01

Organization:   Confidential
Industry:   Global Banking
Size:   50+ Global DCs | 52,000+ employees
Environment:   Legacy, Mainframe, Hybrid Public and Private Cloud
Summary:
Unknown cyber risk within new virtualization and cloud environments (Ansible, AWS, GCP, Azure, Docker, VMware, etc.).  The current architecture review process was not capturing all gaps and providing a full picture of the security posture of these new environments.
  • Lack of monitoring of admin access, baselines, and advance hardening of environments.
  • Low maturity in modern administrative controls (i.e., policies, standards, procedures, etc.).
Actions:
Throughout 18 months, we led efforts to improve maturity and harden platforms and environments.  Hand-selected subject matter expertise to build project teams.  Manage task completion.  Assessed, analyzed risk, build business cases, and led meetings with Sr. Mgmt. to lobby for improvements.
  • 100% improvement in administrative controls; enhancing the ability to enforce enterprise security architecture best practices and ensure compliance with GDPR, SOX, SOC, HIPAA, PCI, and ISO.
  • 40% improvement in virtual environments security posture.
  • Performed assessments of 30+ financial services applications.
  • Discovered 75+ cyber risk findings.  Ensured risk owners were notified and mitigation action was completed.
SOCIAL MEDIA
  • LinkedIn
  • Twitter
Copyrights  2020 by CyberSEC Geek, Inc. All Rights reserved