Fortune 500 Bank Consolidates Cyber Tools and Accelerates Digital Transformation


The Situation

 

Needing an outside perspective to consolidate tools and achieve digital transformation

 

The director of security infrastructure of a large U.S.-based financial institution was experiencing a digital transformation effort that was pushing the organization to migrate to the cloud, but the director’s many existing security tools (80) were getting in the way of necessary change. The newly promoted director needed to get a better understanding of the technology stack and how the tools were being used. This caused conflicts between internal teams and required significant resources. Facing an expected three-year project timeline, the director chose Optiv to perform this analysis.

 

 

The Solution

 

Tools rationalization assessment helps identify integrations, gaps and consolidation roadmap

 

The team of experts from Optiv designed an engagement focused around three key objectives:

  1. Identify which tools were best for the client’s security and strategy
  2. Minimize the complexity of the technology stack
  3. Work across teams to understand stakeholder requirements

 

The first step included a discovery workshop to learn about the existing security technology landscape, including how the bank used various tools compared to industry peers.

 

Next, these tools were mapped against the proven MITRE ATT&CK framework and Optiv’s security controls map. As a result, potential integrations, security gaps in control areas and both functional and technical areas for improvement were identified.

 

After, the director got a detailed security roadmap with improvements and tool consolidation recommendations. Optiv completed this project in five months instead of the estimated three years if implemented internally.

 

tech-consolidation-bank-f500-asset

Download a printable version of this case study

 

Download Case Study
   

Industry Served: Financial Services

What Client Purchased

  • Technology Consolidation and Rationalization with Subject Matter Expert Evaluation (Level 2)
     
  • Industry Framework Mapping (MITRE ATT&CK)
     
  • Security Technology Strategy Recommendations and Roadmap


Optiv's Actions

  • Mapped tools to Optiv’s controls map to determine Optiv and client subject matter experts (SMEs)
     
  • Performed discovery workshops with a focus on each control area with Optiv and client SMEs
     
  • Analyzed gathered information to build out potential integrations between tools, gaps in control areas and areas for improvement, both functional and technical
     
  • Developed a roadmap for consolidation and improvement of the control’s coverage with short-, mid- and long-term recommendations


Client Outcomes

  • The bank’s security controls were mapped and aligned to the MITRE ATT&CK framework, providing a quick assessment of security risk
     
  • Key deliverables included a prioritized security roadmap with short- and long-term projects aligned to benefits, risks and security outcomes
     
  • The client benefited from external unbiased advice and feedback from a security provider experienced in high-stakes client environments
     
  • The project was completed in five months, as opposed to an estimated three years if implemented internally

How can we help you secure greatness?

 

Optiv can advise on, deploy and operate end-to-end cybersecurity programs aligned to your business goals. As the cyber advisory and solutions leader, we serve nearly 6,000 companies across every major industry. Our certified experts can help you gain the agility, security, scale and control you need to stay ahead of the competition.