ACA Aponix

Cybersecurity, privacy, and technology risk assessment services

We provide cybersecurity and technology risk assessments, data privacy compliance services, vendor and M&A diligence services, portfolio company oversight, network testing, and advisory services for companies of all sizes.

Our solutions

We help identify your company's IT, cybersecurity, and privacy risks through risk assessments, penetration testing, and regulatory cyber exams. We help you understand your regulatory obligations for cyber and privacy, and help you prepare for cyber exams from regulatory authorities. We can conduct an assessment across 700+ topics to identify technology-related risks and provide recommendations for improvement.

We provide pre-deal, post-deal, and ongoing diligence to help investors manage the cyber risks of their portfolio companies, negotiate better deals, and preserve their investment value.

We can help your company develop cyber and technology policies and procedures and implement a comprehensive information security program that enables you to identify and manage risks, foster a culture of security, and prepare for the unforeseen, but inevitable, incident with business continuity and incident response planning.

We issue timely alerts on cyber events and technology concerns that may be relevant to your business and offer phishing testing, tabletop exercises, and monitoring services to protect your business.           

We can help identify network vulnerabilities that could be exploited by a hacker and lead to a breach through vulnerability scanning or penetration testing.

 

We can help your firm better understand payment flow and fraud risk mitigation opportunities with payment flow review, risk analysis, and reporting.      

We can assess the security of your company’s Microsoft® Office 365® and other cloud environments by reviewing how your company uses Office 365 and develop a practical action plan to address key risks.

We help assess and mitigate your third-party risks. We'll send questionnaires on your behalf, manage the process, analyze data, and provide recommendations.     

We help assess your company's compliance with relevant privacy regulations, including GDPR, CCPA, HIPAA, and others.

1 of
Solution spotlight

Aponix Protect™ comprehensive cybersecurity and technology risk solution

We help firms address evolving cyber risks and threats to ensure that their cybersecurity needs are covered year-round. This solution is available in three tiers, each one designed to provide firms with a flexible, robust, responsive, and cost-effective cybersecurity program.

Why work with us?

We provide cybersecurity and technology risk assessments, data privacy compliance, vendor and M&A diligence services, network testing, and advisory services for companies of all sizes. Our unique approach combines a deep understanding of your workflows with our methodologies, thought leadership, and proprietary data to surface and prioritize the most important risks. Our award-winning solutions are designed to help firms uncover risks and identify deficiencies in their cybersecurity policies, procedures, and controls.

Why work with us?

Deep information technology experience. Award-winning solutions. Holistic approach to technology risk.

  • Experienced global team
  • Certified team members
  • Thought leaders in cybersecurity and IT risk
  • Over 650 companies work with us
  • Award-winning technology and solutions
  • Holistic approach to cybersecurity and IT risk

ACA Aponix provides cybersecurity and technology risk assessments, data privacy compliance, vendor and M&A diligence services, network testing, and advisory services for companies of all sizes. Our unique approach combines a deep understanding of your workflows with our methodologies, thought leadership, and proprietary data to surface and prioritize the most important risks. Our award-winning solutions are designed to help firms uncover risks and identify deficiencies in their cybersecurity policies, procedures, and controls.

Who we are

  • Our team consists of senior technologists who have started in the technology trenches, many growing into technology leaders at organizations ranging from small to large hedge funds, bulge-bracket banks, and technology services providers for the financial services sector.
  • ACA Aponix staff maintain or have held the following relevant certifications around cybersecurity risk management, incident response, penetration testing, information security, IT governance, privacy, and business. Additionally, select ACA Aponix staff maintain U.S. military security clearance.

Our certifications

Cybersecurity

  • CISSP, CISM, CISA, ISO27001:2013, CGEIT, CRISC, CTPRP, Security+, OSCE, OSCP, CEH, GXPN, GPEN, GWAPT, GCFE, GCCC, GCIH, GCIA, ECSA, SSA, CREST CPSA

Privacy

  • CIPM, CIPP, CIPT

IT & Business Continuity

  • A+, CCA, CNE, CCNA, CCNP, CSPO, ISO22301:2013, MCSA, MCSE, MSCP, Network+

Business

  • CFA, CM&AA, GSLC, JD, MBA, PhD, PMP, Six Sigma Black Belt

Our leadership team

Raj Bakhru

Raj Bakhru

Partner, Chief Innovation Officer

Raj oversees ACA strategy, M&A, and ComplianceAlpha®.

Kris Lau, CISM

Kris Lau

Managing Director

Kris is a managing director at ACA Aponix, specializing in information security program and policy development, risk management, vulnerability assessments, third-party security assessments, and audits.

Henry Lindemann

Henry Lindemann

Managing Director

Henry is a Managing Director at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group and oversees the sales department for the division.

Marc Lotti, CGEIT, PMP

Marc Lotti

Strategic Advisor

Marc is a Strategic Advisor at ACA, and a Co-founder and formerly a Co-head Partner at ACA Aponix.

Chad Neale, ISO27001:2013, GSLC, GCFE, CISA

Chad Neale

Partner

Chad is a Partner at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group and oversees ACA Aponix’s Strategic Technology Advisory and Risk practice.

Mike Pappacena

Mike Pappacena

Partner

Mike is a Partner at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group.

Jose Ramos

Jose Ramos

Senior Principal Consultant

Jose is a Senior Principal Consultant at ACA Aponix leading the penetration team.

Alex Scheinman, Ph.D.

Alex Scheinman

Managing Director

Alex is a Managing Director at ACA Aponix, overseeing ACA Aponix’s GDPR, CCPA, and other privacy regulation data-processing reviews and related programming.

James Tedman

James Tedman

Partner

James is a Partner at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group. James manages ACA Aponix in Europe.

Christine Tetherly-Lewis

Christine Tetherly-Lewis

Senior Principal Consultant

Christine is a Senior Principal Consultant at ACA Aponix.

Kavitha Vankita

Kavitha Venkita

Partner, Head of Cybersecurity and Risk

Kavitha is a Partner and the Business Lead for ACA Aponix, the dedicated global cybersecurity and technology risk advisory team.

1 of

Latest insights

Regulatory Horizon 2021

Five Reasons to Attend ACA Regulatory Horizon 2021 | Navigating Evolving Risks

There is just one week to go until Regulatory Horizon 2021 | Navigating Evolving Risks, our free-to-attend European based conference for financial services firms is running from 2-4 March. We outline five reasons why this event is worth adding to your calendar.

News
  • Compliance
  • ESG
  • Regulatory Technology
  • Mirabella
  • Cybersecurity
ACA Threat Intelligence Alert Blog Image

Virginia Senate Passes Consumer Data Protection Act

The Virginia Senate has unanimously passed the Virginia Consumer Data Protection Act (VCDPA) and once approved by the governor, the law is set to go into effect on January 1, 2023. This data privacy law would grant privacy rights and consumer protection to Virginia residents. Learn how to prepare for these new protections.

Cyber Alert
  • Cybersecurity
  • Privacy
London financial district skyscrapers looking upward

2021 Regulatory Reminders and Upcoming Deadlines for European firms

A summary of key tasks for compliance teams with a European presence, along with a summary of FCA’s priorities during 2021, our analysis of key regulatory developments and an outline of longer-term trends.

Article
  • Compliance
  • Brexit
  • Cybersecurity
  • Regulatory Technology
  • Mirabella
  • ESG
close up photo of w-2 irs tax form

7 Tips to Avoid Identity Theft During the 2021 Tax Season

As the U.S. tax filing season kicks off, it’s important to be on the lookout for tax scams, especially those related to COVID-19 or any stimulus payments. Here are our tips for staying diligent and resources to share with your employees and friends.

Article
  • Cybersecurity
  • COVID-19
Aponix blog background

ACA Aponix Cybersecurity Checklist

Does your cybersecurity program meet the requirements of regulators as well as your own internal and client expectations? Evaluate your cybersecurity program with our free checklist.

Article
  • Cybersecurity
  • BCP
ACA Threat Intelligence Alert Blog Image

Apple iOS Updated; SonicWall Cybersecurity Products Hacked

This alert contains information about security vulnerabilities addressed by Apple® in its iOS® 14.4 update, as well as the recent breach of SonicWall® cybersecurity products. Learn how to protect yourself from these breaches.

Compliance Alert
  • Cybersecurity

News

Five Reasons to Attend ACA Regulatory Horizon 2021 | Navigating Evolving Risks

There is just one week to go until Regulatory Horizon 2021 | Navigating Evolving Risks, our free-to-attend European based conference for financial services firms is running from 2-4 March. We outline five reasons why this event is worth adding to your calendar.

ACA Appoints Anthony Bennett to Lead ACA Mirabella Sales and Client Development

Former global prime broker and industry consultant joins multi-award-winning regulatory hosting division

ACA Aponix Named Best Cyber Security Provider by The Drawdown's Private Equity Services Awards 2020

ACA Aponix selected as the winner of the Cybersecurity Technology Award by The DrawDown Private Equity Service Provider Awards.

Upcoming events

Compliance Induction - 9 March 2021

Senior management in Financial Services firms have a responsibility to ensure their employees have sufficient knowledge and understanding of the Regulatory environment they are working in. This knowledge helps in emphasising the need for compliance with policies and procedures in order to protect the firm and the individual from failing to “do the right thing”.

Online Training

FINRA Priorities and Hot Topics 2021

Join us Thursday, March 11 at 11:00 am EST for a live webcast on FINRA Priorities and Hot Topics to learn more about how the recently released priorities may impact you and your compliance program.

Webcast

Compliance Officer: The Roles and Responsibilities - 17 March 2021

The role of the Compliance Officer is a mandatory position in all firms in the Financial Services Industry. They play a major role in assisting Senior Management to ensure that appropriate and effective systems and controls are in place to achieve and maintain compliance with the applicable Rules. While the nature of the Compliance Function is likely to differ from one firm to another, this course provides an easy to follow breakdown of what the Regulator expects of a Compliance Officer and explains, in practical terms how the regulatory expectations and those of Senior Management can be achieved.

Online Training