CASE STUDY

Accelerating an Enterprise Cybersecurity Program
Download as PDF

Our client, a nationwide holding company of a family of subsidiaries in real estate investment, financial services, and development, needed to address an urgent need to augment its cybersecurity protection.

OUTCOMES:

  1. Accelerated program development by 2 years
  2. Installed Lean, Agile operating model
  3. Estimated cost savings of $5M.

 


The Situation.

Our client, a nationwide holding company of a family of subsidiaries in real estate investment, financial services, and development, needed to address an urgent need to augment its cybersecurity protection. The Chief Information Security Officer (CISO) approached us with a 5-year plan to build a robust security program comprised of a variety of security capabilities that, together, would appropriately address the company’s complex cybersecurity risk posture. Our team was asked to make it happen faster, better, and cheaper.


    How We Helped.

    Our approach was to deliver early results while keeping the long-range vision of sustainable operations in mind. To accomplish this, we did six things:

    1. We deployed a simple portfolio management process to keep immediate projects moving forward. This established early predictability as the team began delivering key results.

    2. Simultaneously, we guided the client through a process of mapping all existing and planned security services in the program to corresponding security standards and policies. This laid a foundation for service governance and clear guidance for each service’s maturity journey going forward.

    3. Next, we created a “security service playbook” which outlined all essential attributes of a service (service leadership, policies, standard operating procedures, growth goals and KPIs, etc). This created clarity around what was required to adequately launch each new security service.

    4. Then, we initiated a flow-based release management system by which all improvement ideas, initiatives, and projects could be scoped, prioritized, released, and validated before being published and shared. 

    5. In addition, we deployed a cloud-based virtual data warehouse and data ETL process to enable and streamline KPI reporting. This created visibility for security leaders to evaluate the security program’s ongoing progress and facilitated better, data-driven conversations with business unit leaders.

    6. Along the way, we trained security portfolio and service teams in how to manage leaner, more coherent, more iterative delivery practices, including  continuous improvement, service operations, knowledge sharing, and team meetings.


    Results.

    In all our efforts to accelerate our client’s security program, we embedded predictable, flexible, and scalable operational patterns around us that could be repeated and sustained by their teams in our absence. As always, we prepared all team members to be able to confidently manage improvements cycles on their own.

    By defining a clear strategic roadmap, aligning operational protocols with program objectives and addressing gaps in organizational capabilities, we helped our client build a security program comprised of 13 services. Our client gained a well-documented platform and staff training to effectively pursue its next security objectives without ongoing dependence on outside consultants. 

    Most importantly, we helped our client build the enterprise suite of cybersecurity capabilities they had sought in two years less than anticipated, equating to an estimated savings of over $5 million.

    Business Outcomes


    1) Accelerated program development by 2 years

    2) Installed Lean, Agile operating model

    3) Estimated cost savings of $5M+

    Is your company prepared to win?
    Learn More

    Edifiers Consulting

    We are a management consulting firm based in El Paso, Texas, with a talent network across San Diego, Denver, and Dallas. We help organizations deliver awesome projects, streamline valuable processes, and build stronger teams. We mobilize people, technology, and data to turn your business goals into real results.

    ©2020 Edifiers Consulting. All rights reserved.