Bringing you live news and features since 2006 

Anand Mohabir, ACA Aponix

ACA Aponix – Best North American Cybersecurity Firm


ACA Aponix, a division of ACA Compliance Group, provides financial services firms with a 360-degree, independent approach to technology risk and governance. Conducting a comprehensive risk assessment helps fund mangers to identify potential gaps and vulnerabilities, which the ACA Aponix team works through with each client to mitigate these risks. 

"Our product offering encompasses cyber risk assessments as well as conducting mock audits, to not only help our clients prepare for a regulator visit but also test their ability to respond to a cyber breach, were it to happen," comments Anand Mohabir, Senior Principal Consultant. 

At a high level, the ACA product offering involves performing risk assessments, mock audits, vendor diligence, network testing (both internal and external), training (which includes phishing exercises), tabletop exercises and helping clients produce a Written Information Security Program (WISP). 

Mohabir confirms that this year, ACA Aponix has been focused on providing education to its clients, part of which has been conducted via a series of eight webinars designed to bring clients up to speed on issues that they need to know personally, which they can then apply as best practices within their organisations.

"We have developed an internal training platform that clients can use to help gauge their employees' knowledge and understanding of cybersecurity as it relates to their daily work. We launched this at the start of the year," confirms Mohabir, adding:

"The way we feel individuals will help a firm move forward is to practice better cybersecurity hygiene."

Managers are not only dealing with the broad cyber risks and phishing campaigns of hackers, they are also dealing with the regulatory aspect as well. In years gone by, investment advisors tended to focus on protecting their network perimeter from external attacks by conducting annual penetration tests and regarded this as being cyber secure. 

"Today, however, they realise that is not enough. Most of the risks that managers face are internal. Many are facing the challenge of how to put controls and processes in place to protect their overall firm. Through our risk assessment process we help clients focus not just on the technology infrastructure but also on people, process, workflow and understanding how individuals do their jobs. It's only by understanding how a firm operates that one can identify potential risks," says Mohabir.

One important element of the risk assessment is vendor due diligence.

As Mohabir explains: "We look to identify data and then classify it, before determining who has access to that data. In many cases that is going to be one of the manager's service providers. We go through this with each client and highlight potential risks with their vendors as part of the vendor due diligence process. 

"We also perform mock audits with clients and run table-top exercises. These are designed to help clients test their Incident Response Plans under different scenarios. From a cyber perspective, it might be necessary to invoke the BCP if the IRP calls for it. The focus should always be on testing both the IRP and BCP."

On winning this year's award, Mohabir concludes: "We try to bring a high level of service to each client as if we were an employee responsible for technology security of their firm. This perhaps explains why we have won the award for the second year in succession, which we are very proud of.

Latest News

Saving and investing app, Moneybox, has doubled the number of ETFs available on the platform, in the light of ‘growing..
Global X ETFs has announced the appointment of Ryan O'Connor as its Chief Executive Officer effective as of April 8, 2024. ..
Value-driven structured credit investing firm, Angel Oak Capital Advisors, LLC, has announced the completed conversions of two of its mutual..
Confidence in the continuing strength of bitcoin and Ethereum is driving wider interest in altcoins and other digital assets, according..

Related Articles

Sal Esposito, Zacks Investment Management
Zacks Investment Management started doing investment research in 1978 and in 1992 started its investment management arm, initially with SMAs...
Jeremy Senderowicz, Vedder Price
Jeremy Senderowicz, a member of the Investment Services Group at law firm Vedder Price, has witnessed a steady upswing in...
Graham MacKenzie, Toronto Stock Exchange
The evolution of ETFs has been a multi-decade experience for Toronto Stock Exchange says Graham MacKenzie, managing director, Exchange Traded...
Frank Koudelka, State Street Global Services
ETF data provider and ETF Express data partner, Trackinsight, has published its Global ETF Survey 2024 Report: ‘50+ Charts on...
Subscribe to the ETF Express newsletter

Subscribe for access to our weekly newsletter, newsletter archive, updates on the site and exclusive email content.

Marketing by