Back To Case Studies
Case Study
Cyber Risk & Data Protection Assessment of a Cloud-Based Financial Management Platform
Blackwood conducted an independent cyber risk and data protection review to evaluate the platform's handling of financial information, document-management workflows, user-access practices, and information-sharing functionality.
The assessment focused on how platform features, user behavior, and operational workflows could contribute to unauthorized access, information exposure, excessive permissions, loss of data integrity, or reduced user trust.
Security observations were evaluated against generally accepted cybersecurity principles reflected in:
NIST Cybersecurity Framework (CSF)
CIS Critical Security Controls
ISO 27001 Information Security Management Practices
The assessment identified identity security as the platform's primary risk concentration due to the aggregation of sensitive financial information under a single authentication boundary.
Additional opportunities were identified to strengthen:
Access governance
Shared-access management
Audit visibility
Account-recovery controls
Financial-record protection
User security awareness
No critical control deficiencies were identified during the assessment. However, enhancements to authentication, access governance, monitoring, and recovery processes would further reduce risk exposure and strengthen long-term user confidence.
Overall Security Maturity Assessment: Developing
Client Overview
The client operates a cloud-based financial management platform that enables individuals, families, and small businesses to organize, store, analyze, and share financial information through a centralized application.
Core platform capabilities include:
Personal financial management
Household financial tracking
Small business bookkeeping support
Receipt and financial-document storage
Financial reporting and analytics
Collaboration with accountants, advisors, family members, and other authorized users
Management of multiple financial profiles within a single account environment
Because the platform consolidates financial information from multiple contexts into a single environment, users rely on the platform to maintain the confidentiality, integrity, and availability of sensitive financial records. This creates a concentration-of-value risk whereby a single account may provide access to personal, household, and business information simultaneously.
Assessment Scope & Methodology
Assessment Activities
The review included:
Functional assessment of platform capabilities
User-workflow analysis
Access-control review
Information-sharing assessment
Data-flow analysis
Threat-scenario modeling
Security-control mapping against industry best practices
Risk assessment using qualitative likelihood and impact analysis
Out of Scope
The engagement did not include:
Penetration testing
Vulnerability scanning
Source-code review
Cloud-configuration assessment
Infrastructure assessment
Formal compliance auditing
Assessment Objective
The objective of the engagement was to identify realistic cyber risks arising from platform functionality, user behavior, and operational workflows while evaluating the effectiveness of existing controls and residual risk exposure.
Information Asset Classification
The platform stores and processes multiple categories of information with varying levels of sensitivity.
Information Type | Sensitivity Level | Business Impact if Exposed |
User profile information | Moderate | Privacy concerns |
Financial account data | High | Financial fraud and privacy impact |
Receipts and invoices | High | Disclosure of financial activity |
Tax-related documentation | High | Identity theft and fraud risk |
Business financial records | High | Operational and reputational impact |
Financial reports and analytics | High | Strategic and financial exposure |
Sharing and collaboration records | Moderate | Unauthorized information disclosure |
The presence of multiple high-sensitivity information categories increases the potential impact of account compromise.
Observed Security Controls
The following positive controls and security characteristics were identified during the review:
Control Area | Observation |
Authentication | User authentication required for account access |
Profile Segmentation | Personal, household, and business profiles logically separated |
Information Sharing | Users maintain direct control over sharing relationships |
Centralized Data Management | Financial information maintained in a centralized environment |
Reporting Visibility | Users can review financial activity and reporting information |
Cloud Architecture | Centralized cloud-hosted infrastructure supports consistent management |
These controls provide a foundation for continued security maturity improvements.
Control Maturity Assessment
Control Domain | Current State | Desired State |
Authentication Security | Password-based authentication with optional enhancements | Broad MFA adoption and adaptive authentication |
Access Governance | User-managed permissions | Automated governance and periodic reviews |
Information Sharing | Manual sharing management | Role-based and time-limited access controls |
Audit Visibility | Limited access visibility | Comprehensive audit reporting |
Account Recovery | Email-based recovery dependency | Multi-factor identity verification |
Data Integrity Controls | Standard record management | Version history and recovery capabilities |
Overall Maturity Rating: Developing
Risk Rating Methodology
Risk ratings were determined using qualitative analysis based on:
Threat likelihood
Potential business impact
Sensitivity of affected information
User behavior patterns
Existing control effectiveness
Residual risk after existing controls
Likelihood Scale
Rating | Definition |
Low | Uncommon attack path requiring significant effort |
Medium | Plausible attack path observed in industry environments |
High | Common attack path frequently observed in cyber incidents |
Impact Scale
Rating | Definition |
Low | Limited operational or privacy impact |
Medium | Noticeable operational, financial, or privacy impact |
High | Significant financial, operational, legal, or reputational impact |
Risk Matrix
Likelihood | Impact | Overall Risk |
High | High | High |
Medium | High | Medium-High |
Medium | Medium | Medium |
Low | High | Medium |
Low | Medium | Low |
Risk Register
ID | Risk Area | Description | Priority |
R-01 | Identity Security | Account takeover exposing multiple financial profiles | High |
R-02 | Financial Records | Unauthorized access, modification, or deletion of records | Medium-High |
R-03 | Shared Access Governance | Excessive permissions remaining active beyond business need | Medium |
R-04 | Audit Visibility | Limited visibility into access and sharing activity | Medium |
R-05 | Account Recovery | Email compromise facilitating unauthorized account access | Medium |
R-06 | User Trust | Security incidents reducing user confidence | Medium |
Threat Actor Assessment
The assessment considered the following threat actors:
Credential theft and phishing actors
Financial fraud actors
Credential-stuffing attackers
Opportunistic cybercriminals
Social engineering actors
Former authorized users
Disgruntled collaborators
Unauthorized recipients of shared information
These actors were selected based on common attack patterns observed against financial and SaaS platforms.
Detailed Findings
Finding 1: Identity Security Represents the Primary Risk Concentration
Observation
The platform enables users to consolidate personal, household, and business financial information within a single account.
A successful account compromise may therefore expose multiple categories of sensitive information simultaneously.
Existing Controls
Password-based authentication
User account management controls
Logical profile separation
Threat Scenario
A user reuses a password previously exposed in a third-party data breach.
An attacker performs credential-stuffing attacks against the platform.
Authentication succeeds.
The attacker gains access to personal, household, and business profiles.
Financial documents and reports are downloaded or exported.
Residual Risk
Existing authentication controls may not fully prevent credential theft, password reuse, or phishing-based compromise.
Risk
Unauthorized account access resulting from credential theft, phishing, password reuse, or social engineering.
Impact
Potential exposure of:
Personal financial records
Household financial information
Business financial records
Tax-related documents
Historical financial reporting
A single compromised account could expose multiple financial environments simultaneously.
Risk Rating
Likelihood: High
Impact: High
Overall Rating: High
Recommendations
Increase MFA adoption
Consider mandatory MFA for high-risk activities
Implement suspicious-login monitoring
Review authentication controls regularly
Strengthen account-recovery verification procedures
Finding 2: Financial Records Represent Critical Information Assets
Observation
The platform stores financial documents that users rely upon for budgeting, bookkeeping, tax preparation, and business operations.
Existing Controls
Centralized document management
User-controlled access permissions
Threat Scenario
An attacker gains access to a user account.
Financial records are modified or deleted.
Users unknowingly rely on inaccurate records.
Reporting and operational decisions are affected.
Residual Risk
Existing controls may not fully protect against unauthorized modification or deletion following account compromise.
Risk
Unauthorized access, modification, or deletion of financial records.
Impact
Potential consequences include:
Exposure of sensitive information
Corrupted reporting data
Business disruption
Increased recovery effort
Reduced confidence in records
Risk Rating
Likelihood: Medium
Impact: High
Overall Rating: Medium-High
Recommendations
Implement document version history
Improve recovery capabilities
Expand audit visibility
Monitor critical record modifications
Review access permissions regularly
Finding 3: Shared Access Introduces Governance Risk
Observation
Users may share financial information with external parties including accountants, advisors, and family members.
No automated review or expiration controls were observed.
Existing Controls
User-managed sharing permissions
Direct control over collaboration relationships
Threat Scenario
A contractor receives temporary access.
The engagement ends.
Access permissions remain active.
Sensitive information continues to be accessible.
Residual Risk
Manual permission management increases the risk of permission creep.
Risk
Access may remain active beyond legitimate business need.
Impact
Former collaborators may retain access to sensitive information.
Risk Rating
Likelihood: Medium
Impact: Medium
Overall Rating: Medium
Recommendations
Introduce permission expiration controls
Implement access review reminders
Support role-based access controls
Offer read-only sharing options
Improve sharing visibility
Finding 4: Audit Visibility and Monitoring Opportunities Exist
Observation
Limited visibility exists into historical access activity and sharing events.
Existing Controls
User reporting capabilities
Standard account-management visibility
Threat Scenario
An external collaborator retains access longer than intended.
Access continues for several months.
No review occurs.
Users remain unaware of ongoing exposure.
Residual Risk
Limited monitoring may delay identification of unauthorized activity.
Risk
Potential misuse may remain undetected.
Impact
Extended exposure periods may increase overall risk.
Risk Rating
Likelihood: Medium
Impact: Medium
Overall Rating: Medium
Recommendations
Expand audit logging
Provide access-history reports
Notify users of significant events
Highlight active sharing relationships
Conduct periodic access reviews
Finding 5: Account Recovery Creates a Secondary Security Dependency
Observation
Account recovery appears dependent upon user email accounts.
Existing Controls
Email-based recovery verification
Threat Scenario
A user's email account is compromised through phishing.
Password-reset requests are initiated.
Recovery messages are intercepted.
Platform access is obtained without attacking platform controls directly.
Residual Risk
Compromise of external email accounts may bypass platform protections.
Risk
Unauthorized access through abuse of recovery mechanisms.
Impact
Attackers may gain access without compromising existing platform credentials.
Risk Rating
Likelihood: Medium
Impact: Medium
Overall Rating: Medium
Recommendations
Introduce additional identity verification
Require MFA during recovery processes
Encourage email-account security
Review recovery workflows regularly
Finding 6: User Trust Depends on Visible Security Practices
Observation
User trust is critical because the platform stores increasingly sensitive financial information over time.
Existing Controls
Centralized information management
User-controlled sharing functionality
Threat Scenario
A security incident affects a small number of users.
Public discussion increases concern among existing users.
New user adoption declines.
Support costs increase.
Residual Risk
Perceived security weaknesses may affect platform growth even when direct impact is limited.
Risk
Reduced confidence following security incidents.
Impact
Potential consequences include:
User attrition
Reduced platform adoption
Reputational harm
Increased support demand
Risk Rating
Likelihood: Medium
Impact: Medium
Overall Rating: Medium
Recommendations
Improve transparency regarding security practices
Strengthen visible security controls
Expand user education efforts
Continue investing in governance and monitoring
Prioritized Security Roadmap
Immediate Priorities (0–3 Months)
Increase MFA adoption
Strengthen account-recovery verification
Review protection of financial records
Improve user phishing awareness
Evaluate suspicious-login monitoring
Medium-Term Priorities (3–6 Months)
Implement access-review workflows
Introduce permission-expiration controls
Improve sharing visibility
Expand role-based permissions
Introduce read-only collaboration models
Long-Term Priorities (6–12 Months)
Expand audit logging capabilities
Implement access-history reporting
Improve monitoring visibility
Mature governance processes
Enhance data-integrity controls
Continue strengthening user-trust initiatives
Client Perspective
Following completion of the engagement, the client noted that one of the most valuable aspects of the review was the focus on how security risks emerge through everyday platform usage rather than through technology alone.
The assessment helped identify several areas for future improvement, including management of shared access, oversight of user permissions, recovery processes, and visibility into ongoing access to sensitive financial information. It also provided independent validation that existing platform controls were aligned with the organization's security objectives.
According to the client, the recommendations were practical, actionable, and directly relevant to operating and scaling a financial software platform. The review helped connect cybersecurity considerations to broader business priorities, including user confidence, operational resilience, and long-term growth planning.
Conclusion
The assessment identified identity security, financial-record protection, access governance, audit visibility, and account recovery as the most significant areas of cyber risk within the platform.
The platform demonstrates foundational security capabilities and no critical deficiencies were identified. However, the concentration of sensitive financial information within a single account environment increases the importance of strong authentication, effective governance, comprehensive monitoring, and resilient recovery processes.
Implementation of the recommendations outlined within this report would reduce exposure to account compromise, excessive permissions, unauthorized information access, and trust-related security concerns while supporting long-term platform growth and user confidence.
Engagement Summary
Engagement Type:
Cyber Risk & Data Protection Review
Primary Focus Areas:
Identity Security
Access Governance
Data Protection
Information-Sharing Controls
Threat Modeling
Security Governance
Operational Security Controls
Risk Management
User Trust & Confidence