Drawbridge is a leading provider of cybersecurity solutions, specializing in safeguarding your business through comprehensive risk management and policy development. Their services are designed to help firms identify, assess, and mitigate cyber risks while ensuring compliance with industry standards.

Cyber Risk Assessment

This comprehensive data-gathering exercise involves collaboration with your IT provider, technical staff, and/or operational team to establish an in-depth baseline of your firm’s current cybersecurity posture and risk profile. Drawbridge will analyze the responses and provide a detailed report, including current controls, identified risks, and recommendations for remediation.

Vendor Risk Assessment

With increasing compliance requirements, registered funds must enhance risk management of critical third-party providers. Drawbridge’s Vendor Risk Assessment program evaluates the existing cybersecurity posture of your key vendors. They work directly with your providers to gather and assess cybersecurity data and provide remediation guidance.

Cybersecurity Policy Development

• Written Information Security Policy (WISP): Documents existing procedures, standards, and guidelines to ensure data confidentiality, integrity, and availability.
• Incident Response Plan (IRP): Outlines best practice guidelines, policies, and procedures for responding to cybersecurity incidents that could disrupt normal business operations.
• Business Continuity Plan (BCP): Establishes guidelines, policies, and procedures for maintaining business operations during an incident affecting primary business locations.

User Awareness & Training

A selection of impactful cybersecurity training and ongoing phishing campaigns to prepare your firm for the latest technical and social engineering threats.

Incident Response Tabletop Exercise

An interactive test of your firm’s existing Incident Response Plan. Drawbridge will facilitate discussions to validate your firm’s response capabilities in the event of a cybersecurity incident or breach.

Vulnerability Scanning

Continuous network and/or endpoint-based scanning provides near real-time visibility of current vulnerabilities, helping prioritize remediation to protect your employees and assets, regardless of their location.

Penetration Testing

Drawbridge combines proven technology and expert human resources to test the robustness of your firm’s internal and external cybersecurity infrastructure and controls.

Cloud Infrastructure Technical Assessments

Drawbridge’s Cloud Infrastructure Assessments verify administrative and user settings and configurations in the target cloud environment. Aligned with standards set by the Center for Internet Security (CIS), Drawbridge offers Technical Assessments for all major cloud environments, including:

• Microsoft 365
• Google Workspace
• Amazon Web Services (AWS)