Financial Services
Strengthening financial institutions with ISO‑aligned InfoSec controls, audits, and managed security services.
Request a Consultation
Cyber Labs supported financial sector organizations in Sri Lanka by delivering Vulnerability Assessment and Penetration Testing (VAPT) and Virtual Chief Information Security Officer (vCISO) services. For Dialog Finance PLC, Cyber Labs conducted VAPT aligned with OWASP Top 10 and SANS 25 standards while strengthening governance, risk management, and technical controls. In parallel, Cyber Labs provided vCISO services to another financial institution, offering strategic cybersecurity leadership, policy alignment, VAPT coordination, and board-level reporting in line with CBSL requirements.
Our Work in This Industry
Information Security Consultative Engagement – Dialog Finance PLC
Sri Lanka
Comprehensive InfoSec review and managed services for a leading financial institution in Sri Lanka.
- Policy and procedure reviews (InfoSec, classification, acceptable use, incident management, BCP)
- Patch management process design and implementation
- Firewall rules and configuration reviews
- Vulnerability Assessment & Penetration Testing (VA/PT) aligned with OWASP Top 10 and SANS 25
- Incident management framework development and testing
- Vendor management and third‑party risk reviews
- Periodic user access and privileged account reviews
- SOC roadmap development and monitoring support
- Awareness sessions and phishing simulations for staff
ISO / Compliance Standards:
ISO/IEC 27001:2013 ISO 22301, CBSL Guidelines NIST Baseline Security StandardsvCISO Services for Financial Institution
Sri Lanka
Strategic cybersecurity leadership and compliance alignment under CBSL guidelines.
- Acting as the organization’s security head and board‑level advisor
- Developing and managing information security strategies, governance, and ISMS
- Driving cyber risk management strategy and reporting to senior committees
- Coordinating vulnerability assessments, penetration testing, audits, and compliance readiness
- Running security awareness programs and internal training sessions
- Providing ongoing advisory on incident handling, remediation, and process improvement
- Utilizing dashboards and toolkits for real‑time oversight
- Technical advisory support for incident investigations, policy fine‑tuning, and resource guidance
ISO / Compliance Standards:
ISO 27001:2022 ISO 22301 GDPR (where applicable) CBSL regulatory alignmentSecure Your Industry
Let’s build a safer, smarter future together. Partner with us to strengthen your cybersecurity posture.
Request a Consultation