Protiviti experts help telecom giant turn a
costly security flaw into a revenue operation
Security Operations Center –Tele...
©2014 Protiviti Inc. An Equal Opportunity Employer M/F/D/V. PRO-PKIC-0514-149
Protiviti is not licensed or registered as a...
Upcoming SlideShare
Loading in …5
×

Protiviti Helps Telecom Turn Security Flaw Into Revenue Opportunity

181 views

Published on

Our client, a major telecommunications operation, was experiencing security failures as a result of deficiencies in the security operations system levels. The company had invested in a security monitoring solution and had deployed it across the enterprise. However, the security information event management software (SIEM) that was supposed to alert the company to suspicious activity was not achieving the objectives originally set out. The software was experiencing reporting problems, causing a dangerous lack of visibility into the extent of security breaches and threats

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
181
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Protiviti Helps Telecom Turn Security Flaw Into Revenue Opportunity

  1. 1. Protiviti experts help telecom giant turn a costly security flaw into a revenue operation Security Operations Center –Telecommunications Client Challenge Our client, a major telecommunications operation, was experiencing security failures as a result of deficiencies in the security operations system levels. The company had invested in a security monitoring solution and had deployed it across the enterprise. However, the security information event management software (SIEM) that was supposed to alert the company to suspicious activity was not achieving the objectives originally set out. The software was experiencing reporting problems, causing a dangerous lack of visibility into the extent of security breaches and threats. POWERFUL INSIGHTS Protiviti was engaged originally for what our client believed to be a technical systems fix. However, through our analysis, we discovered a more fundamental business problem. The information technology (IT) breakdowns were caused by a silo-based system design that kept departments from communicating and coordinating security efforts. The software, originally designed for use with only one product line, created problems when enterprisewide demands were placed on it. Protiviti’s Security Services experts worked with our client to uncover the root cause of the problem, and implemented an appropriate and practical solution. We provided the following services: • Reviewed the organization’s scope of security monitoring activities, identified potential gaps, matched them with specific business risks, and quantified those risks to the extent possible. • Developed a technical solution redesign that incorporates forward-looking threat monitoring and tracks key risk indicators identified with the business functions. • Developed a holistic, enterprisewide security risk profile in consultation with our client’s chief information security officer, leading to more informed decision-making (investment decisions, business decisions informed by security risk profiles, etc.). • Developed and launched a Security Operations Center from which to manage security across the entire organization. Key consulting services in developing the Security Operations Center included: • Determining specific functions for the center and the scope of the security services it would offer, such as tracking regulatory requirements applicable to the enterprise and complying with logging and reporting requirements • Determining which enterprisewide compliance activities would be merged with the center’s operations and which would be coordinated with them • Developing business performance expectations for the center • Developing a communications matrix within the business to make sure each business silo communicates with the others • Helping the client determine the right tools and appropriate staffing for the center and assisting with establishing roles and responsibilities for the center’s leadership
  2. 2. ©2014 Protiviti Inc. An Equal Opportunity Employer M/F/D/V. PRO-PKIC-0514-149 Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services. Contacts Michael Walter +1.303.898.9145 michael.walter@protiviti.com Jonathan Wyatt +44.20.7024.7522 jonathan.wyatt@protiviti.co.uk About Protiviti Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit, and has served more than 40 percent of FORTUNE 1000® and FORTUNE Global 500® companies. Protiviti and its independently owned Member Firms serve clients through a network of more than 70 locations in over 20 countries. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index. PROVEN DELIVERY By addressing the original problem holistically, Protiviti was not only able to restructure our client’s approach to security monitoring through the development of the Security Operations Center, but helped the enterprise develop a new service line with the potential for significant new revenue. Our restructuring actions created an opportunity to turn what was essentially a cost center into a profit center, by giving our client the ability to leverage the people, processes and technology of the internal Security Operations Center to provide services to external customers. The client asked Protiviti to assist with this conversion, and was soon able to deliver IT security services, including threat intelligence and cyber monitoring, to its outside clients—primarily government and defense industry operations. What began as the client’s own internal monitoring infrastructure project became the foundation of a successful new product line. How We Help Companies Succeed There are as many different security threats as there are reasons for an organization to be targeted. A hacker’s motivation can be personal, political, criminal, or purely opportunistic. In order to respond to these potential threats, security professionals must change the way they deliver protective services. As senior executives face budgetary challenges, IT must deliver smarter security solutions, increased operational efficiencies and tangible value. Too many organizations rely on technology to deliver effective security monitoring capability. It is all too easy to buy into the vendor’s pitch that technology is the “silver bullet” that will solve all security problems. At Protiviti, we drive large security endeavors by focusing on people and processes aligned with business risk, as these are often the overlooked factors of a solution’s success or failure. We help clients understand where the critical interaction among technology, people and processes occurs, to help organizations map IT security to risk more effectively. We deliver the following services: • Security Operations Center (SOC) design and implementation • Technology optimization • SOC assurance (internal and third-party security services) John Rouffas +44.20.7930.8808 john.rouffas@protiviti.co.uk

×