Cyber Security Strategy & Transformation, Operate Models & Processes
Problem Statement – one of the largest Global Healthcare / FMCG client organisations had a major Cyber Security Breach resulting in many hundreds-millions Financial Losses as well as damage to its global reputation. So, the ask was to develop a Cyber Security Strategy, and Selection & Implementation of Systems/Tooling to mitigate the future security Risks, meet strict compliance regulations & standards, as well as provide assurance to the Compliance Regulator that such security breaches cannot happen again.
This global Healthcare/FMCG Organisation engaged us to develop & implement its ‘Cyber Security Strategy’, and Planning & Execution. We conducted a full review of the Client’s business requirements, security operate model & processes, people skills & capabilities, application integration, infrastructure, and networks.
We identified opportunities for improvement, designed a programme of work to underpin the rollout & delivery, organisational structure, people skills & capabilities. We carefully conducted a comprehensive “Strategy Review & Audit” and made recommendations for improvements. Our Specific responsibilities & activities, included (this is just a short summary):
- Definition & execution of Cyber Security’ ‘Vision Strategy & Roadmap’, aligning technology with the client business needs.
- Conducted full review of Cyber Risk Exposure & Security & ICT Strategy, Processes, Systems/Tools and Systems Integration, and a full review of high-risk critical clinical applications, ERP, HR, Finance, and CRM systems.
- Effectively performed a 360-degree strategic reviews, presenting recommendations at up to CxO level, and setup the agreed programme for successes e.g. People, Processes, Systems/Tools.
- Lead the development of Commercial Proposal RFP/RFI, including identification/scoping of business/Technical requirements.
- Identified Ten (10) potential vendors and lead the Vendor/SI commercial appraisal, selection, and managed RFP/RFI processes.
- Coordinated/managed commercial RFP responses & pricing negotiations with (Ten) global Tier1 Vendors e.g. IBM, Microsoft, Oracle, Dell/One Identity, Infosys, CA, and others.
- Formally completed ‘due-diligence’ and presented 3-strategic shortlisted vendors/SI partners to the procurement team and the Governance Board for a final approval.
- Developed & presented a formal Business Case and Recommendations to the C-Level Executives/Board and gained Approvals.
- Recruited/developed a programme delivery teams for the execution / delivery / implementation of the Approved Roadmap & programme of work.
- Tracked multi-vendor delivery progress and reported at C-Level Exec Board and Executive Stakeholders.
Successfully developed ‘Cyber Security Strategy’ encompassing, Operating Model Design, Process Design, Technology & Vendor Selection, Solution Architecture & Design, and underpinning Security Policies & Standards designed to mitigate the future Risks as well as meet the Regulatory Compliance Audit requirements.