NIST CSF 2.0, SOC 2 Preassessment & ISACA Blockchain Risk Assessment

Financial Technology Company – Digital Securities

The client requested an in-depth assessment of their cybersecurity strategy and control environment against NIST CSF 2.0 requirements, alongside a SOC 2 preassessment and a risk review of their blockchain infrastructure. As a regulated entity, the organization required clear validation of compliance readiness and actionable guidance to address identified gaps.

Frameworks assessed: NIST CSF 2.0, SOC 2, ISACA Blockchain Risk

Controls reviewed: 156 total controls

Engagement timeline: 6 weeks

Activities: Documentation review, stakeholder interviews, and gap analysis

The engagement team led documentation review, conducted stakeholder interviews, managed client communications, and developed and delivered a comprehensive assessment report detailing risks, gaps, and prioritized recommendations.

Hilco Global Cyber Advisors conducted an end-to-end cybersecurity assessment to evaluate both policy and operational alignment with regulatory and industry requirements.

Key outcomes included:

• Identification of nine primary risks across governance, resilience, and technology oversight
• Development of six prioritized initiatives to strengthen governance, third-party risk management, operational resilience, change management, and blockchain oversight
• Delivery of a clear, actionable path to improve compliance readiness

As a regulated entity, the client was able to immediately integrate recommendations into their cybersecurity roadmap and demonstrate progress toward regulatory compliance.

The assessment resulted in follow-on strategy and advisory opportunities, including:

• Organizational governance policy development
• Operational resilience program review
• Third-party risk management (TPRM) program review
• Cybersecurity roadmap development
• Documentation supporting regulatory requirements