecurity maturity level, a Cybersecurity Framework should be implemented to not only secure the entity, but also serve as a benchmark for auditing the effectiveness of implementation by a third-party.

Specific regulatory requirements facing organisations within the Cayman Islands specifically require entities to implement a Cybersecurity Framework, including the Cayman Islands Monetary Authority ("CIMA"). Ember Lake has been assisting regulated entities on island prepare for their CIMA inspection since the creation of the SOG:C.

By utilising an independent assessor such as Ember Lake, action plans are created by professionals that have not only the knowledge of the steps to implement a framework, but also understanding of the technical controls prescribed by it. For each client, we work closely with key stakeholders to define the required framework, scope the project, create an action plan, and execute the implementation. As part of our process, we ensure each interested party is understanding of the requirements their role within the organisation requires. This develops a positive feedback loop for constant improvement, allowing our clients to effectively manage their framework after implementation is completed.