Industry: Global Banking
Size: 50+ Global DCs | 52,000+ employees
Environment: Legacy, Mainframe, Hybrid Public and Private Cloud
Unknown cyber risk within new virtualization and cloud environments (Ansible, AWS, GCP, Azure, Docker, VMware, etc.). The current architecture review process was not capturing all gaps and providing a full picture of the security posture of these new environments.
Lack of monitoring of admin access, baselines, and advance hardening of environments.
Low maturity in modern administrative controls (i.e., policies, standards, procedures, etc.).
Throughout 18 months, we led efforts to improve maturity and harden platforms and environments. Hand-selected subject matter expertise to build project teams. Manage task completion. Assessed, analyzed risk, build business cases, and led meetings with Sr. Mgmt. to lobby for improvements.
100% improvement in administrative controls; enhancing the ability to enforce enterprise security architecture best practices and ensure compliance with GDPR, SOX, SOC, HIPAA, PCI, and ISO.
40% improvement in virtual environments security posture.
Performed assessments of 30+ financial services applications.
Discovered 75+ cyber risk findings. Ensured risk owners were notified and mitigation action was completed.