Trusted Client, Insurance industry
Security Transformation, IT Services
December 21, 2014
A global insurance company with a de-centralized organization operating in 160+ countries decided to centralize their IT operations and transform 32 active data centres into 6 new strategic data centres covering Europe (2), Asia Pacific (1) North America (2) and South America (1).
Of the overall organization of 600+ resources, the Security Transformation Work Stream Program was seperated into 5 projects with in total 40 resources that together secured a successful and effective transformation phase of the organizations Global Corporate Cybersecurity Strategy according to its Governance and Compliance plan.
The globally spread organization had grown over many years into one of the largest organization within the insurance industry. After many corporate migrations and acquisitions, they operated with different models of process operation manual, having a versitality in organizational objectives, ununified strategies and clear seperation in the corporate future vision of their role on the market. Driving a larger transformation program covering +160 countries first challenges are the culture differencies and, sometimes, language barriers causing the need for centralised operational and cybersecurity to ensure the whole organization could continue to work towardsa joint future state.
In order to ensure a globally successful Cybersecurity transformation, resources for the work stream was set up in all four (4) continents and launched in phases where Europe Started followed by North America, Asia Pacific and last South America covering all classic project phases from planning, initiating, design, implementation, handover and closure. Each continent run the same format of 5 projects:
- Information Security Management System Stream
- Data Centre Cybersecurity Migration Stream
- Global Emergency Response Service Stream
- Managed SIEM Solution
- Managed IDS/IPS Services Stream
- Governance, Rsk & Compliance Stream
The overall set of completed deliverables included:
- ISMS (Information Security management Systems Controls document with Client agreed values.
- 80 ISMS Technical Specifications with Client agreed value for installing new hardware, software and applications.
- Global and central managed Antivirus solution for 6 new Data Centres replacing 160+ Legacy Data Centre's.
- Development and implementation of Client dedicated Compliance, Issue, Risk and APAR tracking system.
- Client tailored Security procedures for managing; Identity and Access management, Incident management.
- Physical Access process for Client owned and managed DC’s.
- Design & develop; A Security Regulatory & Compliance framework, a Data privacy framework, and Audit Management
framework, all implemented by Steady state.
- Global Emergency Response services.
- Managed security and event management services.
- Managed host intrusion detection services.
- Security threat assessment of Clients legacy systems prior transformation to new built system server environmernt.
IT consulting service with support for development and maintenance in the form of consulting advice with focus on IT and Information Security and Risk Management. Support your adherence to Compliance (legal and regulatory requirements), and leading project implementation of management systems for control of IT and Information Systems (ISMS/LIS)
Get in Touch
© Copyright. All Rights Reserved