When organisations grow rapidly, information security arrangements often fail to keep pace. Without a coherent approach, physical and information assets are exposed to risk and, ultimately, this represents a threat to the bottom line.
Having made a number of mergers and acquisitions, our client, a manufacturer with operations in Europe and Asia, recognized this scenario. So they asked us to undertake an enterprise-wide review of security capability, with an emphasis on moving from a reactive to a proactive security approach.
We began with risk assessment, identifying business assets, assessing the impact of any compromise to these and pinpointing the vulnerabilities and threats they might be exposed to. Next came an assessment of our client’s current security measures, including a gap analysis against the emerging international standard for cyber security, PAS555.
Working with the client’s security team, we developed a target security architecture, a cyber security strategy to achieve this and the roadmap of activities required. We then helped the client align their Information Security Management System to the ISO27001 standard, and helped select an appropriate, lightweight Governance, Risk and Compliance management tool, to provide on-going visibility of risk and allow management to track the target improvements.
Our client now has a structured approach to improving confidence in their security capabilities and countermeasures, helping them protect design IP, defend physical assets and achieve cost-effective insurance for their assets worldwide. All in all, a positive result for the bottom line.
If you need to develop a cyber security strategy for your business, speak to one of our experts or find out more about our cyber security capabilities.