The Core Challenge: An investment bank needed a better understanding of how security touches all branches of an IT department.
- Understanding the security posture to identify areas of improvement and therefore create a security strategy and program.
- Assessing the security team’s capabilities, organizational structure, and job descriptions as well as advising on related improvements.
- Participating in the revision of governance documentation, aligning policies, procedures, standards, and guidelines with the recommended security strategy.
- Security IT audits to make recommendations on streaming and consolidating facilitate management, administration, and tool operations.
SoHo was engaged because it knew how to review a company’s IT change-management process and the associated change advisory board. We also identified improvements needed to reduce risk and secure the enterprise. That also included improvements to the system build process to spin up new systems outside of the production network, ensuring that devices were fully patched and scanned prior to deployment.