Our client, a multi-billion dollar global manufacturer, recognized the growing threats of IT hacking, ransomware, identity theft, and other security issues. The client’s executive management had an outside consulting firm do an independent assessment of the security program’s maturity and level and set a target to improve this rating within a year. Our client developed a long-term plan to meet this goal and reached out to Orion Solutions to bring in an experienced security leader to drive the project forward.
Orion Solutions brought in a consultant with extensive experience in implementing global security programs, both from the policy and procedure standpoint and the actual automated tools used by top organizations. We reviewed the project and prioritized key areas, set up a reporting cadence with senior management, and implemented the strategic security vision.
The project resulted in many accomplishments such as structuring the security team, documenting current state, creating policies, procedures and work instructions, identifying strategic and tactical direction given the global threat landscape, assessing the existing environment for potential risks, performing gap analyses and recommending corrective actions, and working in conjunction with software development teams to ensure SDLC best practices relating to secure code. At the end of the year, a follow up assessment from the outside consulting firm indicated the maturity level of the client’s security program had moved higher than the targets set by the executive team.