|
IT Security Success Stories
Business Problem:
A high technology client expanded its product offerings to include security solutions but recent security incidents had the potential to damage the company brand
Challenges:
- Company experienced six security incidents in less than one year
- Existing security organization was inexperienced and had no long-term strategy for improvements
- Company was growing rapidly and information technology group was under considerable pressure to scale systems to support the business
Results:
- Security strategy enabled the company to achieve industry recognized certification for their security program
- This certified security program was perceived as a competitive advantage by customers and included in their sales and marketing programs
- Company was able to reduce security spending by 25%
Improvement Process:
- Completed comprehensive security assessment to identify key business risks and developed two-year security improvement roadmap
- Established Security Governance Board to oversee security program and manage security risks for the company
- Completed analysis of information security organization and designed cost effective staffing strategy
Business Problem:
A publically traded company had a serious security incident and was unable to close their books and report their quarterly results
Challenges:
- Disgruntled employee left company and had an in-depth knowledge of the company’s internal business systems
- Security controls were not in place to prevent former employee from accessing key financial systems and making them unavailable to finance staff
- Company was on tight deadline to file their quarterly earnings
Results:
- Company was able to close their books in time to meet their filing deadline for quarterly earnings
- Completed security improvement program and achieved satisfactory rating for their program in one year
- Company did not experience any further security incidents that affected their business operations
Improvement Process:
- Identified security vulnerabilities and prevented disgruntled employee from gaining access to company’s business systems
- Completed a comprehensive security assessment and developed a two-year strategy for improvements
- Assisted client on accelerated program to improve their security program
Business Problem:
Software company announced major strategy to focus on the information security market but shortly afterwards experienced embarrassing security incident
Challenges:
- Company had a limited number of security product offerings and their internal security program was supported by competitor’s products
- Information security staff were inexperienced and no formal information security program was in place
- Company was experiencing considerable growth and the IT group was under pressure to rapidly scale their systems
Results:
Company’s information security program became known as one of the best in the industry and perceived as such by prospective customers
Improvement Process:
- Established program to become first users of company’s products and discontinue use of competitor’s products
- Initiated multi-year approach to improving information security program
- Developed “Selling to the CIO” presentation for the sales organization and conducted training for sales and professional services organizations
Download the full overview of our Information Security program.
|
