Security Transformation Program

SELECTED PROJECTS

SECURITY TRANSFORMATION PROGRAM

Client

Trusted Client, Insurance industry


Categories

Security Transformation, IT Services


Completed

December 21, 2014


Project Budget

$4,750,000


Project length

12 months

Project Details

BACKGROUND


A global insurance company with a de-centralized organization operating in 160+ countries decided to centralize their IT operations and transform 32 active data centres into 6 new strategic data centres covering Europe (2), Asia Pacific (1) North America (2) and South America (1). 


Of the overall organization of 600+ resources, the Security Transformation Work Stream Program was seperated into 5 projects with in total 40 resources that together secured a successful and effective transformation phase of the organizations Global Corporate Cybersecurity Strategy according to its Governance and Compliance plan. 


Security Transition

& Transformation 

Do you need similar expert help?


Contact Fogel Consulting through the contact form to receive further information and possibility to present your own case and business needs.

CHALLENGE


The globally spread organization had grown over many years into one of the largest organization within the insurance industry. After many corporate migrations and acquisitions, they operated with different models of process operation manual, having a versitality in organizational objectives, ununified strategies and clear seperation in the corporate future vision of their role on the market. Driving a larger transformation program covering +160 countries first challenges are the culture differencies and, sometimes, language barriers causing the need for centralised operational and cybersecurity to ensure the whole organization could continue to work towardsa joint future state. 

SOLUTION


In order to ensure a globally successful Cybersecurity transformation, resources for the work stream was set up in all four (4) continents and launched in phases where Europe Started followed by North America, Asia Pacific and last South America covering all classic project phases from planning, initiating, design, implementation, handover and closure. Each continent run the same format of 5 projects:

   - Information Security Management System Stream

   - Data Centre Cybersecurity Migration Stream

   - Global Emergency Response Service Stream

   - Managed SIEM Solution 

  - Managed IDS/IPS Services Stream

  - Governance, Rsk & Compliance Stream


RESULT


The overall set of completed deliverables included: 

   - ISMS (Information Security management Systems Controls document with Client agreed values. 

   - 80 ISMS Technical Specifications with Client agreed value for installing new hardware, software and applications.           

   - Global and central managed Antivirus solution for 6 new Data Centres replacing 160+ Legacy Data Centre's.

   - Development and implementation of Client dedicated Compliance, Issue, Risk and APAR tracking system.

   - Client tailored Security procedures for managing; Identity and Access management, Incident management. 

   - Physical Access process for Client owned and managed DC’s.      

   - Design & develop; A Security Regulatory & Compliance framework, a Data privacy framework, and Audit Management

      framework, all implemented by Steady state.   

   - Global Emergency Response services.   

   - Managed security and event management services.

   - Managed host intrusion detection services.  

   - Security threat assessment of Clients legacy systems prior transformation to new built system server environmernt.